IMSI Catchers are used in mobile networks to identify and
eavesdrop on phones. When, the number of vendors increased
and prices dropped, the device became available to
much larger audiences. Self-made devices based on open
source software are available for about US$ 1,500
In this paper, we identify and describe multiple methods of
detecting artifacts in the mobile network produced by such
devices. We present two independent novel implementations
of an IMSI Catcher Catcher (ICC) to detect this threat
against everyone’s privacy. The first one employs a network
of stationary (sICC) measurement units installed in a geographical
area and constantly scanning all frequency bands
for cell announcements and fingerprinting the cell network
parameters. These rooftop-mounted devices can cover large
areas. The second implementation is an app for standard
consumer grade mobile phones (mICC), without the need
to root or jailbreak them. Its core principle is based upon
geographical network topology correlation, facilitating the
ubiquitous built-in GPS receiver in today’s phones and a
network cell capabilities fingerprinting technique. The latter
works for the vicinity of the phone by first learning the cell
landscape and than matching it against the learned data.
We implemented and evaluated both solutions for digital
self-defense and deployed several of the stationary units for
a long term field-test. Finally, we describe how to detect
recently published denial of service attacks
more here...........https://www.sba-research.org/wp-content/uploads/publications/AdrianDabrowski-IMSI-Catcher-Catcher-ACSAC2014-preprint-20140820.pdf
eavesdrop on phones. When, the number of vendors increased
and prices dropped, the device became available to
much larger audiences. Self-made devices based on open
source software are available for about US$ 1,500
In this paper, we identify and describe multiple methods of
detecting artifacts in the mobile network produced by such
devices. We present two independent novel implementations
of an IMSI Catcher Catcher (ICC) to detect this threat
against everyone’s privacy. The first one employs a network
of stationary (sICC) measurement units installed in a geographical
area and constantly scanning all frequency bands
for cell announcements and fingerprinting the cell network
parameters. These rooftop-mounted devices can cover large
areas. The second implementation is an app for standard
consumer grade mobile phones (mICC), without the need
to root or jailbreak them. Its core principle is based upon
geographical network topology correlation, facilitating the
ubiquitous built-in GPS receiver in today’s phones and a
network cell capabilities fingerprinting technique. The latter
works for the vicinity of the phone by first learning the cell
landscape and than matching it against the learned data.
We implemented and evaluated both solutions for digital
self-defense and deployed several of the stationary units for
a long term field-test. Finally, we describe how to detect
recently published denial of service attacks
more here...........https://www.sba-research.org/wp-content/uploads/publications/AdrianDabrowski-IMSI-Catcher-Catcher-ACSAC2014-preprint-20140820.pdf