Web: http://arxiv.org/abs/2108.12161

Sept. 14, 2022, 1:20 a.m. | Reza Soosahabi (1 and 2), Magdy Bayoumi (2) ((1) Keysight Technologies Inc., (2) University of Louisiana at Lafayette)

cs.CR updates on arXiv.org arxiv.org

In this work, we propose a novel framework to identify and mitigate a
recently disclosed covert channel scheme exploiting unprotected broadcast
messages in cellular MAC layer protocols. Examples of covert channel are used
in data exfiltration, remote command-and-control (CnC) and espionage.
Responsibly disclosed to GSMA (CVD-2021-0045), the SPARROW covert channel
scheme exploits the downlink power of LTE/5G base-stations that broadcast
contention resolution identity (CRI) from any anonymous device according to the
3GPP standards. Thus, the SPARROW devices can covertly relay …

beyond channel covert covert channel exploitation mac

Chief Information Security Officer

@ Los Angeles Unified School District | Los Angeles

Cybersecurity Engineer

@ Apercen Partners LLC | Folsom, CA

IDM Sr. Security Developer

@ The Ohio State University | Columbus, OH, United States

IT Security Engineer

@ Stylitics | New York City

Information Security Engineer

@ VDA Labs | Remote

Sr. Malware Researcher - Windows Software Engineer

@ SentinelOne | Brno, South Moravian, Czech Republic

Senior Cyber Security Incident Response Analyst

@ ServiceNow | Dublin, Ireland

Staff, Privacy Compliance Monitoring

@ Coupang | Seoul, South Korea

VULNERABILITY MANAGER

@ Security Bank | Makati, Makati, Philippines

Cyber Security Analyst

@ Avery Dennison | Bengaluru/Remote, India

Security Incident Response Manager (Remote, Americas)

@ Shopify | Dallas, TX, United States

Sr. Compliance Specialist (Screening)

@ Coupang | Seoul, South Korea