Fake Base Station Research Articles

Fake Base Station Detection and Link Routing Defense

Fake base stations comprise a critical security issue in mobile networking. A fake base station exploits vulnerabilities in the broadcast message announcing a base station’s presence, which is called SIB1 in 4G LTE and 5G NR, to get user equipment to connect to the fake base station. Once connected, the fake base station can deprive the user of connectivity and access to the Internet/cloud. We discovered that a fake base station can disable the victim user equipment’s connectivity for an indefinite period of time, which we validated using our threat prototype against current 4G/5G practices. We designed and built a defense scheme which detects and blacklists a fake base station and then, informed by the detection, avoids it through link routing for connectivity availability. For detection and blacklisting, our scheme uses the real-time information of both the time duration and the number of request transmissions, the features of which are directly impacted by the fake base station’s threat and which have not been studied in previous research. Upon detection, our scheme takes an active measure called link routing, which is a novel concept in mobile/4G/5G networking, where the user equipment routes the connectivity request to another base station. To defend against a Sybil-capable fake base station, we use a history–reputation-based link routing scheme for routing and base station selection. We implemented both the base station and the user on software-defined radios using open-source 5G software (srsRAN v23.10 and Open5GS v2.6.6) for validation. We varied the base station implementation to simulate legitimate vs. faulty but legitimate vs. fake and malicious base stations, where a faulty base station notifies the user of the connectivity disruption and releases the session, while a fake base station continues to hold the session. We empirically analyzed the detection and identification thresholds, which vary with the fake base station’s power and the channel condition. By strategically selecting the threshold parameters, our scheme provides zero errors, including zero false positives, to avoid blacklisting a temporarily faulty base station that cannot provide connectivity at the time. Furthermore, our link routing scheme enables the base station to switch in order to restore the connectivity availability and limit the threat impact. We also discuss future directions to facilitate and encourage R&D in securing telecommunications and base station security.

Combining the spatiotemporal mobility patterns and MMC for next location prediction of fake base stations

The spatiotemporal mobility patterns and next location prediction of fake base stations (FBS) provide important technical support for the police to prevent spam messages from FBS. However, due to the difficulty in locating their real-time locations, our understanding of the mobility patterns and predictability of FBS is still limited. Based on the crowdsourced spam data, we extract the time and potential locations of FBS and propose a Tucker-MMC method that combines Tucker decomposition with a Mobility Markov Chain (MMC) model to investigate the mobility patterns and predictability of FBS sending spam messages. First, we utilize Tucker decomposition to reflect the spatial and temporal preferences during the movement of the corresponding FBS. Then the mobility regularity and the theoretical maximum predictability of the FBS trajectories with similar mobility preferences are analyzed by entropy and Fano's inequality. A Tucker-MMC is also established for the next location prediction. The results using the spam dataset in Beijing show that the accuracy of Tucker-MMC is more than double that of the MMC. The accuracy of the actual location prediction model is more likely to approach the theoretical maximum predictability when FBS send spam messages in a shorter time, shorter transfer distance, and smaller access range.

Cybersecurity for Sustainable Smart Healthcare: State of the Art, Taxonomy, Mechanisms, and Essential Roles

Cutting-edge technologies have been widely employed in healthcare delivery, resulting in transformative advances and promising enhanced patient care, operational efficiency, and resource usage. However, the proliferation of networked devices and data-driven systems has created new cybersecurity threats that jeopardize the integrity, confidentiality, and availability of critical healthcare data. This review paper offers a comprehensive evaluation of the current state of cybersecurity in the context of smart healthcare, presenting a structured taxonomy of its existing cyber threats, mechanisms and essential roles. This study explored cybersecurity and smart healthcare systems (SHSs). It identified and discussed the most pressing cyber threats and attacks that SHSs face, including fake base stations, medjacking, and Sybil attacks. This study examined the security measures deployed to combat cyber threats and attacks in SHSs. These measures include cryptographic-based techniques, digital watermarking, digital steganography, and many others. Patient data protection, the prevention of data breaches, and the maintenance of SHS integrity and availability are some of the roles of cybersecurity in ensuring sustainable smart healthcare. The long-term viability of smart healthcare depends on the constant assessment of cyber risks that harm healthcare providers, patients, and professionals. This review aims to inform policymakers, healthcare practitioners, and technology stakeholders about the critical imperatives and best practices for fostering a secure and resilient smart healthcare ecosystem by synthesizing insights from multidisciplinary perspectives, such as cybersecurity, healthcare management, and sustainability research. Understanding the most recent cybersecurity measures is critical for controlling escalating cyber threats and attacks on SHSs and networks and encouraging intelligent healthcare delivery.

