SoK: Evaluating 5G Protocols Against Legacy and Emerging Privacy and Security Attacks

arXiv - CS - Networking and Internet Architecture Pub Date : 2024-09-10 DOI:arxiv-2409.06360

Stavros Eleftherakis, Domenico Giustiniano, Nicolas Kourtellis

{"title":"SoK: Evaluating 5G Protocols Against Legacy and Emerging Privacy and Security Attacks","authors":"Stavros Eleftherakis, Domenico Giustiniano, Nicolas Kourtellis","doi":"arxiv-2409.06360","DOIUrl":null,"url":null,"abstract":"Ensuring user privacy remains a critical concern within mobile cellular\nnetworks, particularly given the proliferation of interconnected devices and\nservices. In fact, a lot of user privacy issues have been raised in 2G, 3G,\n4G/LTE networks. Recognizing this general concern, 3GPP has prioritized\naddressing these issues in the development of 5G, implementing numerous\nmodifications to enhance user privacy since 5G Release 15. In this\nsystematization of knowledge paper, we first provide a framework for studying\nprivacy and security related attacks in cellular networks, setting as privacy\nobjective the User Identity Confidentiality defined in 3GPP standards. Using\nthis framework, we discuss existing privacy and security attacks in pre-5G\nnetworks, analyzing the weaknesses that lead to these attacks. Furthermore, we\nthoroughly study the security characteristics of 5G up to the new Release 19,\nand examine mitigation mechanisms of 5G to the identified pre-5G attacks.\nAfterwards, we analyze how recent 5G attacks try to overcome these mitigation\nmechanisms. Finally, we identify current limitations and open problems in\nsecurity of 5G, and propose directions for future work.","PeriodicalId":501280,"journal":{"name":"arXiv - CS - Networking and Internet Architecture","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2024-09-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Networking and Internet Architecture","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2409.06360","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Ensuring user privacy remains a critical concern within mobile cellular networks, particularly given the proliferation of interconnected devices and services. In fact, a lot of user privacy issues have been raised in 2G, 3G, 4G/LTE networks. Recognizing this general concern, 3GPP has prioritized addressing these issues in the development of 5G, implementing numerous modifications to enhance user privacy since 5G Release 15. In this systematization of knowledge paper, we first provide a framework for studying privacy and security related attacks in cellular networks, setting as privacy objective the User Identity Confidentiality defined in 3GPP standards. Using this framework, we discuss existing privacy and security attacks in pre-5G networks, analyzing the weaknesses that lead to these attacks. Furthermore, we thoroughly study the security characteristics of 5G up to the new Release 19, and examine mitigation mechanisms of 5G to the identified pre-5G attacks. Afterwards, we analyze how recent 5G attacks try to overcome these mitigation mechanisms. Finally, we identify current limitations and open problems in security of 5G, and propose directions for future work.

查看原文本刊更多论文

SoK：评估 5G 协议应对传统和新兴隐私与安全攻击的能力

确保用户隐私仍然是移动蜂窝网络中的一个关键问题，特别是考虑到互联设备和服务的激增。事实上，在 2G、3G、4G/LTE 网络中已经出现了很多用户隐私问题。认识到这一普遍关切，3GPP 在开发 5G 时优先考虑解决这些问题，自 5G 第 15 版起实施了大量修改以增强用户隐私。在这篇系统化知识论文中，我们首先提供了一个研究蜂窝网络中隐私和安全相关攻击的框架，将 3GPP 标准中定义的用户身份保密性作为隐私目标。利用这一框架，我们讨论了 5G 前网络中现有的隐私和安全攻击，分析了导致这些攻击的弱点。然后，我们分析了最近的 5G 攻击如何试图克服这些缓解机制。最后，我们指出了当前 5G 安全方面的局限性和有待解决的问题，并提出了未来的工作方向。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

arXiv - CS - Networking and Internet Architecture

自引率

0.00%

发文量