Abstract: Certain aspects of the present disclosure provide a method of wireless communications at a user equipment (UE), generally including detecting, within a period, a number of indications for modification to system information from a cell and performing one or more actions, after the detection, to prevent the UE from attempting to access the cell.

Abstract: Various embodiments may include methods and systems for avoiding connecting an illegitimate call within a telecommunications network. Various embodiments may include receiving, from a telecommunications network, an incoming call initiating message notifying the first wireless device of an incoming call, in which the incoming call initiating message includes caller information.

Abstract: Various embodiments include methods, components and wireless devices configured to identify illegitimate base station. The processor of the wireless device may determine that a device in communication with the wireless device is a suspect base station. The processor may send a fabricated message to the device, and may receive one or more response messages from the device. The processor may determine whether one or more of the response messages received from the device is an appropriate response or an inappropriate response to the fabricated message. In response to determining that a response message is an inappropriate response, the processor may determine that the device is an illegitimate base station. In response to determining that the device is an illegitimate base station, the wireless device may perform a protective action.

Abstract: Methods for detecting and preventing an adversarial network entity (e.g., fake base stations, etc.) from tracking a wireless device's location. A wireless device may be equipped with a random value (RAND) database or cache memory RAND values previously received by the wireless device. In response to receiving an authentication request message from a network component, performing AKA procedures and determining that the authentication failed, the wireless device may compare the RAND value included in the received authentication request message to RAND values stored in secure storage memory. The wireless device may generate an authentication response message that includes an error code that is different than standard error code used so that the target wireless device can't be differentiated from other wireless devices thereby preventing tracking in response to determining that the RAND value included in the received authentication request message is included in the RAND secure storage memory.

Abstract: In various embodiments, a wireless device processor may determine a threat score for a first cell, determine whether the first cell threat score is below a first threat score threshold, update a good neighbor cell data structure using neighbor cell information from the first cell in response to determining that the first cell threat score is below the first threat score threshold, performing cell reselection to a second cell, determine whether the second cell transmits a system information block message indicating fake neighbor cell information, and increase a threat score for the second cell in response to determining that the second cell provides the SIB message indicating fake neighbor cell information and that a good neighbor cell data structure includes an indication of one or more good neighbor cells that are within the time threshold and the location threshold and doing countermeasures in a response to the determination.

Abstract: Various embodiments include methods, components and wireless devices configured to identify illegitimate base station. The processor of the wireless device may determine that a device in communication with the wireless device is a suspect base station. The processor may send a fabricated message to the device, and may receive one or more response messages from the device. The processor may determine whether one or more of the response messages received from the device is an appropriate response or an inappropriate response to the fabricated message. In response to determining that a response message is an inappropriate response, the processor may determine that the device is an illegitimate base station. In response to determining that the device is an illegitimate base station, the wireless device may perform a protective action.

Abstract: Methods for detecting and preventing an adversarial network entity (e.g., fake base stations, etc.) from tracking a wireless device's location. A wireless device may be equipped with a random value (RAND) database or cache memory RAND values previously received by the wireless device. In response to receiving an authentication request message from a network component, performing AKA procedures and determining that the authentication failed, the wireless device may compare the RAND value included in the received authentication request message to RAND values stored in secure storage memory. The wireless device may generate an authentication response message that includes an error code that is different than standard error code used so that the target wireless device can't be differentiated from other wireless devices thereby preventing tracking in response to determining that the RAND value included in the received authentication request message is included in the RAND secure storage memory.

Abstract: Methods for detecting and responding to unauthorized alert messages. In an example embodiment, a wireless device may detect a first system information block (SIB1) broadcast from a base station that includes an alert message flag that indicates that an emergency alert message is scheduled for broadcast in another system information block (e.g., in one of SIBs 10-14, etc.). The wireless device may detect an unauthorized alert based on inconsistent inputs from various base stations, and the server may detect fake or unauthorized base stations or detect unauthorized alerts based on inconsistent inputs from various UEs about same Cell ID, or same PLMN and geolocation, etc.

Abstract: A method of detecting compromised message information includes: wirelessly receiving, at a mobile wireless communication device, present unprotected information and present protected information; retrieving previous unprotected information, corresponding to the present unprotected information, and previous protected information, corresponding to the present protected information, from a memory of the mobile wireless communication device; comparing the present unprotected information to the previous unprotected information to determine that an unprotected information change has occurred; comparing the present protected information to the previous protected information to determine whether a protected information change has occurred; and determining that the present unprotected information is valid in response to the protected information change having occurred and being consistent with the unprotected information change, or that the present unprotected information is invalid otherwise.

Abstract: Embodiments include systems and methods for managing tune-aways in a multi-subscription multi-standby communication device. A device processor may determine whether the multi-subscription multi-standby communication device is conducting an active communication session on a first network. The device processor may determine whether broadcast channel data is received over a broadcast channel of a second network in response to determining the multi-subscription device is conducting the active communication session on the first network. The device processor may calculate a periodicity of the broadcast over the broadcast channel in response to determining that the broadcast channel data is received over the broadcast channel. The device processor may schedule one or more tune-aways to the broadcast channel based on the calculated periodicity of the broadcast of the broadcast, and the device processor may perform the one or more tune-aways from the first network to the broadcast channel of the second network.

Abstract: Embodiments include systems and methods for managing tune-aways in a multi-subscription multi-standby communication device. A device processor may determine whether the multi-subscription multi-standby communication device is conducting an active communication session on a first network. The device processor may determine whether broadcast channel data is received over a broadcast channel of a second network in response to determining the multi-subscription device is conducting the active communication session on the first network. The device processor may calculate a periodicity of the broadcast over the broadcast channel in response to determining that the broadcast channel data is received over the broadcast channel. The device processor may schedule one or more tune-aways to the broadcast channel based on the calculated periodicity of the broadcast of the broadcast, and the device processor may perform the one or more tune-aways from the first network to the broadcast channel of the second network.