Abstract
IMSI catcher also knows as fake base station still prevail in 4G LTE networks and is a serious problem yet to be solved. Although tools such as cryptophone, etc are available in the market to combat IMSI catchers, they are considered very expensive. Instead, there are a few freely available tools to detect them, most of which are Android apps that warn users when they fall victim to a fake base station. In this talk, we evaluate the detection capabilities of popular Android apps by utilizing our custom-built White-Stingray tool. We demonstrate several 2G and 3G attacking techniques and show how an attacker can circumvent the detection methods adopted by these apps. Finally, we suggest best practices for a reliable IMSI catcher detection on mobile phones.