Abstract
After many years of work, 5G standards are still under development and the corresponding technical specifications continue to evolve on the fly. At this moment, several countries have started to deploy 5G networks, and most of them have been following a Non-Standalone (NSA) path to incorporate the existing 4G and other legacy networks. Despite all the advertisement efforts, many people still do not have a clear view on how 5G can power all the promised mission-critical applications in a secure manner. In this paper, we bridge this gap by providing a concise review of some 5G’s new features, including the Service Based Architecture (SBA) and key Network Functions (NFs), the new security features in User Equipment (UE) and Radio Access Network (RAN), the new trust model and security mechanisms (e.g. the 5G AKA protocol), and the newly introduced common API framework (CAPIF). Along with the review of new features, we provide our observations on the potential security concerns accompanied with the relevant research results in the literature. We finally point out some new research directions.
Highlights
T HE fifth generation (5G) cellular network is gradually deployed in some countries, mostly in NonStandalone (NSA) mode in order to incorporate the legacy networks such as 4G. 5G has brought unprecedented promises for use cases in various verticals, benefiting from its enhanced capabilities including Enhanced Mobile Broadband, Ultra Reliable Low Latency Communications (URLLC), and Massive Machine Type Communications
The study investigates the existing and newly developed security services with respect to the changing topologies presented in 5G such as heterogeneous networks, device-to-device communications, massive multiple-input multiple-output, Software Defined Network (SDN), and Internet of Things. 5G networks provides game-changing innovations for the core enabling technologies, namely the network softwarization [27] to be used for Service Based Architecture (SBA), and 5G new radio [28] for much higher data rate and larger number of devices with a very low latency
In 2019, Borgaonkar et al [22] published a paper, which identifies a logical vulnerability in the specifications of 5G Authentication and Key Agreement (5GAKA) protocol, i.e. the protection mechanism of the Sequence Number (SQN) can be defeated under specific replay attacks due to its use of Exclusive-OR (XOR) and a lack of randomness
Summary
The EU has played a prominent role in investigating 5G security. In October 2019, the EU’s NIS cooperation group published a high-level report on the coordinated risk assessment of 5G networks [2]. Positive Technologies [19] published a report, which identifies several security vulnerabilities against the Packet Forwarding Control Protocol (PFCP) and HTTP/2.0 protocols. AdaptiveMobile Security [26] published a report which provides a general review on the slicing technologies in 5G networks It summarizes the existing security features and the authorization processes in 5G’s service-based architecture (SBA) using the NRF and Service Communication Proxy (SCP). The report presents three threats associated with 5G Core network slicing security: (1) how to gain access to resources of another slice; (2) how to perform a DoS attack from one slice onto another slice; (3) how to extract user specific information like location from another slice. These include: (a) the Northbound API (Northbound API exploitation) that facilitates the communication between SDN controllers and SDN applications; (b) the Southbound API that facilitates the communication between SDN network elements and SDN controllers (i.e., Southbound API exploitation), and (c) the Eastbound/Westbound API that facilitates the communication between SDN controllers (i.e., Eastbound/Westbound API exploitation)
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
