VoWi-Fi security threats: Address resolution protocol attack and countermeasures

作     者：Lu, Kuan-Chu Liu, I.-Hsien Chang, Keng-Hao Li, Jung-Shian 

作者机构：Department of Electrical Engineering Institute of Computer and Communication Engineering National Cheng Kung University Tainan Taiwan 

出 版 物：《IET Networks》 (IET Netw.)

年 卷 期：2024年第13卷第2期

页      面：129-146页

核心收录：

学科分类：0810[工学-信息与通信工程] 0808[工学-电气工程] 08[工学] 0835[工学-软件工程] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

基　　金：This study was supported by the National Science and Technology Council in Taiwan under contract numbers NSTC 111‐2218‐E‐006‐010‐MBK  111‐2218‐E‐006‐079‐  and 112‐2634‐F‐006‐001‐MBK 

主　　题：Wi Fi 

摘      要：B5G/6G networks are facing challenges in the deployment of additional base stations. However, Taiwan s four major operators have launched VoWi-Fi calling services to maintain signal quality and coverage for customers. These services pose potential threats when users connect to untrusted Wi-Fi networks. Therefore, the authors utilised commercial equipment to study the security of VoWi-Fi calling services offered by Taiwan s four major telecom companies. The authors employed address resolution protocol attack methods to develop two verification attacks that bypass existing security measures: one for dropping session initiation protocol packets and the other for dropping voice call packets, both capable of circumventing current security defences. Through real-world experiments, the authors confirmed their feasibility and assessed their potential harm. Consequently, two defence methods are proposed. The first is an anti-attack algorithm for app and device manufacturers to detect the security of the user s calling environment. The second is a recommendation for telecom operators to implement new detection mechanisms to safeguard user rights. The cover image is based on the Case Study VoWi-Fi security threats: Address resolution protocol attack and countermeasures by Kuan-Chu Lu et al., https://***/10.1049/ntw2.12113. © 2024 The Authors. IET Networks published by John Wiley & Sons Ltd on behalf of The Institution of Engineering and Technology.