NDSS 2025 – Detecting IMSI-Catchers By Characterizing Identity Exposing Messages In Cellular Traffic
None
<p>SESSION<br> Session 3B: Wireless, Cellular & Satellite Security</p><p></p><center data-preserve-html-node="true"><br> <center data-preserve-html-node="true">———–<br> <center data-preserve-html-node="true"><div class="code-block code-block-13" style="margin: 8px 0; clear: both;"> <style> .ai-rotate {position: relative;} .ai-rotate-hidden {visibility: hidden;} .ai-rotate-hidden-2 {position: absolute; top: 0; left: 0; width: 100%; height: 100%;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback, .ai-list-block, .ai-list-block-ip, .ai-list-block-filter {visibility: hidden; position: absolute; width: 50%; height: 1px; top: -1000px; z-index: -9999; margin: 0px!important;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback {min-width: 1px;} </style> <div class="ai-rotate ai-unprocessed ai-timed-rotation ai-13-1" data-info="WyIxMy0xIiwxXQ==" style="position: relative;"> <div class="ai-rotate-option" style="visibility: hidden;" data-index="1" data-name="U2hvcnQ=" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://www.techstrongevents.com/cruisecon-virtual-west-2025/home?ref=in-article-ad-2&utm_source=sb&utm_medium=referral&utm_campaign=in-article-ad-2" target="_blank"><img src="https://securityboulevard.com/wp-content/uploads/2025/10/Banner-770x330-social-1.png" alt="Cruise Con 2025"></a></div> <div class="clear-custom-ad"></div> </div></div> </div> </div> <p></p><center data-preserve-html-node="true"><iframe allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen="" src="https://www.youtube-nocookie.com/embed/BJryLUsa0zU?si=g10rU1RD2JPe2Ivu" width="560" frameborder="0" data-preserve-html-node="true" title="YouTube video player" height="315"></iframe> <p></p><center data-preserve-html-node="true"><br> <center data-preserve-html-node="true">———–<br> <center data-preserve-html-node="true"> <p></p><center data-preserve-html-node="true">Authors, Creators & Presenters: Jiska Classen (Hasso Plattner Institute, University of Potsdam), Alexander Heinrich (TU Darmstadt, Germany), Fabian Portner (TU Darmstadt, Germany), Felix Rohrbach (TU Darmstadt, Germany), Matthias Hollick (TU Darmstadt, Germany) <p></p><center data-preserve-html-node="true"><br> <center data-preserve-html-node="true">———–<br> <center data-preserve-html-node="true"> <p></p><center data-preserve-html-node="true">PAPER <p></p><center data-preserve-html-node="true"><br> <center data-preserve-html-node="true">———–<br> <center data-preserve-html-node="true"> <p></p><center data-preserve-html-node="true">Starshields for iOS: Navigating the Security Cosmos in Satellite Communication <p></p><center data-preserve-html-node="true"><br> <center data-preserve-html-node="true">———–<br> <center data-preserve-html-node="true"> <p></p><center data-preserve-html-node="true">Apple has integrated satellite communication into their latest iPhones, enabling emergency communication, road- side assistance, location sharing with friends, iMessage, and SMS. This technology allows communication when other wireless services are unavailable. However, the use of satellites poses restrictions on bandwidth and delay, making it difficult to use modern communication protocols with their security and privacy guarantees. To overcome these challenges, Apple designed and implemented a proprietary satellite communication protocol to address these limitations. We are the first to successfully reverse-engineer this protocol and analyze its security and privacy properties. In addition, we develop a simulation-based testbed for testing emergency services without causing emergency calls. Our tests reveal protocol and infrastructure design issues. For example, compact protocol messages come at the cost of missing integrity protection and require an internet-based setup phase. We further demonstrate various restriction bypasses, such as misusing location sharing to send arbitrary text messages on old iOS versions, and sending iMessages over satellite from region-locked countries. These bypasses allow us to overcome censorship and operator control of text messaging services. <p></p><center data-preserve-html-node="true"><br> <center data-preserve-html-node="true">———–<br> <center data-preserve-html-node="true"> <p></p><center data-preserve-html-node="true">ABOUT NDSS<br> <center data-preserve-html-node="true">The Network and Distributed System Security Symposium (NDSS) fosters information exchange among researchers and practitioners of network and distributed system security. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation. A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technologies. <p></p><center data-preserve-html-node="true"><br> <center data-preserve-html-node="true">———–<br> <center data-preserve-html-node="true"> <p></p><center data-preserve-html-node="true">Our thanks to the **[Network and Distributed System Security (NDSS) Symposium][1]** for publishing their Creators, Authors and Presenter’s superb **[NDSS Symposium 2025 Conference][2]** content on the **[organization’s’][1]** **[YouTube][3]** channel. <p></p></center></center></center></center></center></center></center></center></center></center></center></center></center></center></center></center></center></center></center></center></center></center></center></center></center></center></center></center></center><p><a href="https://www.infosecurity.us/blog/2025/11/18/ndss-2025-detecting-imsi-catchers-by-characterizing-identity-exposing-messages-in-cellular-traffic-cSoQS">Permalink</a></p><p> </p><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2025/11/ndss-2025-detecting-imsi-catchers-by-characterizing-identity-exposing-messages-in-cellular-traffic-2/" data-a2a-title="NDSS 2025 – Detecting IMSI-Catchers By Characterizing Identity Exposing Messages In Cellular Traffic"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F11%2Fndss-2025-detecting-imsi-catchers-by-characterizing-identity-exposing-messages-in-cellular-traffic-2%2F&linkname=NDSS%202025%20%E2%80%93%20Detecting%20IMSI-Catchers%20By%20Characterizing%20Identity%20Exposing%20Messages%20In%20Cellular%20Traffic" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F11%2Fndss-2025-detecting-imsi-catchers-by-characterizing-identity-exposing-messages-in-cellular-traffic-2%2F&linkname=NDSS%202025%20%E2%80%93%20Detecting%20IMSI-Catchers%20By%20Characterizing%20Identity%20Exposing%20Messages%20In%20Cellular%20Traffic" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F11%2Fndss-2025-detecting-imsi-catchers-by-characterizing-identity-exposing-messages-in-cellular-traffic-2%2F&linkname=NDSS%202025%20%E2%80%93%20Detecting%20IMSI-Catchers%20By%20Characterizing%20Identity%20Exposing%20Messages%20In%20Cellular%20Traffic" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F11%2Fndss-2025-detecting-imsi-catchers-by-characterizing-identity-exposing-messages-in-cellular-traffic-2%2F&linkname=NDSS%202025%20%E2%80%93%20Detecting%20IMSI-Catchers%20By%20Characterizing%20Identity%20Exposing%20Messages%20In%20Cellular%20Traffic" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F11%2Fndss-2025-detecting-imsi-catchers-by-characterizing-identity-exposing-messages-in-cellular-traffic-2%2F&linkname=NDSS%202025%20%E2%80%93%20Detecting%20IMSI-Catchers%20By%20Characterizing%20Identity%20Exposing%20Messages%20In%20Cellular%20Traffic" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://www.infosecurity.us/">Infosecurity.US</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Marc Handelman">Marc Handelman</a>. Read the original post at: <a href="https://www.youtube-nocookie.com/embed/BJryLUsa0zU?si=g10rU1RD2JPe2Ivu">https://www.youtube-nocookie.com/embed/BJryLUsa0zU?si=g10rU1RD2JPe2Ivu</a> </p>