Devilray: A Systematic Adversarial Model Revealing Blind Spots in Fake Base Station Detection

Fake Base Station (FBS) detection has been a critical focus of cellular security research for over two decades. However, significant financial and regulatory barriers to accessing commercial FBS (C-FBS) devices have limited direct visibility into real-world operations, forcing detection systems to be designed and evaluated around self-built prototypes. In this paper, we present Devilray, a reconfigurable and reference-grade adversarial baseline designed to systematically explore the realistic adversarial space and identify adversarial blind spots in current detection -- regions of realistic adversarial behavior excluded by prevailing threat models. We establish an empirical ground truth through the first academic analysis of a C-FBS and extend these observations into specification-driven operational variants permitted by 3GPP standards. Devilray enables the systematic exploration of 2,592 feasible and realistic FBS instances, capturing a wide range of operational possibilities. Using Devilray, we evaluate seven representative accessible FBS detectors and uncover coverage gaps across all seven, revealing blind spots rooted in assumption-bound design and evaluation. Our work provides the first robust adversarial model grounded in real-world behavior and specification analysis, enabling the community to develop and evaluate future detection mechanisms in a rigorous manner.