EMERGENCY CALLSMaking Emergency Calls More Secure

Published 27 April 2023

As the nation’s cellular networks and technological infrastructure advance, customers are treated to better coverage and faster service. On the flip side, these changes also can create new opportunities for cybercriminals to exploit unforeseen gaps in security.

A team led by Michigan State University researchers has earned a $1.2 million National Science Foundation grant to continue shoring up the security of cellular 911 calls.

As the nation’s cellular networks and technological infrastructure advance, customers are treated to better coverage and faster service. On the flip side, these changes also can create new opportunities for cybercriminals to exploit unforeseen gaps in security.

Researchers in the College of Engineering at MSU have been particularly interested in what that means for the security of cellular 911 calls.

“The average person isn’t calling 911 a lot, but if they can’t connect, it can lead to some very bad situations,” said Guan-Hua “Scott” Tu, an assistant professor in the Department of Computer Science and Engineering.

“Emergency networks are critical, so it is extremely urgent to ensure security and eliminate any potential negative impacts,” Tu said. “This project aims to advance the technology for safeguarding next-generation services over cellular networks from design to practice.”

This grant will allow Tu and Li Xiao, an MSU professor of computer science and engineering, to continue and expand their work in making cellular 911 calls more secure. In October 2022, Tu and Xiao’s team presented work titled, “Uncovering Insecure Designs of Cellular Emergency Services (911),” at the 28th Annual International Conference on Mobile Computing and Networking, or MobiCom.

This presentation revealed vulnerabilities in the systems the U.S. has in place to enable anyone to easily connect to emergency services from their cellphone. The team showed those vulnerabilities could be exploited to create a variety of problems, such as letting attackers steal cell services, spam customers and even block callers from reaching 911 operators.

“What we’ve shown is that we need to pay more attention to how we’ve designed our services and make sure there are no problems,” Tu said.

“It really surprised me when we found out an attacker can cause a legitimate 911 call to be denied or disconnected,” Xiao said. “However, we are in a computing-centric time and all human activities are supported by wired and wireless networks and data centers. I expect that more security loopholes will be discovered as digital infrastructure in society continues to grow and advance.”

Thanks to the team’s history in the field and its relationships with cellular providers, the researchers were already working with companies to remedy those security issues before their October presentation.