View
3
Download
0
Category
Preview:
Citation preview
A Glimpse of
5G SecurityChallenges and Opportunities
Madhusanka LiyanageMarie Curie Fellow/Ad Astra Fellow @ University College Dublin, Ireland
Adjunct Professor/Docent @ University of Oulu, Finland
5
The Evolution of Mobile Networks
N/A <0.5Mbps1 63+Mbps2 400+Mbps3
AnalogVoice Digital Voice + SimpleData MobileBroadband Faster andBetter
Mobile2GD-AMPS, GSM/GPRS,
cdmaOne
Mobile3GCDMA2000/EV-DO,
WCDMA/HSPA+, TD-SCDMA
Mobile 4GLTELTE, LTE Advanced
Mobile1GAMPS, NMT, TACS
Richer Content
(Video)
More
Connections
1 Peak data rate for GSM/GPRS, latest Evolved EDGE has peak DL data rates capable of up to 1.2 Mbps; 2 Peak data rate for HSPA+ DL 3-carrier CA; HSPA+ specification includes additional potential CA + use of multiple antennas, but no announcements to
date; 3 Peak data rate for LTE Advanced Cat 6 with 20 + 20 MHz DL CA; LTE specification includes additional potential CA + additional use of multiple antennas, but no anno uncements to date
1980s 1990s 2001 2010
5G is a Complex Eco-System
3
4
Autonomous Driving
DronesUAVs
4K/8K VideoHologram TV
AR/MR
Remote Surgery
Industrial Internet
Wearables
Applications
5G Requirements
5
23
Enabling Technologies : Radio
#1 New spectrum #2 Massive MIMO
30 GHz
90 GHz
3 GHz
10 cm
300 MHz
1m
~3 mm
#3 Flexible frame design
User#2
User#2
User #4 User #5
User #3 User #5
User#1
User#1
time
frequency
User#3
One tile corresponds to the smallestuser allocation
t
f
Gateway
#5 Distributed architecture
• Lean carrier
• Flexible size,
control, TDD,
bandwidth etc
#4 Multi-connectivity
5G LTE
Wi-Fi
1 cm
10 GHz
3 cm
Not only radio technologies……..Core network is also needed to be upgraded……
Hardware
resources
Virtualization layer
Virtual
resources
VirtualEPCf3 Network
Functions
EPCf1 EPCf2
UE eNB GW
MME
4G/LTE mobile network (traditional
3GPP model):
•Proprietary HW appliances with SW
•Distributed Hard-wired network
Software Defined Mobile Network:
• Virtual appliances, SW in virtual machines
• Network control with centralized
controllers
Flexibility to scale up & down
On-demand response to dynamic traffic needs
Innovations with SW life cycle
HSS
2
10/21/2019 8
4G5G
5G Security
Evolution of Mobile Network Security Landscape
Source: Madhusanka Liyanage, Ahmed Bux Abro, Mika Ylianttila, Andrei Gurtov, Opportunities and Challenges of Software-Defined Mobile Networks in Network Security Perspective , published in IEEE Security and Privacy, August 2016 (IF: 1.382)
Composition of 5G
Security 5G and Beyond
5G Security
Pre-5G Security Issues
Issues relatedto Network
Softwarization
Issues relatedto new Verticals
Pre-5G Security Issues
• 5G will be vulnerable to pre-5G attacks
• Mobile ware Attacks such as DoS, Botnet, APT attacks
• Physical Layer Attacks such as jamming the signals, interference, eavesdropping, MitM
• Roaming Frauds and IP Hijacking Attacks
• Rogue Base Station Attacks
• IMSI-catcher intercepts mobile phone traffic and tracking location data of mobile phone users.
• Attacks via non-3GPP networks such as Wi-Fi, WiMAX, cdma2000®, WLAN or fixed networks.
Security Impact of Network
Softwarization in 5G
• Network Softwarization in 5G will introduce new security issues than 4G
• Open architecture introduce more attackers
• No implicit security due to the lack of knowhow
• Software based systems are easy to hack than hardware based systems
• No perimeter security or physical security due to virtualization
• Fast deployment of virtualized element with omit proper security testing
Source: I. Ahmad, T. Kumar, M. Liyanage, J. Okwuibe, M. Ylianttila and A. Gurtov, "Overview of 5G Security Challenges and Solutions," in IEEE Communications Standards Magazine, vol. 2, no. 1, pp. 36-43, MARCH 2018.
Security Issues related to new
Verticals
• New security requirements will be arise with new 5G verticals
• Health Care
• Autonomous Driving Cars
• Smart Grids
• Smart Homes / Smart City
• Industry 4.0
• Water Distribution
• Transport
• Postal
• Food and farming
• Weather Monitoring
5G Technologies and Network Softwarization can also help to improve the security
Network Softwarization can help to improve the security
FAST DEPLYMENTS AND UPDATE OF SECURITY
MECHANISMS
CENTRALIZED SECURITYCONTROLS AND GRANULAR
POLICY MANAGEMENT
OPTIMIZE THE SECURITYRESOURCES AND REDUCE THE
COST
OPEN THE NEW WAYS OF DELIVERING SECURITY E.G.
