| Technical Name | Security vulnerability detection for VoWi-Fi call system in 4G/5G networks | ||
|---|---|---|---|
| Project Operator | 資通安全與研究教學中心 | ||
| Project Host | 謝續平 | ||
| Summary | We discover two vulnerabilities of the VoWi-Fi service, and develop a detection system against them. First, the adversary can hijack its signaling session and exploit it to launch DoS attacks or generate ghost calls. Second, the adversary can hijack its voice call session, and hide data in voice messages to usurp network resource. We have confirmed both vulnerabilities in operational cellular networks. |
||
| Scientific Breakthrough | We are the first group that discovers security vulnerabilities of the IMS system by hijacking VoWi-Fi sessions, and develops their detection system. We uncover two critical vulnerabilities from the highly protected IMS system. They can be exploited to launch DoS attacks, generate ghost calls, and usurp network resource. We have validated that they are common security issues worldwide. |
||
| Industrial Applicability | Our achievement focuses on common security threats in 4G/5G networks worldwide. It can benefit carriers and network/phone vendors. The security threats are rooted in the flaws of their products that support VoWi-Fi service and IMS system. Our detection system can help carriers and vendors detect those vulnerabilities, and our experience can assist them in fixing the security issues without suffering huge monetary loss. |
||
| Keyword | Cellular network VoWi-Fi VoLTE IP multimedia subsystem network security 4G network 5G network cellular voice cellular network security network detection system | ||
- shanhsinlee@gmail.com
other people also saw