The attacks aren't alright: Large-Scale Simulation of Fake Base Station Attacks and Detections

Fake base stations are a well-known threat to pre-5G mobile networks and are one of the most common primitives for mobile attacks that are used in the real world. However, despite years of research we only have limited knowledge about their performance spectrum and how well detection mechanisms work in practice. Consequently, mobile network operators and vendors struggle to identify, implement, and deploy a practical solution in the form of detection mechanisms. For the first time, we systematically study fake base station attacks and their main influencing factors. We use a specification-conform simulation model that lets us analyze fake base station attacks on a large scale, and test detection mechanisms on the generated data. The simulation environment allows us to test diverse scenarios with a large measure of control and insight, while providing realism in the aspects that matter. We study detection mechanisms from academic work and ongoing 3GPP discussions. Our experiments reveal the influencing factors of the success of fake base station attacks and detection, and provides nuances for performance that is missing from existing work.