FBS-TGCN: a temporal graph-convolutional-network model for spatiotemporal prediction of spam messages from fake base stations

Spam messages affect the normal communication of mobile phone users and public security. Fake base station (FBS) is the main channel for sending spam messages. Accurate spatiotemporal prediction of spam messages from FBS is important for implementing short-term spam prevention measures by the police. However, existing models used for spam messages modeling often focus on capturing spatial dependencies based on distance, thus failing to fully exploit spatial dependencies hidden in the data. Meanwhile, they encounter difficulties in mitigating the impact of excessive zero data. Therefore, based on the crowdsourced spam message data, a temporal graph-convolutional-network model (FBS-TGCN) is developed for the spatiotemporal prediction of spam messages from FBS. This model includes graph convolutional network (GCN) and gated temporal convolutional network (TCN) to capture the spatial and temporal dependencies alternatively. We further combine a weighted adjacency matrix and a self-adaptive adjacency matrix to capture both distance-based spatial dependencies and hidden spatial dependencies. A weighted loss function is used to mitigate the influence of excessive zero data. Experimental results using the spam dataset in Beijing demonstrate the effectiveness of the proposed model when compared to the baseline models, especially in the prediction of spam messages quantity and high spamming areas.

5G-Based Smart Healthcare and Mobile Network Security: Combating Fake Base Stations

New mobile network technologies, particularly 5G, have spurred a growth in smart healthcare networks. They enable real-time monitoring, personalized treatments, and more. However, these transformative capabilities have also uncovered potential vulnerabilities, emphasizing the urgency to safeguard patient data and healthcare services. This study analyzes the existing research on 5G-based smart healthcare network security with a specific emphasis on fake base station attacks. The research investigates potential security measures to mitigate the impact of fake base station attacks. And based on those findings, we propose a detection scheme to help combat fake base station threats effectively and to avoid the need to install individual apps on smart devices, providing a foothold for future efforts to develop and deploy better countermeasures. To ensure a secure and resilient ecosystem for 5G-based smart healthcare, continuous research and proactive measures are required. By staying vigilant and committed to research and development, we can protect patient privacy, ensure secure data transmission, and enhance the quality of services within smart healthcare networks and other mobile network applications alike.

Enabling secure lightweight mobile Narrowband Internet of Things (NB-IoT) applications using blockchain

Narrowband Internet of Things (NB-IoT) is a low bandwidth 3GPP communication standard transmitting small quantities of data over long distances at random intervals. However, as NB-IoT cannot support seamless handover between base stations, its applications are limited to stationary devices, which may result in the potential risk of fake base station connections in an attempt to maintain connectivity across cells. Considering characteristics such as low power consumption and high connection density, researchers envision using NB-IoT in mobile applications such as public-bike sharing, pet tracking etc. Connecting NB-IoT devices using decentralised architecture such as blockchain ensures seamless communication in mobile applications and eliminates bottlenecks due to multiple data requests observed in centralised networks. In this paper, we develop a hybrid blockchain framework facilitating mutual authentication between base stations to enhance user privacy and prevent fake base station connections and certificate transfers. Zero-knowledge proof used as the consensus algorithm enhances user privacy and message confidentiality. IoT devices are designed to store the hashes of their approved transactions as a linear hash chain instead of the complete merkle tree to minimise hash verification complexity. Additionally, base station memory is partitioned dynamically to enhance scalability and memory utilisation efficiency. We prototype our framework on Remix IDE in Ethereum and implement it on Raspberry Pi 4. The security of the proposed framework is formally verified using Scyther. Further, we show that our approach achieves 80.50% lower computational power, 74.73% lower execution time and 50% lower memory, respectively, in comparison with existing schemes making our proposed scheme lightweight.

An Asymmetric Encryption-Based Key Distribution Method for Wireless Sensor Networks.

Wireless sensor networks are usually applied in hostile areas where nodes can easily be monitored and captured by an adversary. Designing a key distribution scheme with high security and reliability, low hardware requirements, and moderate communication load is crucial for wireless sensor networks. To address the above objectives, we propose a new key distribution scheme based on an ECC asymmetric encryption algorithm. The two-way authentication mechanism in the proposed scheme not only prevents illegal nodes from accessing the network, but also prevents fake base stations from communicating with the nodes. The complete key distribution and key update methods ensure the security of session keys in both static and dynamic environments. The new key distribution scheme provides a significant performance improvement compared to the classical key distribution schemes for wireless sensor networks without sacrificing reliability. Simulation results show that the proposed new scheme reduces the communication load and key storage capacity, has significant advantages in terms of secure connectivity and attack resistance, and is fully applicable to wireless sensor networks.

Fake Base Station Threats in 5G Non-Public Networks

Fake Base Station Threats in 5G Non-Public Networks

Protecting IMSI from Fake Base Stations Exploitation and Spoofers Impersonation in 5G and Beyond Cellular Networks

Authors propose a novel hack-proof framework that can perfectly secure IMSI numbers, resulting in having protection against spoofing attacks. The proposed algorithm includes a mobile device (UE) and a gNodeB (BS) that communicate in the clear to authenticate each other securely.

Location-Privacy-Preserving Technique for 5G mmWave Devices

In fifth generation (5G) cellular networks, a single base station equipped with multiple antennas can determine the user position within centimeters, by processing the wireless millimeter-wave channel estimate. A fake base station serving a victim user can also obtain the user location. In order to protect the user privacy, we propose a technique to prevent localization. We design a user transmit beamformer, so that the angles of departure of each channel path are hidden to the base station, thus preventing localization. We also optimize the allocated power, in order to maximize the achievable rate. The proposed solution is compared with both the capacity-achieving beamforming (without location privacy) and the zero-forcing beamforming, which still provides location privacy, at the cost of a lower rate.

