KIISC

MobiSec 2025

PYongdae Kim (KAIST, South Korea)

▪   

Abstract : In April 2025, fake base stations circled Tokyo, forcing phones to downgrade to GSM and sending phishing SMS messages to unsuspecting users. Despite public outcry, Japanese authorities were slow to respond—a pattern seen globally when cellular vulnerabilities are exploited. These incidents exemplify Cellular Dual-Use Technologies: specification-level vulnerabilities in 4G and 5G that enable both surveillance and criminal exploitation, from government-operated IMSI-catchers to SMS blasters run by transnational crime syndicates.

To demonstrate the real-world exploitability of these vulnerabilities, we present Cellular Metasploit—a penetration testing framework for cellular networks. Inspired by the widely-used Metasploit Framework, our system provides: (1) a collection of cellular exploits leveraging standard-compliant vulnerabilities, (2) auxiliary tools for network reconnaissance, (3) attack payloads, and (4) post-exploitation analysis capabilities. Drawing on 15 years of research developing such tools, this framework systematically catalogs and implements known attacks and is being developed as an open-source project.

This talk demonstrates the framework's capabilities through case studies including front-door-level smartphone tracking and fake base station design and detection. We will show extensive video demonstrations of real-world attacks and discuss how such tools can drive transparent security discussions with standardization bodies.

▪   

Biography : Yongdae Kim (IEEE Fellow, NAEK Member) is a Professor in the Department of Electrical Engineering and the Graduate School of Information Security at KAIST, where he serves as KAIST ICT Endowed Chair and heads the Police Science and Technology Research Center. He received his PhD in Computer Science from the University of Southern California in 2002. From 2002 to 2012, he was a professor at the University of Minnesota - Twin Cities. At KAIST, he served as Chair Professor (2013-2016) and directed the Cyber Security Research Center (2018-2020). He has served as steering committee chair for NDSS (2024), program chair for ACM WiSec (2022), general chair for ACM CCS (2021), and associate editor for ACM TOPS. His research focuses on discovering and analyzing security vulnerabilities in emerging technologies, particularly drones, autonomous vehicles, and cellular networks.

Christian Esposito (University of Salerno, Italy)

▪   

Abstract : Intrusion Detection Systems (IDS) are vital for securing modern networks, but traditional machine learning-based anomaly detection methods often struggle with high-dimensional and imbalanced data. Although classical GANs help improve data generation, they are computationally intensive and limited in scalability. Quantum-related ML schemes offer a promising alternative, but existing approaches have been tested only in simulations. Instead, using real devices presents challenges not only because of the impact of quantum noise but, more significantly, because of the usage restrictions imposed by their high cost. In this talk, we present our recent research efforts on a lightweight yet effective hybrid QML solution for network intrusion detection, adopting a hybrid training approach that alternates between an IBM real quantum device and its noisy simulator, balancing computational feasibility and real-world relevance.

▪   

Biography : Prof. Christian Esposito is currently an Associate Professor at the University of Salerno, since December 2022. He was a Tenured Assistant Professor at the University of Salerno, an Assistant Professor at the University of Napoli “Federico II”, and a two-year Research Fellow and short-term Researcher at the Institute of High Performance Computing and Networking (ICAR) of the Italian National Research Council (CNR) from 2011 to 2015. He graduated in Computer Engineering in 2006 and got his PhD in 2009, both at the University of Naples “Federico II”, in Italy.

He has published about 150 papers in international journals and conferences and has been a PC member or involved in the organization of about 60 international conferences/workshops. He regularly serves as a reviewer in journals and conferences in the field of distributed and dependable systems and is a member of the editorial board of the International Journal of Computational Science and Engineering and the International Journal of High-Performance Computing and Networking, both by Inderscience. He is an Associate Editor of the IEEE Access, and has served as guest editor for various special issues at international journals. His interests include positioning systems, reliable and secure communications, game theory and multi-objective optimization.

Junji Shikata, Yokohama National University, Japan

▪   

Abstract : By Advanced Cryptography, we mean cryptographic schemes that claim superiority over conventional cryptographic primitives in terms of added or improved functionality, or new functionality, such as being able to solve problems that were difficult to solve with the conventional ones. For example, advanced cryptography includes ID-based encryption, attribute-based encryption, broadcast encryption, homomorphic encryption, and proxy re-encryption. This talk explains post-quantum advanced cryptography and its application to 5G beyond (B5G) by taking into account expected roles and use cases. In addition, Japanese research projects on advanced cryptography based on PQC and their activities are introduced and explained.

▪   

Biography : Junji Shikata received the B.S. and M.S. degrees in mathematics from Kyoto University, Japan, in 1994 and 1997, respectively, and the Ph.D. degree in mathematics from Osaka University, Japan, in 2000. From 2000 to 2002, he was a Postdoctoral Fellow with the Institute of Industrial Science, The University of Tokyo, Japan. Since 2002, he has been with the Faculty of Environment and Information Sciences, Yokohama National University (YNU), Japan, and he is currently a Professor of YNU. In addition, he was the Dean of the faculty of YNU from 2021 to 2023, and he has been a Vice-President of YNU since 2023. His research interests include cryptology, information theory, theoretical computer science, and computational number theory. In particular, he has been engaged in research on developing cryptographic schemes secure against quantum computers as a next-generation cryptographic technology from multiple viewpoints, including post-quantum cryptography (PQC) and information-theoretic cryptography. He received many awards including the Wilkes Award from the British Computer Society in 2006, and the Lifetime Achievement Award at MobiSec 2024.

Gergei Bana, Keio University, Japan

▪   

Abstract : TBD

▪   

Biography : Dr. Gergei Bana received his M.S. degree in Physics from Eötvös University, Budapest, and both his M.A. in Statistics and Ph.D. in Mathematics from the University of Pennsylvania. Currently, he serves as a Part-time Lecturer at Keio University. Prior to his current position, he served as an Assistant Professor at the University of Missouri. Dr. Bana has also held research positions at the University of Luxembourg, INRIA Paris, NTT Corporation, the Technical University of Lisbon, and University of California at Davis. His main interest is in the formal verification of security protocols. He focuses on the intersection of logic, cryptography, and formal verification, working on proof systems to verify provable cryptographic properties. He co-created the computationally complete symbolic attacker technique on which the verification tools Squirrel and CryptoVampire are based.