Security Vulnerabilities of the 5G Network
The 5G network is made to provide access that is very fast and has little delay. It has also adopted a number of new technologies, such as IoT (Internet of Things), AR, IoV, VR, etc., to support a wide range of services and applications. The security of this network has improved over time, making it safer than it was in the past. 5G network has features like direct communication from one end to the other, different types of terminals, ultra-high density nodes, and multiple wireless network tools that can work together. It is also marked by the introduction of new technologies like V2X, NFV (Network Function Virtualization), and SDN (Software Defined Network) (Sun et al., 2020). But new vulnerabilities keep showing up, which affect both the end devices and the infrastructure of the operators. Low-cost software and hardware platforms can be used to take advantage of these weaknesses. The paper shows the results of a survey about the weak spots in the 5G network.
Goals and Objectives
Concerns about security with the 5G network mean that there needs to be a safe place to work on computers. In other words, the security design of the 5G network should be built into the architecture of the network rather than being treated as a separate patch. To do this, the first step is to figure out where its security is weak (Sun et al., 2020). So, the goal of this research paper is to find out where the 5G network’s security is weak. The results of this study will be very important for making sure that users’ information and transmission data are kept private and safe. By making sure the 5G network is secure, network attacks can be kept to a minimum.
Background of the Research Paper
5G security has gotten a lot of attention, and many scholars are studying the biggest security problems that come with 5G. Threats to the 5G network have always come from a number of attacks. For example, to steal private data, you have to first break into the conversation between the user and the BS by jamming signals. Then, you have to talk to the user as if you were the BS. It means taking advantage of the authorization protocol’s flaws to get any data sent through it. In this case, a threat is made by putting together fake devices, signal jamming, and a weakness. An attack chain is a group of different attack strategies that work together. Attack chains always pose serious security risks to 5G networks. It attacks chains by putting together the most important attack tools on a hierarchical directed graph. Several authors have come up with ways to defend against this problem. One thing that will always be true is that integrity, privacy, and accessibility will be the most important things. As this new network spreads into areas like healthcare, manufacturing, and transportation, security will remain the most important issue.
Since the whole packet core and other services depend on virtualization, it is important to know that 5G standalone networks have been linked to more security flaws. Also, while technologies like SDN and NFV make deployment easier, more flexible, and faster, using software-defined systems instead of dedicated hardware can be hard because it makes mobile networks more vulnerable to attacks (Ahmad et al., 2018). Scholars have looked into automated attack technologies like automatic vulnerability mining, guessing passwords, AI-based automated attacks, and automated vulnerability exploring. These are all related to 5G security. Most of the time, automated vulnerability mining finds flaws in protocols or software by itself.
Challenges that each paper tries to solve and how they do it
Sun et al. (2020) wrote an article that mostly talked about the problems with the physical and logical layers of the 5G network. The physical layer is mostly about the hardware and the wireless channel. Some of the problems with the 5G network that have been found here are malicious destruction, fake devices, and channel attacks. Because of the above problems, data leaks and isn’t available (Sun et al., 2020). Attackers can’t get into the device, though, if security management is used to control these. Because radio waves travel through the air, anyone can listen in on wireless channels and access them without permission. Authorization and encryption can be used to solve the problem. Even though wireless channels have features like being unique, different, and two-way, they still need better encryption and authentication to make them safer. Sun et al. (2020) have fixed three major security problems with the logical layer. They include data leaks from shared resources, holes in software and protocols, and security threats from the outside. The management and orchestration software, also known as the controller, is often part of a 5G network (Sun et al., 2020). Since this controller’s design is usually centralized, attackers may be able to get permissions by taking advantage of its flaws. The attacker can then launch an attack on the layers that are vulnerable. Attacks from the outside can happen to the controller of the NFV or SDN, which could make the service unavailable. A DoS attack is a good example. In the article, security threat detection is suggested as a way to deal with this problem (Sun et al., 2020).
