• Technical Name
  • 4G/5G多媒體系統之資安弱點檢測與威脅防護
  • Operator
  • National Yang Ming Chiao Tung University
  • Booth
  • AIoT&智慧應用 AIoT & Smart Applications
  • Contact
  • 李奇育
  • Email
  • chiyuli@cs.nctu.edu.tw
Technical Description We develop a vulnerability detection module to identify three important security vulnerabilities in the IMS system that supports 4G/5G multimedia services. We have validated them in 4 carriers from TaiwanU.S. using smartphones from 7 brands,shown that they can be exploited to launch a stealthy call DoS attack, a social engineering attack with ghost calls,a call ID spoofing attack. Moreover, attackers can detect attackable users using an AI technique with only the users' phone numbers. We finally propose solutionsdevelop an AI-based technique of call ID spoofing detection.
Scientific Breakthrough \"We are the first group in the world to have four breakthrough contributions below.1. We developed a vulnerability detection module to identify four important security vulnerabilities in call state machine, call management, call ID verification,call information leakage, respectively, from the IMS system. 2. We validated those vulnerabilities in 4 carriers from TaiwanU.S. using smartphones from 7 brands. 3. We proposed solutionsvalidated their effectiveness experimentally.4. We developed an AI-based technique of call ID spoofing detection, which can do detection at run time.\"
Industrial Applicability The security threats identified by our developed vulnerability detection module generally exist in global 4G/5G cellular network systems. The module can assist cellular network standards, carriers,telecom/phone vendors in detectingaddressing the security vulnerabilities of 4G/5G cellular networksmultimedia services. We have contributed the result to CHT, TTC, NCC,GSMA. The global 4G/5G IMS systems can thus benefit. We will start to promote the vulnerability detection moduleAI-based technique of call ID spoofing detection to the telecom industry.
本網站使用您的Cookie於優化網站。繼續瀏覽網站即表示您同意本公司隱私權政策,您可至隱私權政策了解詳細資訊。