The modern communications landscape requires reliable, high-speed, high- throughput and secure links and sessions between user equipment instances and the data network. The 5G core implements the newly defined 3GPP network ar- chitecture enabling faster connectivity, low latency, higher bit rates and network reliability. The full potential of this set of networks will support a set of critical Internet of Things (IoT) and industrial use cases. Nevertheless, several compo- nents and interfaces of the Next-Generation Radio Access Network (NG-RAN) have proven to be vulnerable to attacks that can potentially obstruct the net- work’s capability to provide reliable end-to-end communication services. Various inherent security flaws and protocol-specific weaknesses have also been identified within the 5G core itself. However, little to no research has gone into testing and exposing said core-related weaknesses, contrary to those concerning the NG-RAN. In this paper, we investigate, describe, develop, implement and finally test a set of attacks on the Packet Forwarding Control Protocol (PFCP) inside the 5G core. We find that, by transmitting unauthorised session control packets, we were able to disrupt established 5G tunnels without disrupting subscribers’ connectivity to the NG-RAN, thus hindering the detection of said attacks. We evaluate the identi- fied PFCP attacks in a drone-based scenario involving 5G tunnelling between two swarms.
scite is a Brooklyn-based startup that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
334 Leonard St
Brooklyn, NY 11211
Copyright © 2023 scite Inc. All rights reserved.
Made with 💙 for researchers