Security Analysis Of 5G Mobile Networks (2019)

By Tao Wan, CableLabs; Mansour Ganji, Rogers Communications

Cellular mobile networks have evolved from 2G to 5G over the past three decades. Mobile services offered by 2G, 3G, and 4G networks have always been voice calls and data network access. The introduction of 5G has changed this protocol by providing the communication technologies for many more use-cases tailored for each specific requirement. More specifically, 5G will provide network connectivity not only for human-to-human communications but also for human-to-machine, and machine to-machine communications. 5G user equipment will fall into a broad range of devices where at one end they are fully-fledged computers, and at the other end they are single-purpose and resource-constrained IoT devices.

Because of the potentially significant impact on our society by 5G, its security is of critical importance and must be treated systematically. Researchers from both industry and academia have been working on improving security in 5G for a while. For example, the 3GPP SA3 working group has been studying and defining security specifications for 5G systems since 2017. Academic researchers are also helping to identify flaws in 5G specifications and are proposing enhancements. In this paper, we conduct a summary of security threats to 5G and prior generations of mobile networks and discuss how some of these threats are being addressed by the 3GPP 5G security standard.

Threats against cellular mobile networks can be generally classified into three categories: threats against user equipment or subscribers, threats against radio access networks, and threats against mobile core networks. In this paper, we focus on threats against subscribers. More specifically, we consider how subscriber security can be attacked by exploiting design constraints or flaws in control channels including broadcasting, paging and dedicated unicasting channels.

Due to the fact that neither broadcasting nor paging messages are authenticated in 5G (release 15) and prior generations, they are subject to spoofing, enabling many of the attacks against subscribers.

Unicasting messages may or may not be security protected. Unprotected unicasting messages are also subject to spoofing and can be exploited to attack subscribers.

Through a summary of security threats against and defenses by 5G networks, we hope that a realistic understanding of expected 5G security can be established across the networking community, and hopefully among the general public as well.

By clicking the "Download Paper" button, you are agreeing to our terms and conditions.

Similar Papers

Authentication in 5G Wireline and Wireless Convergence
By Tao Wan & Max Pala, CableLabs; Yildirim Sahin, Charter Communications
Cable and Mobile Convergence: A Vision from the Cable Communities Around the World
By Jennifer Andréoli-Fang, PhD, CableLabs; John T. Chapman, Ian Campbell, & Mark Grayson, Cisco; Ahmed Bencheikh, Praveen Srivastava & Vikas Sarawat, Charter Communications; Drew Davis & Paul Blaser, Cox Communications; Damian Poltz & Dave Morley, Shaw Communications; Eduardo Panciera, Telecom Argentina; Philippe Perron, Sylvain Archambault, Eric Menu, Géraldine Trouillard & David Lagacé, Videotron; Gavin Young & Bruno Cornaglia, Vodafone
Real-World Performance of 5G
By Dave Morley, Shaw Communications Inc./Freedom Mobile
5G Small Cells and Cable: Realizing the Opportunity
By Dave Morley, Shaw Communications Inc./Freedom Mobile
Fixed Mobile Convergence in the Transition to 5G
By Glenn Laxdal, Ericsson
Blueprint for Mobile Xhaul over DOCSIS
By Jennifer Andreoli-Fang, PhD, CableLabs; John T. Chapman & Tong Liu, PhD, Cisco; Damian Poltz, Shaw Communications
SD-WAN 2.0: A Platform For Multi-Cloud, Security And Value Added Services
By Charuhas Ghatge, Nuage Networks, a Nokia Company
Cable 10G vs. Wireless 5G: Foe Or Friend?
By John Ulm & Zoran Maricevic, CommScope
An Analysis of How to Deploy Low Power WAN IoT Using HFC and Fiber Network Infrastructure
By Patricio Sebastian Latini, CASA Systems
SD-WAN and Beyond: Delivering Virtual Network Services
By Ralph Santitoro, Fujitsu Network Communications
More Results >>