skip to main content


Search for: All records

Creators/Authors contains: "Shi, Jingwen"

Note: When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher. Some full text articles may not yet be available without a charge during the embargo (administrative interval).
What is a DOI Number?

Some links on this page may take you to non-federal websites. Their policies may differ from this site.

  1. Free, publicly-accessible full text available May 29, 2025
  2. Free, publicly-accessible full text available January 1, 2025
  3. The cellular network offers a ubiquitous emergency call service with its pervasive coverage. In the United States, it can be consumed by dialing 911 for cellular users, and the emergency call is forwarded to the public safety answer point (PSAP), which handles emergency service requests. According to regulatory authority requirements [1,2,3] for cellular emergency services, anonymous user equipment (UE) is allowed to access them without a SIM (Subscriber Identity Module) card, a valid mobile subscription, or a roaming agreement with the visited cellular network. Such support of the cellular emergency services requires different operations from conventional cellular services, thereby increasing the attack surface of the cellular infrastructure.

     
    more » « less
  4. Cellular networks that offer ubiquitous connectivity have been the major medium for delivering emergency services. In the U.S., mobile users can dial an emergency call with 911 for emergency uses in cellular networks, and the call can be forwarded to public safety answer points (PSAPs), which deal with emergency service requests. According to regulatory authority requirements for the cellular emergency services, anonymous user equipment (UE), which does not have a SIM (Subscriber Identity Module) card or a valid mobile subscription, is allowed to access them. Such support of emergency services for anonymous UEs requires different operations from conventional cellular services, and can therefore increase the attack surface of the cellular infrastructure. In this work, we are thus motivated to study the insecurity of the cellular emergency services and then discover four security vulnerabilities from them. Threateningly, they can be exploited to launch not only free data service attacks against cellular carriers, but also data DoS/overcharge and denial of cellular emergency service (DoCES) attacks against mobile users. All vulnerabilities and attacks have been validated experimentally as practical security issues in the networks of three major U.S. carriers. We finally propose and prototype standard-compliant remedies to mitigate the vulnerabilities. 
    more » « less