Abstract:This paper presents an ontology based on mutation techniques for the modelling of cybersecurity attacks and its application to 5G networks. Main concepts of network protocols, mutation operators, flow of network packets and network traffic are introduced. An ontology is designed based on different mutation operators that allow to design models that can be assimilated with known and unknown attacks. This approach has been implemented in our open source 5G network traffic fuzzer, 5Greplay, and has been applied t… Show more
“…It is an open-source 5G network traffic fuzzer designed to evaluate 5G components by replaying, modifying 5G network traffic, and injecting network scenarios into a target, which can be a 5G service such as Core Network (e.g., AMF, SMF) or a RAN network (e.g., gNodeB). This aligns with study [40] that explores the inherent weaknesses of 5G technology and underscores the pressing need for robust defense mechanisms. Such research is pivotal in developing comprehensive strategies to counteract emerging security threats in 5G networks.…”
Section: Related Worksupporting
confidence: 57%
“…The existing works in 5G cybersecurity training are instrumental but have limitations such as lack of realism [11], limited scope of attack scenarios [10,26,35], absence of comprehensive countermeasures [10,25,40], and the challenge of reproducibility [12,14]. This paper distinguishes itself from the abovementioned studies by presenting a comprehensive approach to training and evaluating cybersecurity defenders in a realistic 5G network envi-ronment.…”
Section: Related Workmentioning
confidence: 99%
“…This paper distinguishes itself from the abovementioned studies by presenting a comprehensive approach to training and evaluating cybersecurity defenders in a realistic 5G network envi-ronment. While previous research [10,12,25,26,35,40] has primarily focused on individual aspects of 5G security, such as network slicing, specific threat vectors, or the development of testing tools, our work integrates these insights to address the unique security challenges and vulnerabilities inherent in 5G networks. We propose an autonomous cybersecurity system, contextualized within the broader narrative of 5G security challenges, that is capable of emulating real-world 5G attack scenarios.…”
The rapid evolution of 5G technology, while offering substantial benefits, concurrently presents complex cybersecurity challenges. Current cybersecurity systems often fall short in addressing challenges such as the lack of realism of the 5G network, the limited scope of attack scenarios, the absence of countermeasures, the lack of reproducible, and open-sourced cybersecurity training environments. Addressing these challenges necessitates innovative cybersecurity training systems, referred to as “cyber ranges”. In response to filling these gaps, we propose the Cyber5Gym, an integrated cyber range that enhances the automation of virtualized cybersecurity training in 5G networks with cloud-based deployment. Our framework leverages open-source tools (i) Open5GS and UERANSIM for realistic emulation of 5G networks, (ii) Docker for efficient virtualization of the training infrastructure, (iii) 5Greply for emulating attack scenarios, and (iv) Shell scripts for automating complex training operations. This integration facilitates a dynamic learning environment where cybersecurity professionals can engage in real-time attack and countermeasure exercises, thus significantly improving their readiness against 5G-specific cyber threats. We evaluated it by deploying our framework on Naver Cloud with 20 trainees, each accessing an emulated 5G network and managing 100 user equipments (UEs), emulating three distinct attack scenarios (SMC-Reply, DoS, and DDoS attacks), and exercising countermeasures, to demonstrate the cybersecurity training. We assessed the effectiveness of our framework through specific metrics such as successfully establishing the 5G network for all trainees, accurate execution of attack scenarios, and their countermeasure implementation via centralized control of the master using automated shell scripts. The open-source foundation of our framework ensures replicability and adaptability, addressing a critical gap in current cybersecurity training methodologies and contributing significantly to the resilience and security of 5G infrastructures.
