{"title":"用形式化方法发现蜂窝网络的紧急呼叫陷阱","authors":"Kaiyu Hou, You Li, Yinbo Yu, Yan Chen, Hai Zhou","doi":"10.1145/3458864.3466625","DOIUrl":null,"url":null,"abstract":"Availability and security problems in cellular emergency call systems can cost people their lives, yet this topic has not been thoroughly researched. Based on our proposed Seed-Assisted Specification method, we start to investigate this topic by looking closely into one emergency call failure case in China. Using what we learned from the case as prior knowledge, we build a formal model of emergency call systems with proper granularity. By running model checking, four public-unaware scenarios where emergency calls cannot be correctly routed are discovered. Additionally, we extract configurations of two major U.S. carriers and incorporate them as model constraints into the model. Based on the augmented model, we find two new attacks leveraging the privileges of emergency calls. Finally, we present a solution with marginal overhead to resolve issues we can foresee.","PeriodicalId":153361,"journal":{"name":"Proceedings of the 19th Annual International Conference on Mobile Systems, Applications, and Services","volume":"115 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Discovering emergency call pitfalls for cellular networks with formal methods\",\"authors\":\"Kaiyu Hou, You Li, Yinbo Yu, Yan Chen, Hai Zhou\",\"doi\":\"10.1145/3458864.3466625\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Availability and security problems in cellular emergency call systems can cost people their lives, yet this topic has not been thoroughly researched. Based on our proposed Seed-Assisted Specification method, we start to investigate this topic by looking closely into one emergency call failure case in China. Using what we learned from the case as prior knowledge, we build a formal model of emergency call systems with proper granularity. By running model checking, four public-unaware scenarios where emergency calls cannot be correctly routed are discovered. Additionally, we extract configurations of two major U.S. carriers and incorporate them as model constraints into the model. Based on the augmented model, we find two new attacks leveraging the privileges of emergency calls. Finally, we present a solution with marginal overhead to resolve issues we can foresee.\",\"PeriodicalId\":153361,\"journal\":{\"name\":\"Proceedings of the 19th Annual International Conference on Mobile Systems, Applications, and Services\",\"volume\":\"115 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-06-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 19th Annual International Conference on Mobile Systems, Applications, and Services\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3458864.3466625\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 19th Annual International Conference on Mobile Systems, Applications, and Services","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3458864.3466625","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Discovering emergency call pitfalls for cellular networks with formal methods
Availability and security problems in cellular emergency call systems can cost people their lives, yet this topic has not been thoroughly researched. Based on our proposed Seed-Assisted Specification method, we start to investigate this topic by looking closely into one emergency call failure case in China. Using what we learned from the case as prior knowledge, we build a formal model of emergency call systems with proper granularity. By running model checking, four public-unaware scenarios where emergency calls cannot be correctly routed are discovered. Additionally, we extract configurations of two major U.S. carriers and incorporate them as model constraints into the model. Based on the augmented model, we find two new attacks leveraging the privileges of emergency calls. Finally, we present a solution with marginal overhead to resolve issues we can foresee.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
