Demystifying the Presence of Cellular Network Attacks and Misbehaviors

Cellular networks nowadays are not only responsible for powering up worldwide communication systems, but also enable highly sensitive applications, such as the earthquake and tsunami warning system (ETWS), telemedicine, and autonomous vehicle communication. Due to its importance, one would expect this technology to be highly robust, secure, and reliable. However, even in the newest generations (i.e., 5G), this is not the case. Due to either implementation slipups [6, 11], errors in the standard [3, 5], or misconfigurations [2]. These errors enable numerous destructive attacks, enabling malicious parties to track a victim's location, disrupt cellular services, and eavesdrop on calls, among other implications. To make matters worse, developing defenses against these types of attacks is a non-trivial task as it requires network operator cooperation. Most importantly it requires a significant amount of resources to be allocated by network operators and device manufacturers [2]. To justify allocating resources to fix these issues, network operators need to quantify the misbehaviors and attacks being carried out in the wild. Unfortunately, there is no mechanism in place to perform this type of measurement. Furthermore, there is no empirical evidence of cellular network attacks occurring in the wild, which digresses the community from focusing on developing defenses. Instead, the defense community has to rely vastly on anecdotal evidence to motivate their work, such as the presence of rogue base stations near government facilities [8]. To provide the required empirical evidence and quantify the misbehaviors and attacks, we present HoneyLTE. HoneyLTE is the first tool that efficiently measures cellular network attacks and misbehaviors in the wild.