Litcius/Paper detail

UE Security Reloaded: Developing a 5G Standalone User-Side Security Testing Framework

Evangelos Bitsikas, Syed Khandker, Ahmad Salous, Aanjhan Ranganathan, Roger Piqueras Jover, Christina Pöpper

202326 citationsDOI

Abstract

Security flaws and vulnerabilities in cellular networks lead to severe security threats given the data-plane services that are involved, from calls to messaging and Internet access. While the 5G Standalone (SA) system is currently being deployed worldwide, practical security testing of User Equipment (UE) has only been conducted and reported publicly for 4G/LTE and earlier network generations. In this paper, we develop and present the first open-source based security testing framework for 5G SA User Equipment. To that end, we modify the functionality of open-source suites (Open5GS and srsRAN) and develop a broad set of test cases for the 5G NAS and RRC layers. We apply our testing framework in a proof-of-concept manner to 5G SA mobile phones and provide detailed insights from our experiments. While being a framework in development, the results of our experiments presented in this paper can assist other researchers in the field and have the potential to improve 5G SA security.

Topics & Concepts

Computer scienceComputer securityUser equipmentSecurity testingOpen sourceCellular networkThe InternetSecurity serviceNetwork securityCloud computing securityComputer networkSecurity information and event managementInformation securityWorld Wide WebCloud computingOperating systemSoftwareBase stationAdvanced Malware Detection TechniquesSoftware Testing and Debugging TechniquesIPv6, Mobility, Handover, Networks, Security
UE Security Reloaded: Developing a 5G Standalone User-Side Security Testing Framework | Litcius