CableLabs eyes mobile security challenges

Nov. 18, 2019
False Base Station (FBS) has posed a security threat to all generations of mobile networks since 2G. Certain aspects of 5G help mitigate the risks, but in 5G release 16, 3GPP SA3 is studying ...

False Base Station (FBS) has posed a security threat to all generations of mobile networks since 2G. Certain aspects of 5G help mitigate the risks, but in 5G release 16, 3GPP SA3 is studying FBS again and looking for a more complete solution, according to a recent CableLabs blog post. However, consensus has not been reached.

"It is hard to predict when the companies which object to the (proposed) solutions will change their position," said Tao Wan, principal architect, Security, CableLabs.

For those not familiar, FBS, and likewise Rogue Base Station (RBS), International Mobile Subscriber Identifier (IMSI) Catcher or Stingray, refers to a combination of hardware and software that allows for both active and passive attacks over radio access networks (RANs) by exploiting security weaknesses in mobile networks. Namely, base stations broadcast information about the network so that mobile devices can select an appropriate cell and connect. These messages are not protected because of a variety of challenges. The FBS broadcasts the same network identifier using a stronger signal so that it succeeds in luring the user away. (The signal has to be at least 30 dB stronger; those 40 dB stronger have a 100% success rate.) A passive attack involves listening but not interfering with the communication; the end result could be identity theft or location tracking. An active attack is a man-in-the-middle or a man-on-the-side setup where a signal is injected.

3GPP has studied the mitigation of FBS-type attacks, but there have been constraints including difficulty in both the deployment of cryptographic key management and timing synchronization. 5G Release 15 specifies network side detection which reduces the risk but does not fully prevent FBS. 5G Release 15 also offers public key encryption of subscriber permanent identifier, which makes it more difficult for the FBS to get hold of this information.

CableLabs' view is that lack of integrity protection of broadcasting messages is the primary reason FBS can occur, and therefore the solution should include protecting broadcasting messages with integrity via public key based digital signatures, for example. However, Wan said that there is not one solution to fit all, since there are hundreds of mobile operators worldwide and more to come. Therefore, there should be multiple solutions supported so that operators can make the best choice for them.

The digital-signature based solutions face challenges with key management, computational overhead, and time synchronization between devices. The solutions that are not related to digital signatures leverage the existing security contexts shared between devices and the network when the devices are in the state to verify broadcast message integrity.

"The challenge with those solutions is that they can only mitigate certain threats," Wan said.

Users are often not aware that the attack is occurring, but sometimes there are ways to detect it. For example, if the service generation icon switches from 4G or LTE to 2G, that could be a sign, Wan said. Users should also be aware of fraudulent text messages send out by FBS; certain mobile apps are available to help determine which messages are frauds.

"We look forward to agreement from 3GPP SA3 on a long-term solution that can fundamentally solve the problem of FBS in 5G," Wan said.        

About the Author

BTR Staff

EDITORIAL
STEPHEN HARDY
Editorial Director and Associate Publisher
[email protected]
MATT VINCENT
Senior Editor
[email protected]
SALES
KRISTINE COLLINS
Business Solutions Manager
(312) 350-0452
[email protected]
JEAN LAUTER
Business Solutions Manager
(516) 695-3899
[email protected]

Sponsored Recommendations

On Topic: Optical Players Race to Stay Pace With the AI Revolution

Sept. 18, 2024
The optical industry is moving fast with new approaches to satisfying the ever-growing demand from hyperscalers, which are balancing growing bandwidth demands with power efficiency...

Advancing Data Center Interconnection

July 25, 2024
Data Center Interconnect (DCI) solutions provide physical or virtual network connections between remote data center locations. Connecting geographically dispersed data centers...

ON TOPIC: Cable’s Fiber to the X Play

Aug. 28, 2024
Cable operators are strategically deploying fiber-to-the-home (FTTH) networks in Greenfield markets and Brownfield markets where existing cable plant has reached its end of life...

Today, Tomorrow, and in The Future: The Status of AI/ML in Fiber-Optic Communications

Sept. 25, 2024
Struggling to balance customer demand with the challenges of network upgrades, rollout of new products and services, and guaranteeing service level agreements (SLAs)? Discover...