We have just released a video demonstrating 5G-Spector deployed on an experimental cellular testbed (based on commodity software defined radio and open-sourced software).
The video shows two RF attacks from an external malicious UE: (1) Base station DoS attack that disrupts the base station and all connected UEs, (2) TMSI spoofing attack that surgically disrupting the connection of a particular UE (without affecting other UEs).
If you would like to learn more details, please refer to our full 5G-Spector paper (in NDSS'24): https://web.cse.ohio-state.edu/~wen.423/papers/5G-Spector-NDSS24.pdf
Enjoy!