Ever since the public revelation of global surveillance and the exploits targeting the mobile communication backend, the general awareness of security and privacy in telecommunication industry has increased. Misusing the technical features of mobile core network technology – specifically the Signaling System 7 (SS7) – has disclosed numerous ways to locate, track and manipulate the routine cellular activities of cellphone users. In fact, the SMS-based key recovery mechanism becoming vulnerable because of the SS7 vulnerabilities.
Many mobile network operators rush to upgrade their networks to 4G/LTE from 2G and 3G, not only to improve the service, but also the security. With relatively more security and privacy features, Diameter protocol – the successor of SS7 in Long Term Evolution (LTE) networks are believed to guarantee more protection to the network itself and to the end-users. However, Diameter inherits many functionalities and traits of the SS7 network. Therefore, some attacks are also possible there e.g. location tracking in LTE by abusing the Diameter-based interconnection.
Bhanu Kotte (Bell Labs Nokia), Silke Holtmanns (Bell Labs Nokia), Siddhart Rao (Aalto University): Detach Me Not – DoS Attacks Against 4G Cellular Users Worldwide from your Desk
Presented at Black Hat Europe 2016