Modern cell phones are vulnerable to attacks from rogue cellular transmitters called IMSI-catchers — surveillance devices that can precisely locate mobile phones, eavesdrop on conversations or send spam.
Recent leaks and public records requests have revealed that law enforcement in many U.S. cities have used the surveillance devices to locate suspects or hunt for illegal activity. But despite extensive public debate about their use and privacy implications, little is known about how comprehensively International Mobile Subscriber Identity- (IMSI) catchers — also known as cell-site simulators or Stingrays — are being used by governments, hackers or criminals in any given city.
University of Washington security researchers have developed a new system called SeaGlass to detect anomalies in the cellular landscape that can indicate where and when these surveillance devices are being used. The new system is described in a paper to be published in June 2017 in Proceedings on Privacy Enhancing Technologies.
“Up until now the use of IMSI-catchers around the world has been shrouded in mystery, and this lack of concrete information is a barrier to informed public discussion,” said co-lead author Peter Ney, a doctoral student at the Allen School of Computer Science & Engineering at the UW. “Having additional, independent and credible sources of information on cell-site simulators is critical to understanding how — and how responsibly — they are being used.”
During a two-month deployment in which SeaGlass sensors were installed in 15 ridesharing vehicles in Seattle and Milwaukee, researchers identified dozens of anomalies that were consistent with patterns one might expect from cell-site simulators.
However, researchers cautioned, without corroborating evidence from public records requests or other documentation about where cell-site simulators are being used — or suspicious activity seen over a longer period of time — they cannot definitively say the signals came from IMSI-catchers.
“In this space there’s a lot of speculation, so we want to be careful about our conclusions. We did find weird and interesting patterns at certain locations that match what we would expect to see from a cell-site simulator, but that’s as much as we can say from an initial pilot study,” co-lead author Ian Smith, a former Allen School research scientist. “But we think that SeaGlass is a promising technology that — with wider deployment — can be used to help empower citizens and communities to monitor this type of surveillance.”
Cell-site simulators work by pretending to be a legitimate cell tower that a phone would normally communicate with, and tricking the phone into sending back identifying information about its location and how it is communicating. The portable surveillance devices now range in size from a walkie-talkie to a suitcase, and in price from several thousand to hundreds of thousands of dollars.
Law enforcement teams in the U.S. have used the technology to locate people of interest, to find equipment used in the commission of crimes and even to collect massive amounts of cell phone data from airplanes. Even less is known about how spies or cyber criminals are deploying them worldwide, especially as models become more affordable or able to be built in a hacker’s garage.
SeaGlass sensors are made with off-the-shelf parts that are packed into a box and installed in a vehicle’s trunk, with antennas placed on or near windows.
To catch these IMSI-catchers in the act, SeaGlass uses sensors built from off-the-shelf parts that can be installed in vehicles — ideally ones that drive long hours and to many parts of a city, such as ridesharing vehicles or other fleets. The sensors pick up signals broadcast from the existing cell tower network, which remain fairly constant. Then SeaGlass aggregates that data over time to create a baseline map of “normal” cell tower behavior.
The team from the UW Security and Privacy Research Lab developed algorithms and other methods to detect irregularities in the cellular network that can expose the presence of a simulator. These include a strong signal in an odd spot or at an odd frequency that has never been there before, “temporary” towers that disappear after a short time and signal configurations that are different from what a carrier would normally transmit.
Allen School doctoral student and co-author Gabriel Cadamuro built statistical models to help find anomalies in the data. The team’s survey approach differs from existing apps that attempt to detect attacks from a cell-site simulator on an individual’s phone.
“We’re looking at the whole cellular landscape and pinpointing discrepancies in data, while the apps for the most part are guessing at how a cell-site simulator would act with a phone,” said Ney.
Co-author and Allen School professor Tadayoshi Kohno added, “We’ve demonstrated that SeaGlass is effective in detecting these irregularities and narrowing the universe of things people might want to investigate further.”
For instance, around an immigration services building south of Seattle run by the U.S. Department of Homeland Security, SeaGlass detected a cell tower that transmitted on six different frequencies over the two-month period. That was notable because 96 percent of all other base cell towers broadcast on a single channel, and the other 4 percent only used two or three channels.
The team also detected an odd signal near the Seattle-Tacoma International airport with suspicious properties that were markedly different from those normally used by network providers.
Those patterns would make sense if a mimicking cell-site simulator were operating in those areas, the researchers said, but further investigation would be necessary to definitively reach that conclusion.
“This issue is bigger than one team of researchers,” said Smith. “We’re eager to push this out into the community and find partners who can crowdsource.
The Latest Bing News on:
Cell phone surveillance
- Delhi Man Arrested For Posing As Cop, Stealing Mobile Phoneon June 20, 2021 at 3:02 am
A 40-year-old man was arrested for allegedly impersonating a police officer and stealing a mobile phone in southeast Delhi's Sarita Vihar, police said on Sunday.
- Delhi man arrested for posing as police officer, stealing mobile phoneon June 20, 2021 at 12:35 am
When a sanitation worker reached near A block park in Sarita Vihar on his bicycle, he was stopped by the accused, identified as Kamlesh, who posed as a police official.
