Lately, from a secure system providing adequate user’s protection of confidentiality and privacy, the mobile communication has been degraded to be a less trustful one due to the revelation of IMSI catchers that enable mobile phone tapping. To fight against these illegal infringements there are a lot of activities aiming at detecting these IMSI catchers. However, so far the existing solutions are only device-based and intended for the users in their self-protection. This paper presents an innovative network-based IMSI catcher solution that makes use of machine learning techniques. After giving a brief description of the IMSI catcher the paper identifies the attributes of the IMSI catcher anomaly. The challenges that the proposed system has to surmount are also explained. Last but least, the overall architecture of the proposed Machine Learning based IMSI catcher Detection system is described thoroughly.
Until recently, mobile communication has been perceived by the majority of users as quite secure regarding both confidentiality and privacy thanks to the strong encryption combined with use of temporary identities. In fact, users quite often consider mobile telephony as more secure than fixed telephony. Recently, a series of scandalous phone tapping incidents in the United States, United Kingdom, Germany, China, etc. revealed by Snowden, a former American National Security Agency (NSA) agent had eroded this conviction. It is really shocking that not only very important people at high position like the German chancellor, prime ministers, members of parliament, etc. but also regular people may be victims of phone eavesdropping. But most frightening lies perhaps in the fact that the monitoring may be done by anybody from the police, governmental intelligence agencies, security institutions, etc. to private companies or organisations. With advances in microelectronics and the availability of
mobile open source software, equipment used in phone tapping are getting both smaller, easier to handle, more available and also quite affordable in the range of US $1500-2000.
The detection has been done using mobile devices such as GSMK Cryptophone that the reporters carried with them when moving around in Oslo. In fact, the existing IMSI detection solutions are based on portable devices that monitor the radio access network to detect possible presence of IMSI catchers. There is today no network based solution to detect IMSI catchers and the reasons are twofold. First, the need for IMSI detection is so far non-existent because there are only a few IMSI catchers used by governmental agencies in the fight against crimes and terrorism. Secondly, mobile operators do not consider IMSI catchers as threats because they just monitor the users’ conversation and do not do any harm to their mobile networks. However, with the increasing number of mobile phone tapping incidents, the users start to lose confident in mobile communication and mobile operators begin to realise that something must be done. This paper introduces a Machine Learning based IMSI catcher Detection system that was initiated by the Telenor ImobSec project in collaboration with Norwegian universities and security experts. The paper begins with
a review of related works. Next, a comprehensive explanation of the IMSI catcher is given. For the detection of IMSI catcher the attributes of the anomaly input data set are then identified and clarified. The challenges to the proposed system are also analysed. The central part of the paper is the proposed Machine Learning based IMSI catcher Detection system which is described thoroughly. Further works are proposed in the conclusion.