- 5G System and Network Security
Just now·14 min read
The rivalry between the various world superpowers is one of the key factors that has led to the substantial technological progress seen in this century. Nations made significant investments in technological development, especially after World Wars I and II. This century saw a lot of technological change.People personally witnessed it as the technology evolved from 2G to 3G, as well as 3G to 4G, throwing multiple challenges to network professionals as we sought to ensure service continuity while maintaining user experience targets. More recently, with the inception of 5G technology, the approach of network standard replacement has vanished away. The creation of Fifth Generation (5G) mobile networks is moving at a breakneck pace, bringing even higher speeds, lower latency, and ubiquitous access to almost every aspect of life.
5G wireless technology is designed to provide multi-gigabit per second peak data rates, ultra-low latency, improved reliability, huge network power, increased availability, and a more consistent user experience to a larger number of users. 5G allows for the creation of a new type of network that connects virtually anyone and everything, including computers, objects, and devices. Higher performance and productivity enable new user experiences and bring new industries together.
1.High-speed mobile network
Speech and high-speed data can be transmitted effectively in 5G compared to traditional mobile transmission technologies. One of the most important characteristics of 5G technology is low latency, which is vital for autonomous driving and mission-critical applications. 5G networks will allow encrypted access to cloud storage, business application access, and virtual execution of powerful activities with increased computing capacity. New smartphone manufacturers and application developers will have more opportunities thanks to 5G wireless technology. New VoIP and smart devices will be added to the market, resulting in increased job opportunities..
2.Internet of Things
Due to its versatility, unused spectrum availability, and low-cost implementation options, 5G is the most effective candidate for Internet of Things. For data collection, processing, transmission, control, and real-time analytics, an efficient network is needed.
Smart appliances that can be programmed and accessed from remote locations can use the 5G wireless network, and closed circuit cameras will provide high-quality real-time surveillance for security purposes.
Traffic management, instant weather updates, local area broadcasting, energy management, smart power grid, smart street lighting, water supply management, crowd management, emergency response, and other smart city applications…. For its operation, it may make use of a secure 5G wireless network.
Farmers can easily monitor and control their livestock using smart RFID sensors and GPS technology. Smart sensors can be used to monitor irrigation, entry, and energy use.
There are 4 architectural features in 5G technology.Each feature has different kind of security challenges.Architectural features are mentions below with the associated security challenges.
The radio access network (RAN) builds upon the new 5G NR (New Radio) standard that enables necessary characteristics for a given scenario to be achieved: bandwidth, minimum latency, or massive connections.
When considering the risks of RAN, a large number of connections and high bandwidth increase the attack surface
The backbone architecture (network core or 5G Core) is based on cloud technologies and virtualization of network functions (NFV, SDN), which allows creating many independent segments and supporting services with a different set of characteristics.Increased impacts of failures or abuses due to the scale of use is the major risk of this.
These can be, in particular, corporate applications running on service provider’s networks: intelligent services, financial services, multimedia, etc.Possible risks of this are ,new opportunities for entering corporate networks, placement of MEC equipment outside the protected perimeter of an organization.
Centralized network management (O&M) infrastructure is getting more complex as it supports many service segments at once.More serious consequences of resource abuse and / or O&M configuration errors is a major issue of this.
Figure 4-most significant threats to each of the main components of the 5G network
The requirement for 5G networks to support a large number of connected devices may be a security risk. According to Gartner, the use of the Internet of Things is expected to skyrocket (IoT). With 25 billion IoT devices estimated to be linked by 2021, the Internet of Things would unleash a highly complex threat landscape unlike any other.
As the Internet of Things (IoT) becomes more widespread, it tends to expose new vulnerabilities and security issues. Malware distribution is simple to scale, and system security is lacking (many manufacturers build in only the most basic security provisions from the start). Our researchers discovered that in the previous year, the number of malware campaigns targeting IoT devices increased by 50%, resulting in the discovery of over 1,100,000 infected devices.
The big DDoS attack by the Mirai botnet in 2016, which made much of the internet inaccessible on the US east coast, is an example of the large-scale damage that such devices can cause. To avoid a repeat of this attack, which could leave regular users without communication, 5G network operators would need to develop new threat mitigation models that are ideally suited to various types of devices.
