The rise of Internet of Things (IoT) devices has significantly expanded the need for secure communication networks. While security testing for these protocols is crucial, there has been limited research in fuzzing cellular IoT protocol implementations. This paper presents the first framework for fuzz-testing the LTE-M and NB-IoT protocol implementations in IoT devices. Our approach focuses on testing the LTE-M and NB-IoT Attach procedure. It adapts an existing cellular protocol fuzzing framework for the specific requirements of LTE-M and NB-IoT. The framework’s effectiveness is validated through testing of four commercially deployed LTE-M/NB-IoT modems, leading to the discovery of 25 new vulnerabilities in two of the modems. This work underscores the importance of security testing emerging IoT technologies and demonstrates the potential of fuzzing to identify vulnerabilities in LTE-M and NB-IoT devices.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Breaking the Silence: Fuzzing LTE-M and NB-IoT Protocols

  • Ilja Siroš,
  • Rafael Cavalcanti,
  • Dave Singelée,
  • Bart Preneel

摘要

The rise of Internet of Things (IoT) devices has significantly expanded the need for secure communication networks. While security testing for these protocols is crucial, there has been limited research in fuzzing cellular IoT protocol implementations. This paper presents the first framework for fuzz-testing the LTE-M and NB-IoT protocol implementations in IoT devices. Our approach focuses on testing the LTE-M and NB-IoT Attach procedure. It adapts an existing cellular protocol fuzzing framework for the specific requirements of LTE-M and NB-IoT. The framework’s effectiveness is validated through testing of four commercially deployed LTE-M/NB-IoT modems, leading to the discovery of 25 new vulnerabilities in two of the modems. This work underscores the importance of security testing emerging IoT technologies and demonstrates the potential of fuzzing to identify vulnerabilities in LTE-M and NB-IoT devices.