Byeongdo Hong (The Affiliated Institute of ETRI), Gunwoo Yoon (The Affiliated Institute of ETRI)

LTE networks employ Globally Unique Temporary Identifiers (GUTIs) to shield subscribers from permanent International Mobile Subscriber Identity (IMSI) exposure, yet we show that these identifiers can be resolved and linked to specific devices through passive observation without prior knowledge of targets. We correlate time-stamped visual observations of device use with over-the-air control-plane messages captured using commodity Software-Defined Radios (SDRs). A Finite-State-Machine (FSM) algorithm processes the synchronized streams to resolve each device's GUTI within the camera's Field of View (FoV), requiring as few as three observed user interactions when the corresponding control-plane messages are captured.

Field experiments across multiple commercial Long-Term Evolution (LTE) networks validate multi-target resolution: In some deployments, we observed GUTIs persisting for up to 33 days, with reassignment behaviors that were often linkable. Once linked, these long-lived identifiers enable hierarchical location tracking—from cell to paging-area scale—by passively monitoring paging and Radio Resource Control (RRC) messages. Unlike active IMSI catchers or prior GUTI attacks that require pre-existing identifiers (e.g., phone numbers) and active probing, our approach is listen-only and scales to multiple devices within view.

View More Papers

Fuzzilicon: A Post-Silicon Microcode-Guided x86 CPU Fuzzer

Johannes Lenzen (Technical University of Darmstadt), Mohamadreza Rostami (Technical University of Darmstadt), Lichao Wu (Technical University of Darmstadt), Ahmad-Reza Sadeghi (Technical University of Darmstadt)

Read More

Beyond Raw Bytes: Towards Large Malware Language Models

Luke Kurlandski (Rochester Institute of Technology, Rochester New York USA), Harel Berger (Ariel University, Israel), Yin Pan (Rochester Institute of Technology, Rochester New York USA), Matthew Wright (Rochester Institute of Technology, Rochester New York USA)

Read More

Phishing in Wonderland: Evaluating Learning-Based Ethereum Phishing Transaction Detection...

Ahod Alghuried (University of Central Florida), David Mohaisen (University of Central Florida)

Read More