Please use this identifier to cite or link to this item:
Full metadata record
DC FieldValueLanguage
dc.contributor.authorLudant, Norbert-
dc.contributor.authorROBYNS, Pieter-
dc.contributor.authorNoubir, Guevara-
dc.identifier.citationp. 1919 -1934-
dc.description.abstractWe present the first open-source tool capable of efficiently sniffing 5G control channels, 5GSniffer and demonstrate its potential to conduct attacks on users privacy. 5GSniffer builds on our analysis of the 5G RAN control channel exposing side-channel leakage. We note that decoding the 5G control channels is significantly more challenging than in LTE, since part of the information necessary for decoding is provided to the UEs over encrypted channels. We devise a set of techniques to achieve real-time control channels sniffing (over three orders of magnitude faster than brute-forcing). This enables, among other things, to retrieve the Radio Network Temporary Identifiers (RNTIs) of all users in a cell, and perform traffic analysis. To illustrate the potential of our sniffer, we analyse two privacy-focused messengers, Signal and Telegram. We identify privacy leaks that can be exploited to generate stealthy traffic to a target user. When combined with 5GSniffer, it enables stealthy exposure of the presence of a target user in a given location (solely based on their phone number), by linking the phone number to the RNTI. It also enables traffic analysis of the target user. We evaluate the attacks and our sniffer, demonstrating nearly 100% accuracy within 30 seconds of attack initiation.-
dc.subject.otherIndex Terms-5G-
dc.subject.otherControl Channel Sniffing-
dc.subject.otherTraffic Patterns-
dc.subject.otherLinkage Attacks-
dc.subject.otherPrivacy-preserving Messengers-
dc.subject.otherPri- vacy Leaks-
dc.titleFrom 5G Sniffing to Harvesting Leakages of Privacy-Preserving Messengers-
dc.typeProceedings Paper-
local.bibliographicCitation.conferencedateMay 22-26-
local.bibliographicCitation.conferencenameIEEE Symposium on Security and Privacy (S&P)-
local.bibliographicCitation.conferenceplaceSan Francisco, CA, USA-
local.type.specifiedProceedings Paper-
local.bibliographicCitation.statusIn press-
item.accessRightsClosed Access-
item.fullcitationLudant, Norbert; ROBYNS, Pieter & Noubir, Guevara (2023) From 5G Sniffing to Harvesting Leakages of Privacy-Preserving Messengers. In: p. 1919 -1934.-
item.contributorLudant, Norbert-
item.contributorROBYNS, Pieter-
item.contributorNoubir, Guevara-
item.fulltextWith Fulltext-
Appears in Collections:Research publications
Show simple item record

Google ScholarTM



Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.