SoylentNews

Fnord666 [soylentnews.org] writes:

Modern cell phones are vulnerable to attacks from rogue cellular transmitters called IMSI-catchers—surveillance devices that can precisely locate mobile phones, eavesdrop on conversations or send spam.

Recent leaks and public records requests have revealed that law enforcement in many U.S. cities have used the surveillance devices to locate suspects or hunt for illegal activity. But despite extensive public debate about their use and privacy implications, little is known about how comprehensively International Mobile Subscriber Identity- (IMSI) catchers—also known as cell-site simulators or Stingrays—are being used by governments, hackers or criminals in any given city.

University of Washington security researchers have developed a new system called SeaGlass [washington.edu] to detect anomalies in the cellular landscape that can indicate where and when these surveillance devices are being used. The new system is described in a paper [amazonaws.com] to be published in June 2017 in Proceedings on Privacy Enhancing Technologies.

"Up until now the use of IMSI-catchers around the world has been shrouded in mystery, and this lack of concrete information is a barrier to informed public discussion," said co-lead author Peter Ney, a doctoral student at the Allen School of Computer Science & Engineering at the UW. "Having additional, independent and credible sources of information on cell-site simulators is critical to understanding how—and how responsibly—they are being used."

[...] To catch these IMSI-catchers in the act, SeaGlass uses sensors built from off-the-shelf parts that can be installed in vehicles—ideally ones that drive long hours and to many parts of a city, such as ridesharing vehicles or other fleets. The sensors pick up signals broadcast from the existing cell tower network, which remain fairly constant. Then SeaGlass aggregates that data over time to create a baseline map of "normal" cell tower behavior.

The team from the UW Security and Privacy Research Lab developed algorithms and other methods to detect irregularities in the cellular network that can expose the presence of a simulator. These include a strong signal in an odd spot or at an odd frequency that has never been there before, "temporary" towers that disappear after a short time and signal configurations that are different from what a carrier would normally transmit.

Allen School doctoral student and co-author Gabriel Cadamuro built statistical models to help find anomalies in the data. The team's survey approach differs from existing apps that attempt to detect attacks from a cell-site simulator on an individual's phone.

"We're looking at the whole cellular landscape and pinpointing discrepancies in data, while the apps for the most part are guessing at how a cell-site simulator would act with a phone," said Ney.

Source: https://m.techxplore.com/news/2017-06-imsi-catchers-seaglass-transparency-cell-surveillance.html# [techxplore.com]

Original Submission