Analysis of hazardous events and vulnerabilities of 5G transport communication networks
DOI: 10.34759/trd-2022-123-14
Аuthors
*, **, ***, ****Moscow Technical University of Communications And Informatics, 8a, Aviamotornaya Str., Moscow, 111024, Russia
*e-mail: i.g.buzhin@mtuci.ru
**e-mail: xarti@mail.ru
***e-mail: i.b.mironov@mtuci.ru
****e-mail: varvara_zi@mail.ru
Abstract
Being compared to the 3G and 4G, the 5G network offers significant increase in data-transmission rate, delay reduction and high-reliability connection. These advantages will allow organizations to operate more effectively, as well as render services quicker, enhancing their quality. Data throughput of the fifth-generation networks is higher, thus, connection of comparatively greater number of users and devices is possible.
The most serious safety hazards facing consumers and enterprises in the 5G networks are as follows:
1. Significantly larger surface of attack.
2. Severe aftermath caused by cyber-attacks.
3. A potential for more aggressive spying.
4. Subscribers' activity monitoring attacks.
5. Dangerous DDoS attacks.
Let us consider the 5G/SDN/NFV possible vulnerabilities classification. Vulnerabilities occurring due to the insufficient organization of information technical protecting from the unauthorized access and technical channels of information leakage are beyond the scope of the system under consideration. In general, the SDN/NFV security ensuring issues are considered in [1, 2, 3, 4, 5, 6]. They are:
• Software vulnerabilities.
• Vulnerabilities caused by the presence of a software-hardware bug in the 5G/SDN/NFV equipment [7].
• Vulnerabilities of network interaction protocols implementation and data transfer channels (IP, OpenFlow, etc.) [7].
• Vulnerabilities of the information security tools (the ones in the form of PNF, VNF), software and hardware.
Let us adduce a possible information security threats (IST) classification [7]:
• The IST by the information type being processed in the system:
– voice information;
– information processed by technical means of information processing;
• The IST by type of possible sources:
– an external intruder;
– an internal intruder;
– malware;
– a hardware bug (embedded or stand-alone) (not considered in this model).
• The IST by type of the information security property that is violated:
– information confidentiality (leakage, interception, capture, copying, theft, provisioning, distribution);
– information integrity (loss, theft, destruction, unauthorized changes);
– information availability (blocking);
– accountability of processes;
– repudiation of information or actions.
• The IST by the system type: since the 5G/SDN/NFV refers to the class of distributed 5G/ SDN/ NFV connected to the international information exchange network, threats specific to this type of system are considered.
• The IST by type of implementation:
– implemented through special impacts (of mechanical, chemical, acoustic, biological, radiation, thermal, electromagnetic nature) (not considered in this model);
– implemented through leakages from technical channels (not covered in this model);
– implemented through unauthorized access to the 5G/SDN/NFV;
• IST by type of the vulnerability utilized:
– related to the use of software vulnerabilities (hypervisors, virtual features);
– associated with application vulnerabilities;
– implemented through hardware bugs (not covered in this model);
– related to vulnerabilities in network protocols and communication channels (IP, Openflow);
– the ones the implementation of which is possible due to the vulnerabilities related to the gaps in the technical protection of information from unauthorized access (not covered in this model);
– implemented through vulnerabilities associated with the technical channels of information leakage (not considered in this model) [10];
– related to the vulnerabilities of information security tools;
– man-made threats.
• IST by type of the object being affected:
– information processed at the automated workstations of the system administrator and user;
– information processed in peripheral processing equipment (printers, plotters, remote monitors, video projectors, sound reproduction equipment, etc.) (not covered in this model);
– information transmitted through communications channels (while transmitted, while processed);
– information processed within the 5G/SDN/NFV virtual infrastructure and that includes storage;
– applications;
– software providing the 5G/SDN/NFV operation (SDN/NFV units, virtualization tools).
Considering the possible consequences of the IST implementation, we should focus on violating the key properties of information to ensure its security: confidentiality, integrity, availability, accountability, nonrepudiation.
Keywords:
5G, threats, vulnerabilities, threat model, data networksReferences
-
Shang Gao, Zecheng Li, Bin Xiao, Guiyi Wei. Security Threats in the Data Plane of Software-Defined Networks, IEEE Network, 2018, pp. 1-6. DOI: 10.1109/MNET.2018.1700283
-
Casado M., Garfinkel T., Akella A., Freedman M.J., Boneh D., McKeown N., Shenker S. SANE: A protection architecture for enterprise networks, USENIX Security Symposium, 2006.