.Operators of 2G, 3G, 4G, and 5G networks face significant security threats. The Diameter Signaling protocol, which is used in 4G networks to authenticate and authorize messages and information delivery, is vulnerable in a number of ways that operators must be aware of in order to effectively protect themselves against attackDue to the protocol’s legacy shortcomings, 5G networks based on previous generation networks inherit the same threats, including tracking user location, accessing confidential data, and, in some cases, downgrading users to insecure 3G networks.
Positive Technologies were able to imitate hacker activity and infiltrate 100% of mobile networks. Diameter could be used to launch Denial of Service (DoS) attacks against any mobile network. This affects both 4G and 5G users since the first generation of 5G networks (5G Non-Standalone) is based on the LTE network heart. As a result, 5G would be vulnerable to the same flaws as 4G.
Building the inherently secure 5G system needed a holistic approach rather than focusing on individual parts in isolation. This is why groups like the 3GPP, ETSI, and IETF worked together to develop the 5G system, each focusing on a different aspect. The key changes in the 3GPP 5G security specification are mentioned below.Among the enhancements in 5G are improved subscriber privacy features that eliminate the IMSI catcher attack, additional higher protocol layer security measures to secure the new service-based interfaces, and integrity protection of user data over the air interface.
There are several similarities between LTE/4G and 5G in terms of network nodes (called functions in 5G) involved in security features, protected communication connections, and so on. Both systems’ defense mechanisms can be classified into two groups.
· The first set of files contains all “network access control mechanisms.” These are the security features that enable users to securely access services through their device (typically a phone) while also protecting the device’s air interface with the radio node from attacks (eNB in LTE and gNB in 5G)
· The second kit contains the so-called network domain security mechanisms. This includes features such as the ability for radio nodes and core network nodes to safely exchange signaling data and user data, for example.
In all generations of 3GPP networks, access authentication, also known as primary authentication in 3GPP 5G security protocols, is a key security technique. When a device is turned on for the first time, this procedure is normally carried out during initial registration (previously known as initial attach).
Sessions keys are created after a successful authentication procedure, and they are used to secure communication between the device and the network. The authentication procedure in 3GPP 5G security supports the extensible authentication protocol (EAP), a security protocol defined by the Internet Engineering Task Force (IETF).
In addition to the passwords commonly used in mobile networks and typically stored in the SIM card, this protocol has the advantage of allowing the use of different types of passwords, such as certificates, pre-shared keys, and username/password. This authentication process’ versatility is a key 5G enabler for factory and non-telecom applications alike.
EAP also supports secondary authentication in addition to primary authentication. When setting up user plane connections, such as to surf the web or make a phone call, this is used for authorization purposes. It permits the operator to delegate authorization to a third party. A supported link, such as to your favorite streaming or social networking site, is the most popular use case, where other existing credentials (e.g. username/password) can be used to authenticate the user and enable the connection. Normal application and service providers can handle a wide variety of credential styles and authentication methods by using EAP.
Subscriber privacy is significantly improved by the 3GPP 5G security standard, which protects subscribers from false base stations, also known as IMSI catchers or Stingrays. In conclusion, conventional attacks such as passive eavesdropping or active probing of permanent and temporary identifiers have been made far more difficult for false base stations to identify and monitor subscribers (SUPI and GUTI in 5G) .
Furthermore, attackers would find it more difficult to compare protocol messages and pinpoint a single subscriber with 5G. Only a limited amount of information is sent in cleartext in initial protocol messages, with the rest remaining secret. A general framework for detecting false base stations is also being developed, which is a major source of privacy concernsThe identification, which is based on data from field instruments about radio conditions, makes it much more difficult for false base stations to go undetected..
5G has ushered in a paradigm change in mobile network architecture, moving away from the traditional model of point-to-point network function interfaces and toward service-based interfaces (SBIIn a service-based architecture, a network entity’s different functionalities are refactored into services that are exposed and distributed on-demand to other network entities (SBA).
SBA has pressed for protection at higher protocol levels (i.e. transport and application) in addition to protecting communication between core network entities at the internet protocol (IP) layer (typically by IPsec). As a result, 5G core network functions support cutting-edge security protocols like TLS 1.2 and 1.3 at the transport layer to ensure safe communication, as well as the OAuth 2.0 framework at the application layer to ensure that only authorized network functions have access to a service provided by another feature..
Three building blocks make up 3GPP SA3’s upgrade to interconnect protection (i.e. security between separate operator networks):
· A new network feature called security edge protection proxy (SEPP) was introduced to the 5G architecture. All signaling traffic through operator networks is expected to be carried by these security proxies..
