Berserker: ASN.1-based Fuzzing of Radio Resource Control Protocol for 4G and 5G
2021 (English)In: International Conference on Wireless and Mobile Computing, Networking and Communications, Institute of Electrical and Electronics Engineers (IEEE) , 2021, p. 295-300Conference paper, Published paper (Refereed)
Abstract [en]
Telecom networks together with mobile phones must be rigorously tested for robustness against vulnerabilities in order to guarantee availability. RRC protocol is responsible for the management of radio resources and is among the most important telecom protocols whose extensive testing is warranted. To that end, we present a novel RRC fuzzer, called Berserker, for 4G and 5G. Berserker's novelty comes from being backward and forward compatible to any version of 4G and 5G RRC technical specifications. It is based on RRC message format definitions in ASN.1 and additionally covers fuzz testing of another protocol, called NAS, tunneled in RRC. Berserker uses concrete implementations of telecom protocol stack and is unaffected by lower layer protocol handlings like encryption and segmentation. It is also capable of evading size and type constraints in RRC message format definitions. Berserker discovered two previously unknown serious vulnerabilities in srsLTE - one of which also affects openLTE - confirming its applicability to telecom robustness.
Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE) , 2021. p. 295-300
Series
International Conference on Wireless and Mobile Computing, Networking and Communications, ISSN 2161-9646
Keywords [en]
4G, 5G, ASN.1, Fuzzing, NAS, RRC, security, Cryptography, Mobile security, Control protocols, Message format, Radio resource control, Telecom, 5G mobile communication systems
National Category
Telecommunications Reliability and Maintenance
Identifiers
URN: urn:nbn:se:kth:diva-316407DOI: 10.1109/WiMob52687.2021.9606317ISI: 000865463000049Scopus ID: 2-s2.0-85123015796OAI: oai:DiVA.org:kth-316407DiVA, id: diva2:1687794
Conference
17th International Conference on Wireless and Mobile Computing, Networking and Communications, WiMob 2021, Virtual/Online, 11-13 October 2021
Note
Part of proceedings: ISBN 978-1-6654-2854-5
QC 20220816
2022-08-162022-08-162022-11-04Bibliographically approved