- simple imsi-catcher link pdf
- denied of service and bidding down attack (bda)
- redirection (openlte, srslte, openairinterface)
- fake alert, cmas, cbc, fake president (conference of Prof Yongdae kim)
- Overshadowing/sigover adaptor
- battery drain attack
- fingerprinting
- protocol fuzzing
- LTE fuuzzing
- Advanced attack fork mgp25 for all attack_lte with openlte (akabypass, attach_reject, dos_tau_reject_dualcause, dos_tau_reject, malformed_detach, numb_attack, service_reject_on_tau, tau_numb_attack) link pdf
- null ciphering
- imp4GT
- aLTEr attack
- femtocell and diameter problem