· The authentication of SEPPs is also needed. This allows for efficient traffic filtering from the interconnect.
· • Finally, a new application layer protection approach was created for the SEPPs’ N32 interface to protect sensitive data attributes while still allowing mediation services in the interconnect.. Authentication and transport safety between network functions using TLS, authorization system using OAuth2, and enhanced interconnect security using a modern security protocol developed by 3GPP are the main components of SBA security.
In 5G, a new feature was introduced: user plane (UP) integrity protection between the device and the gNB. Like encryption, the integrity protection feature is necessary on both devices and the gNB, but its use is optional and under the operator’s control.
Integrity protection is well known to be resource intensive, and not all devices will be able to keep up with the highest data rate. As a result, the 5G System allows for the negotiation of which rates are suitable for the features. For example, if a device’s maximum data rate for integrity-protected traffic is 64 kbps, the network will only allow integrity protection for UP connections where data rates do not need to exceed 64 kbps.
The security aspects are the responsibility of SA3, one of the three 3GPP working groups. SA3 in TS 33.501 specifies the protection mechanisms for the 5G framework. Ericsson was a key contributor to the specification work and was responsible for many security changes, including versatile authentication, subscriber privacy, and data integrity protection.
NFV’s main aim is to decouple software from hardware. NFV can be used by network operators to virtualize various network functions such as firewalls and encryption (VMs). The network operator will automatically deploy a VM for a new network feature when a user requests it.
NFV enables network slicing, which is a virtual network architecture that allows several virtual networks to be built on top of a shared physical infrastructure.  Network slicing will be important in 5G networks due to the range of usage cases and new services that 5G will support.
Furthermore, by promoting the distributed cloud — a cloud computing implementation that links data and applications served from various geographic locations — NFV can aid in the development of scalable and programmable networks for potential needs.
When the administrator continues to run objectionable operations over the VNFs, this is referred to as a human-initiated attack. An assault on a single NFVI VNF can bring the entire infrastructure down..
When the administrator continues to run objectionable operations over the VNFs, this is referred to as a human-initiated attack. An assault on a single NFVI VNF can bring the entire infrastructure down. The major reason behind such attacks are
1) VNFs getting controlled remotely (by a third party)
2) due to a completely external malicious attack in order to destruct the NFVI such as DDOS
VNF’s internal vulnerabilities also make it open to external attacks
When a VNF is targeted for an attack, it is clear that it has the ability to spread the security threat to other VNFs in the NFVI. As a result, maintaining trust between VNFs is critical for providing security validation and integrity . Three types of trusts that are relevant between VNFs are mentioned below
· Having faith in the accuracy of data output between software programs.
· Have faith in the software programs that they can perform the tasks correctly..
· Trusted to carry out operations that have an indirect impact on data.
VNCIs (Virtual Network Function Component Instances) are used to establish trust between VNFs. In order for software programs to work together in an NFV environment, they must have trusting relationships . In order to achieve full stability, the chain of trusting relationships must be extended.
1.2Best practices and security solutions
The hypervisor is critical to the virtualization of the entire network. As a result, preserving protection at the hypervisor level is critical. It is necessary to keep the hypervisor up to date as one of the security measures by installing the latest security patches and disabling all services that are not needed all of the time, such as SSH and remote access.
An intruder may use cloud or network administrator accounts to gain access to the NFV infrastructure. As a result, administrators’ accounts should be given priority in terms of protection. To ensure the security of their accounts, these accounts should be given strong passwords and strict guidelines.
Separating VMs into various categories is a safe practice to avoid one VM’s traffic from affecting all other VMs. These groups can be used to further separate the traffic. Each group may have its own firewall and access policies set up.
VNF-attached virtual volume disks can contain sensitive data . As a result, it is important to protect them by encrypting them. It should also be ensured that in the event of a hypervisor failure, the data on the volume disks is lost.
The main idea behind SDN is to decouple the control plane from network hardware and allow external control of the data plane through a logical software entity called a controller.
SDN (Software-Defined Networking) is a modern network architecture that enables network reconfiguration on the fly. In traditional network devices including routers, switches house both the control and data planes. As previously stated, SDN separates network organizations’ control and data planes, allowing for centralized cellular network management as social media, mobile devices, and cloud computing push networks to their limits. SDN, like virtualized computing and storage, has the ability to transform data centers by allowing for elastic network control.
