Abstract. A surprisingly high number of mobile carriers worldwide do not block
unsolicited traffic from reaching their mobile devices from the open Internet or
from within the cellular network. This exposes mobile users to a class of low
resource attacks that could compromise their privacy and security. In this work
we describe a methodology that allows an adversary to identify a victim device
in the cellular network by just sending messages to its user through one or more
messaging apps available today on the mobile market. By leveraging network
delays produced by mobile devices in different radio states and the timeliness
of push notifications, we experimentally show how our methodology is able to
quickly identify the target device within 20 messages in the worst case through
measurements on a large mobile network
more here..........https://petsymposium.org/2014/papers/paper_33.pdf
unsolicited traffic from reaching their mobile devices from the open Internet or
from within the cellular network. This exposes mobile users to a class of low
resource attacks that could compromise their privacy and security. In this work
we describe a methodology that allows an adversary to identify a victim device
in the cellular network by just sending messages to its user through one or more
messaging apps available today on the mobile market. By leveraging network
delays produced by mobile devices in different radio states and the timeliness
of push notifications, we experimentally show how our methodology is able to
quickly identify the target device within 20 messages in the worst case through
measurements on a large mobile network
more here..........https://petsymposium.org/2014/papers/paper_33.pdf