scasdk - 5G核心网安全保障一体化测试平台

IF 4.4 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Networks Pub Date : 2025-04-18 DOI:10.1016/j.comnet.2025.111296

Francesco Mancini, Riccardo Marzilli, Sara Da Canal, Giuseppe Bianchi

{"title":"scasdk - 5G核心网安全保障一体化测试平台","authors":"Francesco Mancini, Riccardo Marzilli, Sara Da Canal, Giuseppe Bianchi","doi":"10.1016/j.comnet.2025.111296","DOIUrl":null,"url":null,"abstract":"<div><div>This paper introduces ScasDK, an innovative proxy-based framework designed to enable advanced security assurance testing within virtualized 5G Core Networks. Unlike conventional 5G-specific security assurance approaches meant to be employed in offline, certification-oriented testing, ScasDK utilizes programmable proxies between network functions, enabling testing directly within online environments—in principle even in production scenarios. Additionally, ScasDK allows third-party test labs and infrastructure providers to efficiently define, deploy, and manage not only the standardized Security Assurance Specifications (SCAS) tests established by 3GPP but also custom, scenario-specific testing methodologies. Seamlessly integrated into a DevSecOps pipeline, ScasDK was validated through comprehensive security assessments on three open-source 5G Core Networks, uncovering several vulnerabilities and identifying areas for improvement. The performance evaluation further demonstrates the feasibility of online testing, setting the stage for future security testing practices in 5G core networks.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"265 ","pages":"Article 111296"},"PeriodicalIF":4.4000,"publicationDate":"2025-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"ScasDK—An all-in-one test platform for security assurance in 5G core networks\",\"authors\":\"Francesco Mancini, Riccardo Marzilli, Sara Da Canal, Giuseppe Bianchi\",\"doi\":\"10.1016/j.comnet.2025.111296\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>This paper introduces ScasDK, an innovative proxy-based framework designed to enable advanced security assurance testing within virtualized 5G Core Networks. Unlike conventional 5G-specific security assurance approaches meant to be employed in offline, certification-oriented testing, ScasDK utilizes programmable proxies between network functions, enabling testing directly within online environments—in principle even in production scenarios. Additionally, ScasDK allows third-party test labs and infrastructure providers to efficiently define, deploy, and manage not only the standardized Security Assurance Specifications (SCAS) tests established by 3GPP but also custom, scenario-specific testing methodologies. Seamlessly integrated into a DevSecOps pipeline, ScasDK was validated through comprehensive security assessments on three open-source 5G Core Networks, uncovering several vulnerabilities and identifying areas for improvement. The performance evaluation further demonstrates the feasibility of online testing, setting the stage for future security testing practices in 5G core networks.</div></div>\",\"PeriodicalId\":50637,\"journal\":{\"name\":\"Computer Networks\",\"volume\":\"265 \",\"pages\":\"Article 111296\"},\"PeriodicalIF\":4.4000,\"publicationDate\":\"2025-04-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computer Networks\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S1389128625002646\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Networks","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1389128625002646","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

摘要

本文介绍了ScasDK，这是一个创新的基于代理的框架，旨在实现虚拟化5G核心网络中的高级安全保证测试。与传统的5g特定安全保证方法不同，ScasDK在网络功能之间使用可编程代理，可以直接在在线环境中进行测试，原则上甚至可以在生产场景中进行测试。此外，ScasDK不仅允许第三方测试实验室和基础设施提供商有效地定义、部署和管理3GPP建立的标准化安全保证规范（SCAS）测试，还允许定制的、特定场景的测试方法。ScasDK无缝集成到DevSecOps管道中，通过对三个开源5G核心网络的全面安全评估进行了验证，发现了几个漏洞并确定了需要改进的领域。性能评估进一步证明了在线测试的可行性，为未来5G核心网的安全测试实践奠定了基础。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

ScasDK—An all-in-one test platform for security assurance in 5G core networks

This paper introduces ScasDK, an innovative proxy-based framework designed to enable advanced security assurance testing within virtualized 5G Core Networks. Unlike conventional 5G-specific security assurance approaches meant to be employed in offline, certification-oriented testing, ScasDK utilizes programmable proxies between network functions, enabling testing directly within online environments—in principle even in production scenarios. Additionally, ScasDK allows third-party test labs and infrastructure providers to efficiently define, deploy, and manage not only the standardized Security Assurance Specifications (SCAS) tests established by 3GPP but also custom, scenario-specific testing methodologies. Seamlessly integrated into a DevSecOps pipeline, ScasDK was validated through comprehensive security assessments on three open-source 5G Core Networks, uncovering several vulnerabilities and identifying areas for improvement. The performance evaluation further demonstrates the feasibility of online testing, setting the stage for future security testing practices in 5G core networks.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Computer Networks 工程技术-电信学

CiteScore

10.80

自引率

3.60%

发文量

434

审稿时长

8.6 months

期刊介绍： Computer Networks is an international, archival journal providing a publication vehicle for complete coverage of all topics of interest to those involved in the computer communications networking area. The audience includes researchers, managers and operators of networks as well as designers and implementors. The Editorial Board will consider any material for publication that is of interest to those groups.