Ever since the public revelation of global surveillance and the exploits targeting the mobile communication backened, the general awareness of user privacy in telecommunication industry has increased. Misusing the technical features of mobile core network technology-specifically the Signalling System 7 (SS7) has disclosed numerous ways to locate the mobile users, intercept the voice calls or text messages. These events had lead the mobile network operator to focus more on protecting the privacy of user meta-data and signalling communication. With relatively more security and privacy features, Diameter protocol-the successor of SS7 in Long Term Evolution (LTE) networks is believed to guarantee more protection to end-users. In this paper, we argue that the default considerations of Diameter are not sufficient enough to offer privacy to the mobile user, particularly when it comes to location tracking. We will discuss the possibilities of persistence of location tracking attacks from SS7 to Diameter. We also recommend the mobile network operators to review their security mechanisms based on the countermeasures that we present. In short, this paper provides a comprehensive overview of Diameter protocol to claim – Without the appropriate measures, the Diameter-based LTE networks are as vulnerable as SS7-based GSM networks atleast in terms of location tracking.
Siddhart Prakash Rao (Aalto University), Bhanu Theja Kotte (KTH Royal Institute of Technology), Silke Holtmanns (Nokia): Privacy in LTE networks
Presented at the 9th EAI International Conference on Mobile Multimedia Communication