Beyond PS-LTE: Security Model Design Framework for PPDR Operational Environment

<table class="table-group" id="tab2"><tr><td><table class="table"><tr><td class="thead-hr" colspan="4"><hr/></td></tr><tr class="thead"><td class="align_left"> </td><td class="align_center">LTEInspector [<a href="/journals/scn/2020/8869418/#B5" target="_blank">5</a>]</td><td class="align_center">LTE layer 2 vul. [<a href="/journals/scn/2020/8869418/#B6" target="_blank">6</a>]</td><td class="align_center">LTEFuzz [<a href="/journals/scn/2020/8869418/#B7" target="_blank">7</a>]</td></tr><tr><td class="thead-hr" colspan="4"><hr/></td></tr><tr><td class="align_left">Analysis target protocol</td><td class="align_center">NAS (attach, paging, detach)</td><td class="align_center">MAC and PDCP</td><td class="align_center">RRC and NAS</td></tr><tr><td class="align_left">Approach</td><td class="align_center">Model-based adversarial approach</td><td class="align_center">Manual analysis</td><td class="align_center">Semi-automatic fuzzing</td></tr><tr><td class="align_left" rowspan="2">Prerequisite</td><td class="align_center">Adversarial model construction</td><td class="align_center">[Fingerprinting attack] websites metadata acquisition</td><td class="align_center">Building pack DB for fuzzing</td></tr><tr><td class="align_center">Security property definition</td><td class="align_center">[aLTEr attack] deleting victim’s DNS and http cache</td><td class="align_center">Targeting TMSI acquisition</td></tr><tr><td class="align_left" rowspan="3">Cons</td><td class="align_center" rowspan="3">Manually prepare the prerequisites</td><td class="align_center">Proposing the results in experimental environment</td><td class="align_center">No protocol interaction for fuzzing</td></tr><tr><td class="align_center">[Fingerprinting attack] low website coverage</td><td class="align_center" rowspan="2">Generated fuzzing message simply by packet field mutation</td></tr><tr><td class="align_center">[aLTEr attack] unrealistic prerequisite</td></tr><tr class="table-tr"><td colspan="4"><hr class="tbody-hr"/></td></tr></table></td></tr></table>

<div>Studies on LTE protocol security.</div>

Security and Communication Networks

tab2

Table 2

Table 2: Beyond PS-LTE: Security Model Design Framework for PPDR Operational Environment 