A new report suggests flaws in 4G LTE networks could allow attackers to fabricate messages from devices or impersonate their locations.
Researchers from Purdue University and the University of Iowa detailed 10 new potential attacks and nine previously known vulnerabilities in a paper released this week.
Computer scientists used a tool known as the “LTEInspector” — which combines a symbolic model checker and a protocol verifier — to identify the issues, then validated eight of the 10 new problems with experiments in a real testbed.
The attacks could occur within the attach, detach and paging procedures of the 4G LTE protocol, which allow users to connect and disconnect from networks and receive calls and messages.
“Our tool is the first one that provides a systematic analysis for these three particular procedures in 4G LTE networks,” Purdue graduate student Syed Hussain said in a statement.
In one scenario, hackers could conduct an authentication relay attack to connect to core networks, without the necessary credentials, then establish a false location of a device.
In another, attackers could use information about a user’s location to perform a denial of service attack — hijacking the device’s paging channel to stop notifications or fabricate messages.
Other flaws could allow hackers to disconnect devices from the core network, force devices to perform actions that drain the battery or send fake emergency messages to many other devices.
In addition, researchers suggested that a “major overhaul of the entire system” could be needed to address the problems completely.
“Device manufacturers and cell phone networks will both need to work to fix these problems,” Hussain said.