Research on Anti-phishing Strategy of Smart Phone

Phishing is a fraudulent method of online identity forgery. With the development of mobile Internet and the popularity of smart phones, many phishing methods and forms for smart phones appears. Mobile phone phishing has the characteristics, such as strong allure, chaotic information, clear target, short attack time and dynamic conversion of attack sources. It steals users’ privacy information and even endangers users’ fund security by creating fake networks, fake base station SMS phishing, sending phishing emails, malicious code attacks, malicious WiFi phishing attacks, etc. Some specific measures against mobile phone phishing are put forword in this paper, such as installing and updating mobile phone security software, using various anti-spam technologies, paying attention to personal information disclosure of social platforms, carefully linking WiFi, and preventing mobile payment traps.

Study on RSS/AOA hybrid localization in life detection in huge disaster situation

Rescue is a tough and time-consuming task in huge disaster. After stricken by a catastrophic natural disaster, the rescue force is typically deployed under the circumstance of traffic paralysis and lack of supplies. To cope with this situation, plenty of human resource and professional equipment are required. However, both the human resource and equipment are insufficient in most situations. The rescue force needs an efficient technology for searching the survivals, such as the life detection, which can be a key factor in disaster relief. Fast and accurate locating of the survivals will guide the limited rescue resource to save more survivors. However, current life detection technology cannot meet the demand of rescue in huge disaster. A novel life detection system based on fake base station is proposed. The detection system can scan the whole disaster area and find the cell phones, which leads to the surviving owners. As the system works in different way with other traditional human localization technology, a novel RSS/AOA hybrid positioning algorithm was proposed in this paper to increase the accuracy of localization. To verify the accuracy, two simulation tests were designed. The result of the two tests illustrates that the novel algorithm is more suitable to work with the novel life detection system.

Identifying the Fake Base Station: A Location Based Approach

Fake base station (FBS) attack is a great security challenge to wireless user equipment (UE). During the cell selection stage, the UE receives multiple synchronization signals (SSs) from multiple nearby base stations (BSs) and then synchronizes itself with the strongest SS. An FBS also can transmit an SS with sufficient power to confuse the UE, which makes the UE connect to the FBS, and may lead to the leakage of private information. In this letter, countermeasure to the FBS attack by utilizing the location information is investigated. Two location awareness based FBS-resistance schemes are proposed by checking the received signal strength according to the position of the UE and a legitimate BS map. The successful cheating rate (SCR) defined as the probability that the UE will connect to the FBS is investigated. Numeric results show that with the two proposed schemes, the SCR can be greatly reduced especially when the transmit power of the FBS is large. Beyond that, a cooperation-aided method is further proposed to improve the performance, and we show that the cooperation-aided method can further suppress the SCR when the signal strength from the FBS is similar to that from the legitimate BS.

Temporal and Spatial Analysis of Fake Base Stations

With the development of information technology, send spam messages by using the fake base station has become a new means of criminal and marketing advertisement. Fake base station usually dissembles itself as numbers which stand for banks, operators, state organs and forcible and sends fraud, pornography, gambling, advertising and other short messages to users. This action affects the normal communication and also has a serious violation of public security. Based on sample data sets of junk text messages opened by ChinaVis2017 Challenge, this paper develops a temporal and spatial trajectory analysis and visualization system for stopping fake base station. Moreover, this paper deeply excavates the temporal and spatial laws of the location and movement of fake base stations. Based on the analysis results of fake base station behaviour patterns, this paper provides several recommendations of tracking and arresting fake base station owners. This paper firstly introduces the realization scheme and key technology of spatial-temporal trajectory analysis and visualization system of fake base stations. Then, it analyses the temporal and spatial trajectory distribution, the content classification and the degree of harmful of fake base stations, and finally analyses the actual demand of fake base stations supervision and management with several practical solutions.

Detecting and Tracking Pseudo Base Stations in GSM Signal Hijacking and Frauds: a Visualized Approach

Pseudo base station (PBS), sometimes called fake base station, refers to cellular base stations that are employed for malicious and usually illegal purposes. Through the pitfalls of the GSM protocol, PSBs can hijack GSM signals of cellphones close by. Most PBSes are portable, for example hidden in vans or even carried in backpacks, and are deployed in densely populated regions. Then they can steal personal information from neighboring smartphones, or send intriguing messages to them that would ultimately lead to telecom frauds. In recent years, there has been a terrifying increase in the number of telecom frauds and the smartphones infected by viruses sent from PBSes. This urgently calls for methods and systems that can effectively identify and track PBSes. In this study, we designed and implemented a PBS detecting and tracking system, by conducting topic analysis of messages received by cellphones and analyzing their temporal and spatial distribution patterns. Using the system, we could perform a variety of exploratory analysis, including categorizing PBSes into either stationary or moving PBSes, discovering and visualizing their behavior patterns, and identifying districts that tend to suffer from a particular type of fraud messages.