The number of mobile devices communicating through cellular networks is expected to reach 17.72 billion by 2024. Despite this, 3GPP standards only provide positive testing specifications (through conformance test suites) that mostly check if valid messages are correctly handled. This talk summarizes our effort to test the security of both cellular modems and networks automatically. I first introduce LTEFuzz, the first systematic framework to dynamically test if cellular modems and networks can correctly handle packets that should be dropped according to the standard. I then introduce BaseSpec, which performs a comparative static analysis of baseband binary and cellular specification. I will conclude my talk with future directions for automatic testing.
Yongdae Kim is a Professor in the Department of Electrical Engineering, an affiliate professor in the Graduate School of Information Security. He received PhD degree from the computer science department at the University of Southern California. Between 2002 and 2012, he was an associate/assistant professor in the Department of Computer Science and Engineering at the University of Minnesota - Twin Cities. He served as a KAIST Chair Professor between 2013 and 2016, and received NSF career award and McKnight Land-Grant Professorship Award from University of Minnesota in 2005. His main research includes novel attacks on emerging technologies, such as drone/self-driving cars, 4G/5G cellular networks and Blockchain.