Please use this identifier to cite or link to this item: http://hdl.handle.net/1942/39447
Full metadata record
DC FieldValueLanguage
dc.contributor.authorLudant, Norbert-
dc.contributor.authorROBYNS, Pieter-
dc.contributor.authorNoubir, Guevara-
dc.date.accessioned2023-02-15T12:13:15Z-
dc.date.available2023-02-15T12:13:15Z-
dc.date.issued2023-
dc.date.submitted2023-01-24T20:48:29Z-
dc.identifier.citation2023 IEEE Symposium on Security and Privacy (SP), IEEE COMPUTER SOC, p. 3146-3161-
dc.identifier.isbn9781665493369-
dc.identifier.issn1081-6011-
dc.identifier.urihttp://hdl.handle.net/1942/39447-
dc.description.abstractWe present the first open-source tool capable of efficiently sniffing 5G control channels, 5GSniffer and demonstrate its potential to conduct attacks on users privacy. 5GSniffer builds on our analysis of the 5G RAN control channel exposing side-channel leakage. We note that decoding the 5G control channels is significantly more challenging than in LTE, since part of the information necessary for decoding is provided to the UEs over encrypted channels. We devise a set of techniques to achieve real-time control channels sniffing (over three orders of magnitude faster than brute-forcing). This enables, among other things, to retrieve the Radio Network Temporary Identifiers (RNTIs) of all users in a cell, and perform traffic analysis. To illustrate the potential of our sniffer, we analyse two privacy-focused messengers, Signal and Telegram. We identify privacy leaks that can be exploited to generate stealthy traffic to a target user. When combined with 5GSniffer, it enables stealthy exposure of the presence of a target user in a given location (solely based on their phone number), by linking the phone number to the RNTI. It also enables traffic analysis of the target user. We evaluate the attacks and our sniffer, demonstrating nearly 100% accuracy within 30 seconds of attack initiation.-
dc.language.isoen-
dc.publisherIEEE COMPUTER SOC-
dc.rights2023, Norbert Ludant. Under license to IEEE-
dc.subject.otherIndex Terms-5G-
dc.subject.otherControl Channel Sniffing-
dc.subject.otherTracking-
dc.subject.otherTraffic Patterns-
dc.subject.otherLinkage Attacks-
dc.subject.otherPrivacy-preserving Messengers-
dc.subject.otherPri- vacy Leaks-
dc.titleFrom 5G Sniffing to Harvesting Leakages of Privacy-Preserving Messengers-
dc.typeProceedings Paper-
local.bibliographicCitation.conferencedateMAY 21-25-
local.bibliographicCitation.conferencename44th IEEE Symposium on Security and Privacy (SP)-
local.bibliographicCitation.conferenceplaceSan Francisco, CA, USA-
dc.identifier.epage3161-
dc.identifier.spage3146-
local.format.pages16-
local.bibliographicCitation.jcatC1-
local.publisher.place10662 LOS VAQUEROS CIRCLE, PO BOX 3014, LOS ALAMITOS, CA 90720-1264 USA-
local.type.refereedRefereed-
local.type.specifiedProceedings Paper-
dc.identifier.doi10.1109/SP46215.2023.10179353-
dc.identifier.isi001035501503012-
local.provider.typePdf-
local.bibliographicCitation.btitle2023 IEEE Symposium on Security and Privacy (SP)-
local.uhasselt.internationalyes-
item.accessRightsRestricted Access-
item.contributorLudant, Norbert-
item.contributorROBYNS, Pieter-
item.contributorNoubir, Guevara-
item.fulltextWith Fulltext-
item.fullcitationLudant, Norbert; ROBYNS, Pieter & Noubir, Guevara (2023) From 5G Sniffing to Harvesting Leakages of Privacy-Preserving Messengers. In: 2023 IEEE Symposium on Security and Privacy (SP), IEEE COMPUTER SOC, p. 3146-3161.-
Appears in Collections:Research publications
Files in This Item:
File Description SizeFormat 
From_5G_Sniffing_to_Harvesting_Leakages_of_Privacy-Preserving_Messengers.pdf
  Restricted Access		Published version1.89 MBAdobe PDFView/Open    Request a copy
Show simple item record

WEB OF SCIENCETM
Citations

2
checked on Jul 13, 2024

Google ScholarTM

Check

Altmetric


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.