Modification of LTE Firmwares on Smartphones

• Main Author: Bruns, Carsten
• Format: Dissertation
• Language: en
• Published: 2021
• Online Access: https://tuprints.ulb.tu-darmstadt.de/17397/1/thesis_modifications_lte_firmware.pdf; Bruns, Carsten <http://tuprints.ulb.tu-darmstadt.de/view/person/Bruns=3ACarsten=3A=3A.html> (2021): Modification of LTE Firmwares on Smartphones. (Publisher's Version)Darmstadt, Technische Universität, DOI: 10.26083/tuprints-00017397 <https://doi.org/10.26083/tuprints-00017397>, [Master Thesis]

Every mobile phone contains a modem subsystem responsible for communication with mobile networks. In contrast to the well known main system of smartphones, running for example an Android operating system, the modem hardware details and its software are secrets of the manufacturer, leaving the modem as a black box to us. Hence, this work analyzes recent Qualcomm modems supporting the latest deployed communication standard LTE. We then use the gained knowledge to implement a patching framework allowing easy modification of the modem’s firmware binary in a high level programming language. To demonstrate its usability, we realize applications ranging from debugging tools up to LTE MAC layer sniffing, security key extraction and access to channel estimates of the physical layer. These also show that malicious code in the modem subsystem imposes a severe and realistic threat. Furthermore, this work opens the modem as a research platform for recent mobile network technologies, removing the need for expensive special equipment in many research projects.