The Untold Secrets of Operational Wi-Fi Calling Services: Vulnerabilities, Attacks, and Countermeasures

11/27/2018
by   Tian Xie, et al.
0

Since 2016, all of four major U.S. operators have rolled out nationwide Wi-Fi calling services. They are projected to surpass VoLTE (Voice over LTE) and other VoIP services in terms of mobile IP voice usage minutes in 2018. They enable mobile users to place cellular calls over Wi-Fi networks based on the 3GPP IMS (IP Multimedia Subsystem) technology. Compared with conventional cellular voice solutions, the major difference lies in that their traffic traverses untrustful Wi-Fi networks and the Internet. This exposure to insecure networks may cause the Wi-Fi calling users to suffer from security threats. Its security mechanisms are similar to the VoLTE, because both of them are supported by the IMS. They include SIM-based security, 3GPP AKA (Authentication and Key Agreement), IPSec (Internet Protocol Security), etc. However, are they sufficient to secure Wi-Fi calling services? Unfortunately, our study yields a negative answer. We conduct the first study of exploring security issues of the operational Wi-Fi calling services in three major U.S. operators' networks using commodity devices. We disclose that current Wi-Fi calling security is not bullet-proof and uncover four vulnerabilities which stem from improper standard designs, device implementation issues and network operation slips. By exploiting the vulnerabilities, together with several state-of-the-art computer visual recognition technologies, we devise two proof-of-concept attacks: user privacy leakage and telephony harassment or denial of voice service (THDoS); both of them can bypass the security defenses deployed on mobile devices and the network infrastructure. We have confirmed their feasibility and simplicity using real-world experiments, as well as assessed their potential damages and proposed recommended solutions.

READ FULL TEXT

page 15

page 16

page 18

page 19

page 20

research
11/30/2012

Secure voice based authentication for mobile devices: Vaulted Voice Verification

As the use of biometrics becomes more wide-spread, the privacy concerns ...
research
12/09/2017

The Insecurity of Home Digital Voice Assistants - Amazon Alexa as a Case Study

Home Digital Voice Assistants (HDVAs) are getting popular in recent year...
research
09/06/2022

Security and Privacy of IP-ICN Coexistence: A Comprehensive Survey

Internet usage has changed from its first design. Hence, the current Int...
research
09/26/2020

An experimental evaluation and characterization of VoIP over an LTE-A network

Mobile telecommunications are converging towards all-IP solutions. This ...
research
01/01/2021

PHOENIX: Device-Centric Cellular Network Protocol Monitoring using Runtime Verification

End-user-devices in the current cellular ecosystem are prone to many dif...
research
07/27/2020

DICE: Dynamic Interconnections for the Cellular Ecosystem

To enable roaming of users, the cellular ecosystem integrates many entit...
research
02/22/2022

Multi-service Threats: Attacking and Protecting Network Printers and VoIP Phones alike

Printing over a network and calling over VoIP technology are routine at ...

Please sign up or login with your details

Forgot password? Click here to reset