Explore a comprehensive analysis of LTE control plane security in this IEEE conference talk. Delve into the dynamic testing of control components in operational Long Term Evolution networks using LTEFuzz, a semi-automated testing tool. Learn about the systematic generation of test cases based on three fundamental security properties derived from LTE standards. Discover 36 previously undisclosed vulnerabilities categorized into five types: improper handling of unprotected initial procedures, crafted plain requests, messages with invalid integrity protection, replayed messages, and security procedure bypass. Examine proof-of-concept attacks demonstrating the impact of these vulnerabilities, including denial of LTE services, SMS spoofing, and eavesdropping on user data traffic. Gain insights into root cause analysis and potential countermeasures for addressing these security issues. Understand the ethical considerations and involvement of cellular carriers in verifying findings within commercial LTE networks. Read more