TIMESAFE: Timing Interruption Monitoring and Security Assessment for Fronthaul Environments
- URL: http://arxiv.org/abs/2412.13049v1
- Date: Tue, 17 Dec 2024 16:13:37 GMT
- Title: TIMESAFE: Timing Interruption Monitoring and Security Assessment for Fronthaul Environments
- Authors: Joshua Groen, Simone Di Valerio, Imtiaz Karim, Davide Villa, Yiewi Zhang, Leonardo Bonati, Michele Polese, Salvatore D'Oro, Tommaso Melodia, Elisa Bertino, Francesca Cuomo, Kaushik Chowdhury,
- Abstract summary: We show how a spoofing attack is able to cause a production-ready O-RAN and 5G-compliant private cellular base station to catastrophically fail within 2 seconds of the attack.
To counter this, we design a Machine Learning-based monitoring solution capable of detecting various malicious attacks with over 97.5% accuracy.
- Score: 25.43682473591802
- License:
- Abstract: 5G and beyond cellular systems embrace the disaggregation of Radio Access Network (RAN) components, exemplified by the evolution of the fronthual (FH) connection between cellular baseband and radio unit equipment. Crucially, synchronization over the FH is pivotal for reliable 5G services. In recent years, there has been a push to move these links to an Ethernet-based packet network topology, leveraging existing standards and ongoing research for Time-Sensitive Networking (TSN). However, TSN standards, such as Precision Time Protocol (PTP), focus on performance with little to no concern for security. This increases the exposure of the open FH to security risks. Attacks targeting synchronization mechanisms pose significant threats, potentially disrupting 5G networks and impairing connectivity. In this paper, we demonstrate the impact of successful spoofing and replay attacks against PTP synchronization. We show how a spoofing attack is able to cause a production-ready O-RAN and 5G-compliant private cellular base station to catastrophically fail within 2 seconds of the attack, necessitating manual intervention to restore full network operations. To counter this, we design a Machine Learning (ML)-based monitoring solution capable of detecting various malicious attacks with over 97.5% accuracy.
Related papers
- Securing 5G Bootstrapping: A Two-Layer IBS Authentication Protocol [4.087348638056961]
Lack of authentication during the initial bootstrapping phase between cellular devices and base stations allows attackers to send malicious messages to the devices.
We propose E2IBS, a novel and efficient two-layer identity-based signature scheme for seamless integration with existing cellular protocols.
Compared to the state-of-the-art Schnorr-HIBS, E2IBS reduces attack surfaces, enables fine-grained lawful interception, and achieves 2x speed in verification.
arXiv Detail & Related papers (2025-02-07T13:32:48Z) - Bridging the Security Gap: Lessons from 5G and What 6G Should Do Better [1.3505077405741583]
This paper provides a set of security recommendations for 6G networks.
It focuses on access and handover procedures, which often lack encryption and integrity protection.
It concludes with actionable recommendations to enhance the security, resilience, and robustness of 6G access and handover mechanisms.
arXiv Detail & Related papers (2025-01-19T13:44:17Z) - Securing Wi-Fi 6 Connection Establishment Against Relay and Spoofing Threats [8.770626974296949]
Current Wi-Fi security protocols fail to fully mitigate attacks like man-in-the-middle, preamble spoofing, and relaying.
We design a backward-compatible scheme using a digital signature interwoven into the preambles at the physical (PHY) layer with time constraints.
We show that our relay attack detection achieves 96-100% true positive rates.
arXiv Detail & Related papers (2025-01-02T19:49:24Z) - Toward Mixture-of-Experts Enabled Trustworthy Semantic Communication for 6G Networks [82.3753728955968]
We introduce a novel Mixture-of-Experts (MoE)-based SemCom system.
This system comprises a gating network and multiple experts, each specializing in different security challenges.
The gating network adaptively selects suitable experts to counter heterogeneous attacks based on user-defined security requirements.
A case study in vehicular networks demonstrates the efficacy of the MoE-based SemCom system.
arXiv Detail & Related papers (2024-09-24T03:17:51Z) - Securing Distributed Network Digital Twin Systems Against Model Poisoning Attacks [19.697853431302768]
Digital twins (DTs) embody real-time monitoring, predictive, and enhanced decision-making capabilities.
This study investigates the security challenges in distributed network DT systems, which potentially undermine the reliability of subsequent network applications.
arXiv Detail & Related papers (2024-07-02T03:32:09Z) - Penetration Testing of 5G Core Network Web Technologies [53.89039878885825]
We present the first security assessment of the 5G core from a web security perspective.
We use the STRIDE threat modeling approach to define a complete list of possible threat vectors and associated attacks.
Our analysis shows that all these cores are vulnerable to at least two of our identified attack vectors.
arXiv Detail & Related papers (2024-03-04T09:27:11Z) - Tamper-Evident Pairing [55.2480439325792]
Tamper-Evident Pairing (TEP) is an improvement of the Push-Button configuration (PBC) standard.
TEP relies on the Tamper-Evident Announcement (TEA), which guarantees that an adversary can neither tamper a transmitted message without being detected, nor hide the fact that the message has been sent.
This paper provides a comprehensive overview of the TEP protocol, including all information needed to understand how it works.
arXiv Detail & Related papers (2023-11-24T18:54:00Z) - Artificial Intelligence Empowered Multiple Access for Ultra Reliable and
Low Latency THz Wireless Networks [76.89730672544216]
Terahertz (THz) wireless networks are expected to catalyze the beyond fifth generation (B5G) era.
To satisfy the ultra-reliability and low-latency demands of several B5G applications, novel mobility management approaches are required.
This article presents a holistic MAC layer approach that enables intelligent user association and resource allocation, as well as flexible and adaptive mobility management.
arXiv Detail & Related papers (2022-08-17T03:00:24Z) - Downlink Power Allocation in Massive MIMO via Deep Learning: Adversarial
Attacks and Training [62.77129284830945]
This paper considers a regression problem in a wireless setting and shows that adversarial attacks can break the DL-based approach.
We also analyze the effectiveness of adversarial training as a defensive technique in adversarial settings and show that the robustness of DL-based wireless system against attacks improves significantly.
arXiv Detail & Related papers (2022-06-14T04:55:11Z) - Deep Learning-Based Synchronization for Uplink NB-IoT [72.86843435313048]
We propose a neural network (NN)-based algorithm for device detection and time of arrival (ToA) estimation for the narrowband physical random-access channel (NPRACH) of narrowband internet of things (NB-IoT)
The introduced NN architecture leverages residual convolutional networks as well as knowledge of the preamble structure of the 5G New Radio (5G NR) specifications.
arXiv Detail & Related papers (2022-05-22T12:16:43Z) - Adversarial Machine Learning for 5G Communications Security [4.336971448707467]
This paper identifies the emerging attack surface of adversarial machine learning and corresponding attacks launched against wireless communications.
The focus is on attacks against spectrum sharing of 5G communications with incumbent users.
Results indicate major vulnerabilities of 5G systems to adversarial machine learning.
arXiv Detail & Related papers (2021-01-07T17:52:17Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.