-
Scott-Hayward S., Natarajan S., Sezer S. A Survey of Security in Software Defined Networks, IEEE Communications Surveys and Tutorials, 2016, vol. 18 (1), pp. 623-654. DOI: 10.1109/COMST.2015.2453114
-
Zakharov A.A., Popov E.F., Fuchko M.M. Vestnik SibGUTI, 2016, no. 1 (33), pp. 83-92.
-
Efimushkin V.A., Ledovskikh T.V., Korabel'nikov D.M., Yazykov D.N. T-Comm: Telekommunikatsii i transport, 2015, vol. 9, no. 8, pp. 5-13.
-
Volkov S.S., Kurochkin I.I. International Journal of Open Information Technologies, 2019, vol. 7, no. 11, pp. 49-58.
-
Ageev S.A. et al. Avtomatizatsiya protsessov upravleniya, 2011, no 1, pp. 50-57.
-
Yakupov R.R. et al. Svidetel'stvo o gosudarstvennoi registratsii programmy dlya EVM. RU 2017612328, 20.02.2017.
-
Bezrodnykh O.A. StudNet, 2021, vol. 4, no. 4. URL: https://cyberleninka.ru/article/n/sistematizatsiya-ugroz-bezopasnosti-informatsii-dlya-uproscheniya-postroeniya-modeli-ugroz?
-
Mukhanova A.A., Revnivykh A.V., Fedotov A.M. Vestnik Novosibirskogo gosudarstvennogo universiteta. Seriya: Informatsionnye tekhnologii, 2013, vol. 11, no. 2, pp. 55-72.
-
Bakhtin A.A., Volkov A.S., Solodkov A.V., Baskakov A.E. Trudy MAI, 2021, no. 117. URL: https://trudymai.ru/eng/published.php?ID=122307. DOI: 10.34759/trd-2021-117-07
-
Volkov A.S., Baskakov A.E. Trudy MAI, 2021, no. 118. URL: https://trudymai.ru/eng/published.php?ID=158240. DOI: 10.34759/trd-2021-118-07
-
Kurochkin I.I., Gumennyi D.G. Sovremennye informatsionnye tekhnologii i IT-obrazovanie, 2015, vol. 11, no. 2, pp. 381-383.
-
Principles and Practices for Securing Software-Defined Networks. ONF TR-511 Open Networking Foundation, 2015. URL: https://pdfslide.net/documents/principles-and-practices-for-securing-software-defined-networks.html
-
Antonov A.I., Kireeva N.V. III Nauchnyi forum telekommunikatsii: teoriya i tekhnologii TTT-2019, sbornik trudov. Kazan', Kazanskii gosudarstvennyi tekhnicheskii universitet im. A.N. Tupoleva, 2019, pp. 567-568.
-
Ji X. et al. Overview of 5G security technology, Science China Information Sciences, 2018, vol. 61, no. 8, pp. 1-25. DOI:10.1007/s11432-017-9426-4
-
Chamola V. et al. Information security in the post quantum era for 5G and beyond networks: Threats to existing cryptography, and post-quantum cryptography, Computer Communications, 2021, vol. 176, pp. 99-118. DOI:10.1016/j.comcom.2021.05.019
-
Khan J.A., Chowdhury M.M. Security Analysis of 5G Network, 2021 IEEE International Conference on Electro Information Technology (EIT), 2021, pp. 001-006.
-
Soldani D. 5G and the Future of Security in ICT, 2019 29th International Telecommunication Networks and Applications Conference (ITNAC), IEEE, 2019, pp. 1-8. DOI:10.1109/ITNAC46935.2019.9078011
-
Prasad A.R. et al. 3GPP 5G security, Journal of ICT Standardization, 2018, vol. 6, no. 1, pp. 137-158. DOI:10.13052/jicts2245-800X.619
-
Salman O. et al. Multi-level security for the 5G/IoT ubiquitous network, 2017 Second International Conference on Fog and Mobile Edge Computing (FMEC), IEEE, 2017, pp. 188-193. DOI:10.1109/FMEC.2017.7946429
Download