“…It is an open-source 5G network traffic fuzzer designed to evaluate 5G components by replaying, modifying 5G network traffic, and injecting network scenarios into a target, which can be a 5G service such as Core Network (e.g., AMF, SMF) or a RAN network (e.g., gNodeB). This aligns with study [40] that explores the inherent weaknesses of 5G technology and underscores the pressing need for robust defense mechanisms. Such research is pivotal in developing comprehensive strategies to counteract emerging security threats in 5G networks.…”
Section: Related Worksupporting
confidence: 57%
“…The existing works in 5G cybersecurity training are instrumental but have limitations such as lack of realism [11], limited scope of attack scenarios [10,26,35], absence of comprehensive countermeasures [10,25,40], and the challenge of reproducibility [12,14]. This paper distinguishes itself from the abovementioned studies by presenting a comprehensive approach to training and evaluating cybersecurity defenders in a realistic 5G network envi-ronment.…”
Section: Related Workmentioning
confidence: 99%
“…This paper distinguishes itself from the abovementioned studies by presenting a comprehensive approach to training and evaluating cybersecurity defenders in a realistic 5G network envi-ronment. While previous research [10,12,25,26,35,40] has primarily focused on individual aspects of 5G security, such as network slicing, specific threat vectors, or the development of testing tools, our work integrates these insights to address the unique security challenges and vulnerabilities inherent in 5G networks. We propose an autonomous cybersecurity system, contextualized within the broader narrative of 5G security challenges, that is capable of emulating real-world 5G attack scenarios.…”
The rapid evolution of 5G technology, while offering substantial benefits, concurrently presents complex cybersecurity challenges. Current cybersecurity systems often fall short in addressing challenges such as the lack of realism of the 5G network, the limited scope of attack scenarios, the absence of countermeasures, the lack of reproducible, and open-sourced cybersecurity training environments. Addressing these challenges necessitates innovative cybersecurity training systems, referred to as “cyber ranges”. In response to filling these gaps, we propose the Cyber5Gym, an integrated cyber range that enhances the automation of virtualized cybersecurity training in 5G networks with cloud-based deployment. Our framework leverages open-source tools (i) Open5GS and UERANSIM for realistic emulation of 5G networks, (ii) Docker for efficient virtualization of the training infrastructure, (iii) 5Greply for emulating attack scenarios, and (iv) Shell scripts for automating complex training operations. This integration facilitates a dynamic learning environment where cybersecurity professionals can engage in real-time attack and countermeasure exercises, thus significantly improving their readiness against 5G-specific cyber threats. We evaluated it by deploying our framework on Naver Cloud with 20 trainees, each accessing an emulated 5G network and managing 100 user equipments (UEs), emulating three distinct attack scenarios (SMC-Reply, DoS, and DDoS attacks), and exercising countermeasures, to demonstrate the cybersecurity training. We assessed the effectiveness of our framework through specific metrics such as successfully establishing the 5G network for all trainees, accurate execution of attack scenarios, and their countermeasure implementation via centralized control of the master using automated shell scripts. The open-source foundation of our framework ensures replicability and adaptability, addressing a critical gap in current cybersecurity training methodologies and contributing significantly to the resilience and security of 5G infrastructures.
“…This is important in understanding the evolving nature of security threats in 5G networks. Additionally, Salazar et al [9] discuss the new cybersecurity threats introduced by 5G SBA, emphasizing the ineffectiveness of previously adopted security and privacy mechanisms in the context of 5G. Mahyoub et al [10] present a detailed 5G security analysis from the perspective of network architecture.…”
The paper presents an experimental security assessment within two widely used open-source 5G projects, namely Open5GS and OAI (Open-Air Interface). The examination concentrates on two network functions (NFs) that are externally exposed within the core network architecture, i.e., the Access and Mobility Management Function (AMF) and the Network Repository Function/Network Exposure Function (NRF/NEF) of the Service-Based Architecture (SBA). Focusing on the Service-Based Interface (SBI) of these exposed NFs, the analysis not only identifies potential security gaps but also underscores the crucial role of Mobile Network Operators (MNOs) in implementing robust security measures. Furthermore, given the shift towards Network Function Virtualization (NFV), this paper emphasizes the importance of secure development practices to enhance the integrity of 5G network functions. In essence, this paper underscores the significance of scrutinizing security vulnerabilities in open-source 5G projects, particularly within the core network’s SBI and externally exposed NFs. The research outcomes provide valuable insights for MNOs, enabling them to establish effective security measures and promote secure development practices to safeguard the integrity of 5G network functions. Additionally, the empirical investigation aids in identifying potential vulnerabilities in open-source 5G projects, paving the way for future enhancements and standard releases.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.