Mobile network technologies require some degree of tracking of user location,
specifically user equipment tracking, as part of their fundamental mechanism of working.
Without this basic function, features such as hand-over between cells would not work. Since
mobile devices are typically associated with a single person, this provides a potential mechanism for user location surveillance. Network operators are bound by strict privacy legislation.
However, spying by certain agencies, hackers and even advertisers without the users’ or
operators’ knowledge has become a serious issue. In this article, we introduce and explain all
known recent attacks on mobile networks that compromised user privacy. We focus on attacks
using the Signalling System 7 (SS7) protocol as the interconnection interface between operators
mainly in GSM networks. In addition, we outline a novel evolution of location tracking for LTE
networks. One reason these attacks are not widely published or known by the general public
is due to the complex and arcane nature of the networks and their protocols. Mobile network
interfaces are ‘hidden’ from users, and therefore the general public’s interest in such attacks is
much lower compared to other phone vulnerabilities. The purpose of the paper is to raise awareness about the current location tracking problem in cellular networks, the existing countermeasures and to encourage further research in the area or 5G networks.
Siddharth Prakash Rao (Aalto University), Silke Holtmanns (Bell Labs, Nokia), Ian Olivier (Bell Labs, Nokia), Tuomas Aura (Aalto University): We Know Where You Are! – Utilising Telecom Core Network for User Tracking
Presented at the 8th International Conference on Cyber Conflict, 2016, Tallinn