When considering Forwarding Device Attack, SDN has the ability to transform data centers by providing a scalable way to control the network in the same way as virtualized computing and storage do.
Threats in Control Plane, Because of the central controller’s use, any network issue results in the central controller’s failure. Horizontal or hierarchical controller distributions are being used to solve this problem.
Vulnerability of Communication ChannelTLS is used for data-control channel communication protection in SDN southbound APIs such as the Open Flow protocol, but it is often disabled administratively and is vulnerable to man-in-the-middle attacks, making it unsuitable for channel security implementation.
Fake Traffic Flows: This or a DoS attack can be launched by a non-malicious faulty computer or an attacker to consume resources in forwarding devices or controllers.
2.2Best practices and security solutions
All actions taken by all system actors — internal and external — must be logged, and all logs must be kept safe.When problems occur, systems should provide insight into activities and network status so that the best course of action can be determined. An aggressive approach to security necessitates the proper detection and description of a problem in order to determine the best course of action for mitigating it. Any activity should be double-checked to ensure that it was carried out correctly.
3MEC (Mobile Edge Computing)
Multi-access Edge Computing (MEC), also known as mobile edge computing, is a network architecture that enables cloud computing to take place at the mobile network’s edge (e.g. near Base Station).Remote servers, which are typically located well away from end-user devices, are currently used to store content and conduct online computations. By incorporating these functionalities into 5G base stations, MEC would bring those processes closer together.
Without edge computing, 5G will not be able to meet the reliability goals of very low latency and massive broadband because data takes time to travel across the fiber networks connecting the radios on the towers to the network core. Both MEC and 5G are revolutionary technologies in and of themselves, but when combined, they can be a formidable computing power. As 5G becomes more widely available, artificial intelligence (AI), the Internet of Things (IoT), and virtual reality (VR) will become more widely used.
3.1 Security threats
One of the most severe attacks that multi-access edge computing systems are vulnerable to is the compromise of unsecured internet protocols. A hacker will most likely be able to read and change any data or network traffic that passes through any linked edge devices if the edge system has been hacked.
Think what needs to be encrypted and the effect that breaching protocols like SMTP (which is mostly used for email) and HTTP (which is mostly used for unsecure web browsing) might have on enterprises and network operations.
Man-in-the-middle attacks will compromise protocols, much as other forms of security mechanisms. A denial-of-service attack occurs when a hacker or malicious agent intercepts, relays, and potentially alters the communications of two or more people that believe they are communicating directly with each other…
DNS protocols are particularly susceptible to man-in-the-middle attacks; however, other protocols, such as cryptographic protocols that are poorly built, can also be vulnerable. This attacks sometimes mean that the attacker has control over one or more edge computers.
The two scenarios outlined above are bad enough on their own, but they will lead to even bigger problems in the future with your multi-access edge computing system and any linked networks or computers.
Falsified information and/or logs will jeopardize data security and overall business processes. This method of attack can also be used to improve a malicious hacker’s hold on a device by circumventing security controls and allowing access to other insecure subsystems or programs by using forged data…
3.2 Best practices and security solutions
Without a question, securing multi-access edge computing architectures is a challenge that is still being debated and solutions developed. Predicting how MEC architectures would impact protection and protective measures is problematic at this point since there are few real-world implementations of fully installed multi-access edge computing setups.
MEC defense tends to benefit from a four-layered approach. Using this method, the security of MEC architectures will be broken down into four layers. These layers include a hardware layer, a networking layer, a cloud security layer, and a management layer..
The hardware layer would focus on OEMs using a security-by-design approach during the design process of their devices, making it easier to incorporate additional security features if required. The communications layer would focus on how data is exchanged and how to secure it as efficiently as possible, using advanced strategies for long and short-range communications.
The cloud authentication layer will be set up to send the most private, personal, or confidential data to the cloud, where it would be secured by cutting-edge encryption. Cloud-based security measures can be used within the cloud safety layer.
The cloud authentication layer will be set up to send the most private, personal, or confidential data to the cloud, where it would be secured by cutting-edge encryption. Cloud-based security measures can also be used within the cloud safety layer.
As a conclusion,protection will become much better as 5G deployments progress and mature.People will see more encryption, more defense at the network’s edge, and network-securing technologies like network feature virtualization, mobile edge computing, and network slicing.As 5G networks are deployed in cities across the World, the technology’s effect is growing.
- Date of publication:
- Thu, 06/10/2021 - 22:35
Click on the link - it will be copied to clipboard