SPARROW: A Novel Covert Communication Scheme Exploiting Broadcast Signals in LTE, 5G & Beyond

This work proposes a novel framework to identify and exploit vulnerable MAC layer procedures in commercial wireless technologies for covert communication. Examples of covert communication include data exfiltration, remote command-and-control (CnC) and espionage. In this framework, the SPARROW schemes use the broadcast power of incumbent wireless networks to covertly relay messages across a long distance without connecting to them. This enables the SPARROW schemes to bypass all security and lawful-intercept systems and gain ample advantage over existing covert techniques in terms of maximum anonymity, more miles per Watts and less hardware. The SPARROW schemes can also serve as an efficient solution for long-range M2M applications. This paper details one recently disclosed vulnerability (CVD-2021-0045 in GSMA coordinated vulnerability disclosure program) in the common random-access procedure in the LTE and 5G standards This work also proposes a rigorous remediation for similar access procedures in current and future standards that disrupts the most sophisticated SPARROW schemes with minimal impact on other users.