The lack of precise directives in 3GPP specifications allows mobile operators to configure and deploy security mechanisms at their sole discretion. This may lead to the adoption of bad security practices and insecure configurations. Based on this observation, this paper presents the design and implementation of a novel mobile application named (U)SimMonitor that captures and analyzes the security policy that a cellular operator enforces, i.e., the invocation and employment of the specified security measures to protect its users. (U)SimMonitor achieves this by executing AT commands to extract network related parameters including encryption keys, identities, and location of users. Using (U)SimMonitor as our basic analysis tool, we have conducted a set of experiments for three mobile operators in Greece in a time period of 9 months. The obtained results allow us to quantify, compare and evaluate their applied security as well as pinpoint a set of generic critical observations. Numerical results and security measurements show that mobile networks have poor security configurations and practices, exposing subscribers to several attacks. (C) 2016 Elsevier Ltd. All rights reserved.
