Lukas Arnold, Master Student in Computer Science at TU Darmstadt and former student of Dr.-Ing. Jiska Classen, presented his research about “Trace the Base: Unraveling the iPhone’s Baseband Architecture to Defend Against Cellular Attacks” at the Objective by the Sea conference in Hawaii, USA.
Lukas:
"Somehow, your iPhone downgraded its cellular connection from 5G to 2G for a split second, even though you weren’t moving … Wired, was this some kind of bug? … Or did something else happen? We had the same question but found that iOS does not include system-wide protections against cellular attacks, so we developed our own: CellGuard works on all iPhones and analyzes baseband data to detect possible attacks on your phone and privacy.
The iPhone’s baseband is a crucial but little-researched component that enables the phone to communicate with the cellular network. We’ve worked on reverse-engineering the iOS baseband architecture, including its proprietary protocols and hidden interfaces, to gain access to otherwise obfuscated information. Our BaseTrace tooling enables us to decode the communication between iOS and Qualcomm basebands, extract over-the-air DIAG data, and hook into Apple’s Wireless Diagnostics interface.
CellGuard attempts to detect possible threats based on cell parameters and Apple Location Service, a database enabling the fast and battery-preserving positioning of Apple devices. Users can report anomalous activity by opting into a large-scale study and thus, help to further enhance our detection algorithms. We present the preliminary results of this study."
see the talk here
see the slides here