Rogue Mobile Phone Base Station
Name
Georg Ĺ umailov
Abstract
Mobile network protocols have greatly improved over the decades both in terms of speed as well as security. Nonetheless, as of 2023, the outdated and ulnerable 2G network generation is still operational around the globe. This poses a threat to the general public due to known security vulnerabilities found in 2G. While various 2G rogue base stations were tested over the years, little work was done on how they perform in a modern world.
In this study a 2G rogue base station was built using YateBTS and a BladeRF. Furthermore, its effectiveness was tested in areas where there are faster networks available. Importantly, the rogue base station was built with off-the-shelf components and open-source software limiting deployment costs to a minimum. The findings of this thesis suggest that in areas covered with faster network base stations modern phones prefer new generation networks (e.g. 4G) over 2G despite the signal strength. However, in areas with no cellular connection such as tunnels or metros 2G rogue base stations can still be effective to this day. SMS phishing, SMS interception and IMSI catching attacks were all possible once the phones connected to the rogue base station.
In this study a 2G rogue base station was built using YateBTS and a BladeRF. Furthermore, its effectiveness was tested in areas where there are faster networks available. Importantly, the rogue base station was built with off-the-shelf components and open-source software limiting deployment costs to a minimum. The findings of this thesis suggest that in areas covered with faster network base stations modern phones prefer new generation networks (e.g. 4G) over 2G despite the signal strength. However, in areas with no cellular connection such as tunnels or metros 2G rogue base stations can still be effective to this day. SMS phishing, SMS interception and IMSI catching attacks were all possible once the phones connected to the rogue base station.
Graduation Thesis language
English
Graduation Thesis type
Bachelor - Computer Science
Supervisor(s)
Danielle Melissa Morgan
Defence year
2023