Research On Security Flaws And Attack Verification Of Mobile Communication Networks

Mobile communication networks had been widely used in every aspect of our lives.While benefiting from it however,we have to pay special attention to the security of the mobile communication.With the continuous disclosure of various attacks on the wireless air interface,communication security issues have repeatedly become a hot spot in the industry.It's even hard for relevant departments to assess the risks of these attacks due to the opacity of their deployment scheme.In this case,the analysis of the attacks on the vulnerabilities of the current network will be able to provide technical analysis to the relevant departments and also to provide references for the safety upgrading of the communication networks,as the best defense method can only be worked out when the attack method is clear.Considering the actual demands of the project,this thesis studied the vulnerabilities of the current network,made detailed analysis on problems of users' privacy,pseudo base station attacks and man-in-the-middle attacks,figured out the exact vulnerability the attack utilized and the actual deployment,and under the fourth-generation(4G)communication system,USRP combined with the open-source software srs LTE is used to attack real users.The test results verify the potential security risks caused by the vulnerability and the impact of the designed attack on the terminal,which meets the actual needs of the project.The main achievements and innovations of this thesis are as follows:1.This thesis studied the security of the temporary identity in the paging messages of the current network and put forward the possible location tracking problem according to the existing security risks.For the location tracking test this thesis also designed a lowcost paging monitoring equipment which can monitor the paging messages in real time with a filtering method to eliminate the overflowing paging message in the current network.2.This thesis studied how the pseudo base station attack had been realized and designed an attack scheme that uses pseudo base stations to obtain International Mobile Subscriber Identity(IMSI).Aiming at the problem of repeating statistics on the same IMSI,an attack scheme is designed to use the rejection reason value to avoid the terminal repeatedly connecting to the pseudo base station.Aiming at the problem of undifferentiated attacks on pseudo base stations,a target-specific attack scheme is proposed to achieve the effects of network degradation of the target terminal,acquisition of identity information,and forcing the terminal to leave the network.3.This thesis studied the man-in-the-middle attack in communication systems,designed a 4G man-in-the-middle deployment plan,and designed a man-in-the-middle attack that tampered with capability information in response to the lack of integrity protection of terminal capability information in domestic communication systems.The results show that the current network provides communication services for the terminal according to the tampered capability information.The average download rate and upload rate of the tested mobile phone dropped from 58.6Mbps/15.3Mbps to 6.5Mbps/1.8Mbps,and the data transmission rate was significantly reduced.