How Voice Service Threatens Cellular-Connected IoT Devices in the Operational 4G LTE Networks

Abstract

LTE networks are rolling out cellular Internetof-Things (IoT) services. Cellular-connected IoT devices are becoming increasingly popular and the number is forecasted to grow almost fourfold from 2015 to 2021. Since they share the same infrastructure with non-IoT devices such as smartphones, we may expect no big differences between them in terms of voice/data service accounting/charging (e.g., paying for what you get) and security risks. However, our study shows that cellular IoT users may pay more than what they get, as well as are vulnerable to voice signaling spams and thus suffer from an overcharging attack which leads to financial loss or denial of service. We validate our proof-of-concept attack in a major U.S. cellular network operator which takes higher than 35% market share. We finally propose a solution to address the identified security vulnerabilities.