In an article from 2018, Ahmad et al. talk about the following as the most important security issues;
• Flash traffic on the network: 5G is linked to a lot of end-user devices
• User plane integrity: The user data plane doesn’t need encryption.
• Security for radio interference: radio interface encryption keys are often sent over channels that are not secure.
• Roaming security: With roaming security, user security settings are often not updated, which can lead to security problems (Ahmad et al., 2018).
• DoS attacks on end-user devices: There are no security measures in place for applications, operating systems, and configuration data, especially on user devices (Ahmad et al., 2018).
• Signaling storms: The distributed control systems in 5G networks need to work together.
Some of these problems can be solved by adding new resources and figuring out how to use new technologies with the systems that are already in place. Some of these problems may be solved by new technologies like NFV and SDN. For example, “SDN can allow run-time resource assignment, such as bandwidth, to specific parts of the network as the need arises” (Ahmad et al., 2018). NFV also lets virtual slices be created on the fly to meet the growing traffic needs at different network locations.
Schneider and Horn (2015) wrote an article about security. The main problem they talked about was DoS (denial-of-service) attacks. These kinds of attacks try to use up all of the victim’s resources. Web servers are usually the target of these attacks. As the 5G network continues to be an important part of critical infrastructure, it is also becoming a possible target for DoS attacks (Schneider & Horn, 2015). The article also talks about how protocol or VPI interfaces could be used to break into SDN controllers (Schneider & Horn, 2015). One of the proposed ways to reduce these risks is to give scalable and flexible resources to a VNF, which helps stop some DoS attacks (Schneider & Horn, 2015).
Each paper’s major design/implementation and architecture
Schneider and Horn (2015) wrote in an article that security must be “built-in” to the way the 5G network is made. The article suggests that the architecture be designed with security in mind. Based on the paper, the security of the 5G network should be built on an LTE system architecture, since it hasn’t shown any major flaws yet. On the other hand, Ahmad et al. (2018) say that privacy-by-design should be built into the security of a 5G network. This article talks about programmable network architectures, especially the SDN, which needs string authorization and authentication to keep network resources on the control plane from being abused. In another article by Sun et al. (2020), the design/implementation of a 5G network should be guided by a universal hierarchical 5G framework. There are four technologies that make up the model. They include knowledge graph construction, automated defense, automated attack, and security testbed. They are meant to offer accurate and fast security approaches to security threats of 5G network. The architecture described in the article consists of two main layers: physical and logical.
Reflection on the Results
The above study indicates that as much as the 5G security network has evolved to become more efficient compared to previous generations, new vulnerabilities continue to emerge, which affect both the end-devices and operator infrastructure. However, these vulnerabilities have been mitigated to some extent by SDN, NFV, and mobile clouds, which addresses the challenges of flexibility, costs, and connectivity.
Conclusion, Lessons Learned, and Future Work
5G network is still vulnerable to certain security issues, some of which have been identified in this paper. Among these issues include software and protocol vulnerabilities, unauthorized access, and eavesdropping attack. The main lesson learned in this study is that as technology and cybersecurity continue to evolve, cyber threats also advance as well. Future studies need to address the implications of the increase in signaling traffic, which continues to be a vital issue in emerging networks.
Ahmad, I., Kumar, T., Liyanage, M., Okwuibe, J., Ylianttila, M., & Gurtov, A. (2018). Overview of 5G Security Challenges and Solutions. IEEE Communications Standards Magazine, 2(1), 36-43. https://doi.org/10.1109/mcomstd.2018.1700063
Schneider, P., & Horn, G. (2015). Towards 5G Security. 2015 IEEE Trustcom/Bigdatase/ISPA. https://doi.org/10.1109/trustcom.2015.499
Sun, Y., Tian, Z., Li, M., Zhu, C., & Guizani, N. (2020). Automated Attack and Defense Framework toward 5G Security. IEEE Network, 34(5), 247-253. https://doi.org/10.1109/mnet.011.1900635