Patrick Traynor, Ph.D., the John H. and Mary Lou Dasburg Preeminent Chair in Engineering, was recently awarded a $1.7 million grant from the Department of Homeland Security (DHS) Science and Technology Directorate. The research and development project, titled “Deploying Defenses for Cellular Networks Using the AWARE Testbed,” will focus on securing mobile networks.
Dr. Traynor is also the associate chair for research in the Department of Computer & Information Science & Engineering (CISE). The project’s co-PI is Kevin R. B. Butler, Ph.D., a CISE associate professor and the holder of the Arnold and Lisa Goldberg Rising Star Professorship in Computer Science. Dr. Butler is also the associate director of the Florida Institute of Cybersecurity (FICS) Research.
Together with their team, they will develop testbed prototype solutions for 4G Long Term Evolution (LTE)-capable calling devices with a secure distance bounding protocol and fuzzing infrastructure optimized for core LTE protocols. Distance bounding is the process of measuring the distance between two devices. Secure distance bounding prevents someone in the middle from responding early.
“Adversaries are launching attacks on phone networks that redirect calls so that they pass through network points they control,” Dr. Traynor said. “If we can detect this redirection, that the distance between calls is much further than it should be, we can alert against this kind of attack.”
“Fuzzing” is a security term that loosely means injecting random inputs into a program. This is done to test unexpected conditions, which is a good way to determine whether the software is vulnerable.
Telephony systems represent the most ubiquitous and trusted communications infrastructure in the world. In both the developed and developing worlds, these networks offer reliable audio connections that allow their subscribers to chat with distant family members, perform important business transactions and even exchange highly sensitive information.
“Said plainly, these systems represent the most reliable, most widely available pieces of critical infrastructure ever built,” Dr. Traynor said. “Securing this infrastructure represents a significant challenge. “
The goal of the proposed work is to substantially improve the security of legacy and future cellular systems, specifically with regard to the interception of messages and tracking of users by hostile third parties, such as foreign intelligence.
“We hope to create techniques that can make current and future cellular networks more secure for their users,” Dr. Traynor said.
The DHS Science and Technology Directorate (S&T) and the Cybersecurity and Infrastructure Security Agency (CISA) jointly announced the inaugural research and development (R&D) awards for the newly launched Secure and Resilient Mobile Network Infrastructure (SRMNI) project.
Managed by S&T’s Mobile Security R&D Program, the project addresses CISA’s top priorities: securing the mobile supply chain as well as critical mobile network infrastructure, including the newly launched 5G mobile network.
This initial round of seven awards from DHS is focused on developing protections for legacy cellular networks—2G, 3G and 4G, building security into the newly launched 5G network, and developing end-to-end protection of network traffic, including a standardized secure voice capability for unclassified government communications.
Allison Logan
Marketing & Communications Specialist
Herbert Wertheim College of Engineering