This talk will be a general overview of the known attacks on the LTE cellular protocol starting with a general description of how the cellular protocol works followed by discussion of attacks that can be done at layers 1, 2, and 3.
- Layer 1: Jamming LTE using a power-limited smart jammer
- Layer 2: User redirection by altering the destination IP of DNS requests
- Layer 3: Downgrading, denial of service, location tracking, channel hijacking, and sending fake SMS/emergency messages
Lastly there will be a brief discussion about the decreasing price in Software Defined Radios and how this is affecting the security of cellular protocols as the barrier to entry to launch these attacks is dropping rapidly.
Mattias is an engineer at Qualcomm working on cellular security research.