Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Learning from the past: Systematization for Attacks and Countermeasures on Mobile Networks.

55 views

Published on

This presentation discussed Learning from the past: Systematization for Attacks and Countermeasures on Mobile Networks. The presentation was given at ITU Workshop on 5G Security in Geneva, Switzerland, on 19 March 2018. Find more information about this workshop here: https://www.itu.int/en/ITU-T/Workshops-and-Seminars/20180319/Pages/programme.aspx

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Learning from the past: Systematization for Attacks and Countermeasures on Mobile Networks.

  1. 1. Learning from the Past: Systematization for Attacks and Countermeasures on Mobile Networks Workshop on 5G Security, 19 March, ITU HQ, Geneva David Rupprecht david.rupprecht@rub.de
  2. 2. What is the future of mobile network and 5G security research?
  3. 3. Joint examination carves directions for Future Research!
  4. 4. “On Security Research Towards Future Mobile Network Generations” IEEE Communications Surveys and Tutorials 2018
  5. 5. Root Causes 9
  6. 6. Root Causes for Attacks 10 Specification Issue Implementation Issue Wireless Channel Protocol Context Discrepancy
  7. 7. Root Causes for Attacks 11 Specification Issue Implementation Issue Wireless Channel Protocol Context Discrepancy
  8. 8. Root Causes for Attacks 12 Specification Issue Implementation Issue Wireless Channel Protocol Context Discrepancy Unsecured Pre-Authentication Traffic …. Weak Cryptography
  9. 9. Root Causes for Attacks 13 Specification Issue Implementation Issue Wireless Channel Protocol Context Discrepancy Unsecured Pre-Authentication Traffic …. Weak Cryptography
  10. 10. Unsecured Pre-authentication Traffic • The phone cannot verify the network before authentication and key agreement 14 Authentication and Key Agreement
  11. 11. Unsecured Pre-authentication Traffic • Possible Attacks: • Downgrade Attacks • IMSI/TMSI Request Attack • Paging Attack • IMSI Paging Attack • Measurement Report Attack 15
  12. 12. Unsecured Pre-authentication Traffic • Possible Attacks: • Downgrade Attacks • IMSI/TMSI Request Attack • Paging Attack • IMSI Paging Attack • Measurement Report Attack 16 Loss of Privacy and Confidentiality
  13. 13. Take Home Messages 17 Different kind research areas in mobile network security Specification Issues harm the security of a mobile generation Attacks help to secure future generations
  14. 14. Conclusion 18 https://arxiv.org/abs/1710.08932

×