Smart Fuzzing of 5G Wireless Software Implementation
- URL: http://arxiv.org/abs/2309.12994v1
- Date: Fri, 22 Sep 2023 16:45:42 GMT
- Title: Smart Fuzzing of 5G Wireless Software Implementation
- Authors: Huan Wu, Brian Fang, and Fei Xie
- Abstract summary: We introduce a comprehensive approach to bolstering the security, reliability, and comprehensibility of OpenAirInterface5G (OAI5G)
We employ AFL++, a powerful fuzzing tool, to fuzzy-test OAI5G with respect to its configuration files rigorously.
Secondly, we harness the capabilities of Large Language Models such as Google Bard to automatically decipher and document the meanings of parameters within the OAI5G that are used in fuzzing.
- Score: 4.1439060468480005
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: In this paper, we introduce a comprehensive approach to bolstering the
security, reliability, and comprehensibility of OpenAirInterface5G (OAI5G), an
open-source software framework for the exploration, development, and testing of
5G wireless communication systems. Firstly, we employ AFL++, a powerful fuzzing
tool, to fuzzy-test OAI5G with respect to its configuration files rigorously.
This extensive testing process helps identify errors, defects, and security
vulnerabilities that may evade conventional testing methods. Secondly, we
harness the capabilities of Large Language Models such as Google Bard to
automatically decipher and document the meanings of parameters within the OAI5G
codebase that are used in fuzzing. This automated parameter interpretation
streamlines subsequent analyses and facilitates more informed decision-making.
Together, these two techniques contribute to fortifying the OAI5G system,
making it more robust, secure, and understandable for developers and analysts
alike.
Related papers
- Advanced Penetration Testing for Enhancing 5G Security [0.0]
This paper reviews penetration testing approaches for identifying security vulnerabilities in 5G networks.
It examines ways adversaries exploit vulnerabilities in 5G networks, covering tactics and strategies targeted at 5G features.
Our research indicates that 5G penetration testing should use a multithreaded approach for addressing current security challenges.
arXiv Detail & Related papers (2024-07-24T13:35:35Z) - Masked Thought: Simply Masking Partial Reasoning Steps Can Improve Mathematical Reasoning Learning of Language Models [102.72940700598055]
In reasoning tasks, even a minor error can cascade into inaccurate results.
We develop a method that avoids introducing external resources, relying instead on perturbations to the input.
Our training approach randomly masks certain tokens within the chain of thought, a technique we found to be particularly effective for reasoning tasks.
arXiv Detail & Related papers (2024-03-04T16:21:54Z) - Penetration Testing of 5G Core Network Web Technologies [53.89039878885825]
We present the first security assessment of the 5G core from a web security perspective.
We use the STRIDE threat modeling approach to define a complete list of possible threat vectors and associated attacks.
Our analysis shows that all these cores are vulnerable to at least two of our identified attack vectors.
arXiv Detail & Related papers (2024-03-04T09:27:11Z) - Foundation Model Based Native AI Framework in 6G with Cloud-Edge-End
Collaboration [56.330705072736166]
We propose a 6G native AI framework based on foundation models, provide a customization approach for intent-aware PFM, and outline a novel cloud-edge-end collaboration paradigm.
As a practical use case, we apply this framework for orchestration, achieving the maximum sum rate within a wireless communication system.
arXiv Detail & Related papers (2023-10-26T15:19:40Z) - HuntGPT: Integrating Machine Learning-Based Anomaly Detection and Explainable AI with Large Language Models (LLMs) [0.09208007322096533]
We present HuntGPT, a specialized intrusion detection dashboard applying a Random Forest classifier.
The paper delves into the system's architecture, components, and technical accuracy, assessed through Certified Information Security Manager (CISM) Practice Exams.
The results demonstrate that conversational agents, supported by LLM and integrated with XAI, provide robust, explainable, and actionable AI solutions in intrusion detection.
arXiv Detail & Related papers (2023-09-27T20:58:13Z) - A LLM Assisted Exploitation of AI-Guardian [57.572998144258705]
We evaluate the robustness of AI-Guardian, a recent defense to adversarial examples published at IEEE S&P 2023.
We write none of the code to attack this model, and instead prompt GPT-4 to implement all attack algorithms following our instructions and guidance.
This process was surprisingly effective and efficient, with the language model at times producing code from ambiguous instructions faster than the author of this paper could have done.
arXiv Detail & Related papers (2023-07-20T17:33:25Z) - When Authentication Is Not Enough: On the Security of Behavioral-Based Driver Authentication Systems [53.2306792009435]
We develop two lightweight driver authentication systems based on Random Forest and Recurrent Neural Network architectures.
We are the first to propose attacks against these systems by developing two novel evasion attacks, SMARTCAN and GANCAN.
Through our contributions, we aid practitioners in safely adopting these systems, help reduce car thefts, and enhance driver security.
arXiv Detail & Related papers (2023-06-09T14:33:26Z) - NLP-based Cross-Layer 5G Vulnerabilities Detection via Fuzzing Generated
Run-Time Profiling [4.893416946078254]
We propose an innovative approach for automatically detecting vulnerabilities, unintended emergent behaviors, and performance degradation in 5G stacks.
Piloting on srsRAN, we map the run-time profiling via Logging Information (LogInfo) generated by fuzzing test to a high dimensional metric space first.
We further leverage machine learning-based classification algorithms, including Logistic Regression, K-Nearest Neighbors, and Random Forest to categorize the impacts on performance and security attributes.
arXiv Detail & Related papers (2023-05-14T19:07:21Z) - A Survey on XAI for Beyond 5G Security: Technical Aspects, Use Cases,
Challenges and Research Directions [5.891706309293248]
The goal of using XAI in the security domain of B5G is to allow the decision-making processes of the security of systems to be transparent and comprehensible to stakeholders.
In every facet of the forthcoming B5G era, including B5G technologies such as RAN, zero-touch network management, E2E slicing, this survey emphasizes the role of XAI in them and the use cases that the general users would ultimately enjoy.
arXiv Detail & Related papers (2022-04-27T10:26:24Z) - WNARS: WFST based Non-autoregressive Streaming End-to-End Speech
Recognition [59.975078145303605]
We propose a novel framework, namely WNARS, using hybrid CTC-attention AED models and weighted finite-state transducers.
On the AISHELL-1 task, our WNARS achieves a character error rate of 5.22% with 640ms latency, to the best of our knowledge, which is the state-of-the-art performance for online ASR.
arXiv Detail & Related papers (2021-04-08T07:56:03Z) - Artificial Intelligence and Machine Learning in 5G Network Security:
Opportunities, advantages, and future research trends [5.431496585727341]
5G networks' primary selling point has been higher data rates and speed.
As 5G networks' primary selling point has been higher data rates and speed, it will be difficult to tackle wide range of threats.
This article presents AI and ML driven applications for 5G network security.
arXiv Detail & Related papers (2020-07-09T01:02:13Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.