- Bipartisan bill offered to limit use of ‘stingray’ cell tower simulators by policeon June 18, 2021 at 11:07 am
Bipartisan legislation proposed in both houses of Congress would require local, state and federal law enforcement agencies to get a warrant to use so-called “stingray” devices that suck up cellphone ...
- US lawmakers want to restrict police use of 'Stingray' cell tower simulatorson June 17, 2021 at 9:45 am
Law enforcement agencies in the US currently do not require a warrant to use the technology. The Cell-Site Simulator Act of 2021 seeks to change that.
- Cambridge Mobile Telematics Expands Its Empire of Smartphone Driver Surveillanceon June 17, 2021 at 3:45 am
Cambridge Mobile Telematics, which helps insurers monitor drivers via smartphone, has agreed to buy TrueMotion, a cross-town Boston rival, for an undisclosed sum. Both companies have shot to the front ...
- Mobile Phone Antenna Market Size Report 2021 Global Industry Analysis by Trends, Revenue, Share, Revenue and Forecast to 2025on June 16, 2021 at 3:22 am
Jun 16, 2021 (The Expresswire) -- "Final Report will add the analysis of the impact of COVID-19 on this industry" “Mobile Phone Antenna Market” ...
- My phone scared me into changing my passwordson June 15, 2021 at 7:38 am
A mobile alert on my phone pointed out that some of my passwords had been compromised. I'm glad a took heed of the warnings.
- Spy countermeasures WERE behind mystery phone jamming at the G7: White House admits sessions on China took place in a 'more secure format' after first blaming spotty cell ...on June 14, 2021 at 4:12 am
The White House has acknowledged there was a 'more secure format' put in place for some G7 meetings, after reporters noticed Internet and cell service went out for periods of time.
- Why is TheWiSpy The Best Android Spy App? Let’s Discusson June 13, 2021 at 8:37 am
Here, we are going to mention one solution to all internet problems; and that is TheWiSpy app. Do you know about android spy app? No? Continue reading this article to discover more about cell phone ...
- Bangladesh Says it is Buying Mobile Phone Interceptor to Boost National Securityon June 10, 2021 at 2:42 pm
Bangladesh’s cabinet approved the purchase of a U.S. $8 million device to listen in on mobile-phone conversations and read text messages, officials said this week, touting it as needed for national ...
The Latest Google Headlines on:
Cell phone surveillance
The Latest Bing News on:
- Health Surveillance Systems Market Focusing on Companies, Development, Trends, Countries, & Forecast 2028on June 20, 2021 at 11:25 am
Databridgemarketresearch.com announces the release of the report “Health Surveillance Systems Market” Size, Share & Trends Analysis Report By 2028. Market research report proves to be an ideal ...
- U.S. Ban on Chinese Spy Cameras Will Ultimately Backfireon June 18, 2021 at 11:00 am
Mainland companies aren’t standing still. They’re developing even more futuristic technologies that will leave American competitors scrambling.
- Sidewalk: The Next Frontier Of Amazon’s Surveillance Infrastructureon June 18, 2021 at 10:47 am
Amazon has doubled down on its private surveillance infrastructure by activating Sidewalk, a private network to connect Amazon’s servers with smart home devices and gadgets sold by Amazon and its ...
- New Orleans Invests $70M in Police Surveillance Camerason June 18, 2021 at 10:14 am
Dozens of additional crime cameras will be installed in New Orleans later this year in an effort to help police catch violent offenders and illegal dumpers, the City Council decided Thursday.
- FCC proposes more restrictions on Huawei, ZTE equipmenton June 18, 2021 at 10:11 am
The Federal Communications Commission proposed on Thursday to further limit purchases of equipment from Huawei, ZTE and other Chinese companies deemed a risk to national security. It's the latest move ...
- FCC proposes ban on Chinese surveillance cameras, other productson June 17, 2021 at 2:47 pm
The FCC said it also may revoke its previous authorization for equipment from the companies, a step that could force schools and other US customers to replace the camera systems.
- FCC votes to advance proposed ban on Chinese telecom equipmenton June 17, 2021 at 1:34 pm
The Federal Communications Commission (FCC) voted unanimously Thursday to explore a proposal that would ban U.S.
- Wyden, Lieu, Daines and McClintock Introduce Bipartisan Legislation to Require Warrants for Government Use of “Stingray” Phone Surveillanceon June 17, 2021 at 1:05 pm
Ore., and Rep. Ted Lieu, D-Calif., with Sen. Steve Daines, R-Mont., and Rep. Tom McClintock, R-Calif., introduced legislation today to defend Americans’ rights by requiring the government to get a ...
- Chinese Surveillance Cameras Targeted by FCC on Security Worrieson June 16, 2021 at 6:43 pm
U.S. regulators are poised to ban products from Huawei Technologies Co. and four other Chinese electronics companies, including surveillance cameras widely used by American schools but linked to ...
- Hackers can spy on Peloton bike and treadmill userson June 16, 2021 at 1:28 pm
Peloton says it has fixed a security flaw in the fitness equipment maker's stationary bike and treadmill products that potentially allowed hackers to spy on users and even control their exercise ...