Spoofed Networks: Exploitation of GNSS Security Vulnerability in 4G and 5G Mobile Networks

Loading...
Thumbnail Image
Authors
Lanoue, Matthew J.
Subjects
4G
Long Term Evolution
LTE
5G
New Radio
NR
mobile telephony
radio access network
RAN
security vulnerabilities
OpenAirInterface Software Alliance
OSA
Global Navigation Satellite System
GNSS
networks
spoofing attacks
commercial off-the-shelf
COTS
user equipment
UE
Advisors
Michael, James B.
Rogers, Darren J.
Bollmann, Chad A.
Date of Issue
2021-06
Date
Publisher
Monterey, CA; Naval Postgraduate School
Language
Abstract
Fifth Generation New Radio (5G NR) represents a shift in mobile telephony whereby the network architecture runs containerized software on commodity hardware. In preparation for this transition, numerous 4G Long Term Evolution software stacks have been developed to test the containerization of core network functions and the interfaces with radio access network protocols. In this thesis, one such stack, developed by the OpenAirInterface Software Alliance, was used to create a low-cost, simplified mobile network compatible with the Naval Operational Architecture. Commercial off-the-shelf user equipment was then connected to the network to demonstrate how a buffer overflow vulnerability found in Qualcomm Global Navigation Satellite System chipsets and identified as CVE-2019-2254 can be leveraged to enable a spoofed network attack. The research also yielded an extension of the attack method to 5G NR networks.
Type
Thesis
Description
Includes supplementary material
Series/Report No
Department
Electrical and Computer Engineering (ECE)
Organization
Identifiers
NPS Report Number
Sponsors
Funder
Format
Citation
Distribution Statement
Approved for public release. Distribution is unlimited.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.
Collections