Attacks exploiting MME and UE
As discussed in Section V, both the Remote de-register attack and SMS phishing attack are rooted from incorrect implementation of the operational MMEs. Thus, these MMEs should be carefully implemented by strictly following the 3GPP standard. The AKA bypass attack is also rooted in the UE handling the mandatory security procedure incorrectly. Therefore, the UE should not proceed with any control plane procedures before completing the mandatory security procedure successfully.