Improving 4G/5G air interface security: A survey of existing attacks on different LTE layers

Abstract

The 4G/Long Term Evolution (LTE) has become the dominant mobile access technology worldwide so far, while the development of the 5G/NR (New Radio) cellular network is also accelerating. Like the previous generations of mobile networks, the LTE network has encountered many security problems during its practical implementation and use process, which are exploited by various wild attacks. Given the similarities between 5G and LTE in the protocol stack of air interface, it is an excellent opportunity to secure 5G mobile networks by reviewing existing attacks against LTE from the perspective of protocol layers.Motivated by this, a full view of the security attacks on the LTE protocol stack is organized and presented by layer in this paper. We propose a simple but effective method to investigate the existing attacks on LTE. We classify the attacks and review their impacts, causes, and defenses for each layer. After analyzing the current remediation situations of these attacks, we found that most security issues have been theoretically fixed through the countermeasures proposed in academic literature and 3GPP standards. However, whether the existing mobile networks have implemented these patches in practice remains to be verified. Moreover, we also noticed that there are still some unsolved security problems in the 5G air interface. Based on the survey results, we finally provide future work directions aiming to improve the air interface security of mobile networks by addressing these remaining security issues and practical security testing on deployed cellular networks.