Detecting IMSI-Catchers by Characterizing Identity Exposing Messages in Cellular Traffic
METADATA ONLY
Loading...
Author / Producer
Date
2025-02
Publication Type
Conference Paper
ETH Bibliography
yes
Citations
Altmetric
METADATA ONLY
Data
Rights / License
Abstract
IMSI-Catchers allow parties other than cellular network providers to covertly track mobile device users. While the research community has developed many tools to combat this problem, current solutions focus on correlated behavior and are therefore subject to substantial false classifications. In this paper, we present a standards-driven methodology that focuses on the messages an IMSI-Catcher textit{must} use to cause mobile devices to provide their permanent identifiers. That is, our approach focuses on causal attributes rather than correlated ones. We systematically analyze message flows that would lead to IMSI exposure (most of which have not been previously considered in the research community), and identify 53 messages an IMSI-Catcher can use for its attack. We then perform a measurement study on two continents to characterize the ratio in which connections use these messages in normal operations. We use these benchmarks to compare against open-source IMSI-Catcher implementations and then observe anomalous behavior at a large-scale event with significant media attention. Our analysis strongly implies the presence of an IMSI-Catcher at said public event ($p << 0.005$), thus representing the first publication to provide evidence of the statistical significance of its findings.
Permanent link
Publication status
published
External links
Editor
Book title
Network and Distributed System Security (NDSS) Symposium 2025
Journal / series
Volume
Pages / Article No.
1115
Publisher
Internet Society
Event
32nd Network and Distributed System Security Symposium (NDSS 2025)
Edition / version
Methods
Software
Geographic location
Date collected
Date created
Subject
Organisational unit
03755 - Capkun, Srdan / Capkun, Srdan
Notes
Conference lecture held on February 25, 2025.