The Public Warning System (PWS) is an essential part of cellular networks and a country's civil protection. Warnings can notify users of hazardous events (e.g., floods, earthquakes) and crucial national matters that require immediate attention. PWS attacks disseminating fake warnings or concealing precarious events can have a serious impact, causing fraud, panic, physical harm, or unrest to users within an affected area. In this work, we conduct the first comprehensive investigation of PWS security in 5G networks. We demonstrate five practical attacks that may impact the security of 5G-based Commercial Mobile Alert System (CMAS) as well as Earthquake and Tsunami Warning System (ETWS) alerts. Additional to identifying the vulnerabilities, we investigate two PWS spoofing and three PWS suppression attacks, with or without a man-in-the-middle (MitM) attacker. We discover that MitM-based attacks have more severe impact than their non-MitM counterparts. Our PWS barring attack is an effective technique to eliminate legitimate warning messages. We perform a rigorous analysis of the roaming aspect of the PWS, incl. its potentially secure version, and report the implications of our attacks on other emergency features (e.g., 911 SIP calls). We discuss possible countermeasures and note that eradicating the attacks necessitates a scrupulous reevaluation of the PWS design and a secure implementation.
翻译:公共警报系统(PWS)是蜂窝网络和国家民事保护的重要组成部分。警告可以通知用户危险事件(例如洪水、地震)和需要立即注意的关键国家事项。PWS攻击散布假警告或隐瞒危险事件,可能会对受影响地区的用户产生严重影响,造成欺诈、恐慌、人身伤害或动乱。在这项工作中,我们对5G网络中的PWS安全进行第一次全面调查。我们展示了五种实际袭击,可能影响基于5G的商业移动警报系统以及地震和海啸警报系统的安全。除了查明脆弱性外,我们还调查了两次PWS的扑击和三次PWS的镇压攻击,无论是否有中层人物袭击者。我们发现,MTM攻击比非MM网络的对口单位影响更严重。我们的PWS禁止攻击是消除合法预警信息的有效技术。我们对PWS的漫游方面进行了严格分析,包括:我们对其脆弱性进行了两次PWSS的可能的恐吓和三次PWS的压制性攻击,我们讨论了PIS袭击的紧急性袭击的紧急性评估,以及S的紧急性袭击可能后果。