SECURITY-AS- SERVICE (SECAAS) VIA MEC AND
SLICING
INCREASE SCALABILITY AND FLEXIBILITY
Fast deplyments and update of security mechanisms
Possibility to implement Centralized security controls and policy enforcements
OPTIMIZE THE SECURITY RESOURCES AND REDUCE THE COST
Open new ways of delivering security e.g. Security-as- Service (SecAAS) via MEC and Slicing
Increase the Scalability
and Flexibility
Conclusion
• 5G will provide the connectivity for future IoT based services
• 5G will be developed based on the network softwarization concept
• 5G will be vulnerable to
• Pre-5G attacks
• Network Softwarization related attacks
• Attacks related to 5G Verticals
• Network Softwarization will also offer new opportunities to improve the 5G security.
Thank You
Contact me
• Email:• madhusanka@ucd.ie
• madhusanka.liyanage@oulu.fi
• Website:• www.madhusanka.com
• Linkedin:• www.linkedin.com/in/msanka/
New Technologies
Introduce new
Vulnerabilities to 5G
Security Issues Related to SDN• DoS Attacks on Controller• Flow Modification Attacks• Protocol Weaknesses• Information Disclosure through
interception• SDN Switch can be Impersonated
Security Issues Related to NFV• Open & Exposed NFV Infrastructure• Hypervisor Vulnerabilities• Less Secure VM Environments• VM Scape, Migration and
Manipulation Attacks• Software Flows
Security Issues Related to Slicing• Inter-Slice Communication
attacks• Cross-Slice DoS attacks• Variance of Policies and
Protocols for different slices • Side Channel Attacks
Security Issues Related to MEC• MEC Environment User Plane
Attacks• MEC Orchestrator Manipulation• VM Scape, Migration and
Manipulation Attacks• Software Flows
23
Enabling Technologies : Radio
#1 New spectrum #2 Massive MIMO
30 GHz
90 GHz
3 GHz
10 cm
300 MHz
1m
~3 mm
#3 Flexible frame design
User#2
User#2
User #4 User #5
User #3 User #5
User#1
User#1
time
frequency
User#3
One tile corresponds to the smallestuser allocation
t
f
Gateway
#5 Distributed architecture
• Lean carrier
• Flexible size,
control, TDD,
bandwidth etc
#4 Multi-connectivity
5G LTE
Wi-Fi
1 cm
10 GHz
3 cm
© Centre for Wireless Communications (CWC), University of Oulu
Research at University of Oulu
Position of University of Oulu in 5G• Finland has been at the center of mobile
communications technology creation since the appearance of the first mobile networks.
• Research findings at the University of Oulu (UO) have been instrumental for the national ICT ecosystem, for training experts and in the creation of real-world deployable concepts and solutions.
• In 2017, Oulu was listed among the “Top 13 Brain Belts – the Smartest Places on Earth”, by Business Insider.
• Other recent press articles in 2017 highlight Oulu as a 5G forerunner, e.g. PC Magazine “How a Small City in Finland Turned Into a 5G Pioneer”, and Forbes “The Eye of the 5G Innovation Hurricane Is in the Last Place You’d Expect”.
5G Test NetworkInnovation platform for next generation services
www.5gtn.fi
Partners involved
5GTN is part of 5thGear program by Tekes
5G PoC/5GNR
LTE small cell @3.5GHz
IoT sensorsLoRa, NB-IoT, UWB,, ZigBee, BLE
LTE Macros with NB IoT
5G Test Network
‒ Open test network for co-creation (https://services.5gtn.fi/).
‒ Main parts located in Oulu & Helsinki regions.
‒ Was used in EU-Korea demos at 2018 Winter Olympic Games.
‒ Operator grade live network with plugged in 5G prototype radios.
‒ Near future targets: become the first operational local micro-operator at University of
Oulu Digital Campus.
‒ Long Term Target: World’s First 6G Test Network
800 MHz @26/28 GHz 10 Gbps
Hybrid beamformer 5GTN SIM
21/10/2019 33
Other 5G
Test
Networks
VPN
RAN
Services
WiFi/BLE
LoRa
LTE
LTE-NB/M1
MEC
5G PoC
Frequency
700MHz B28
2.6 GHz FDD B7
2.1GHz TDD B1
2.3GHz TDD B40
3.5GHz TDD B42
EPC Core/VTT
SDM /
Nokia Tre
EPC Core/CWC
Alternative EPC ’s
MEC3….5GHz
26…28GHz
Centralized
CloudServices
Architecture
IoT Data
storage &
analytics
Distributed
CloudVTT
UNIV
City Library
VTT
UNIV
UNIV
VTT
UNIV
Related Publications (5G Security)
Edited Books:
• Madhusanka Liyanage, P. Kumar, A. Braeken, M. Ylianttila “IoT Security : Advances in Authentication”, published by Wiley Publishers, December
• Madhusanka Liyanage, Ijaz Ahmed, Ahmed Bux Abro, Andrei Gurtov, Mika Ylianttila, A comprehensive Guide to 5G Security , Wiley, 2018.
• Madhusanka Liyanage, Mika Ylianttila, Andrei Gurtov, Software Defined Mobile Networks (SDMN) : Beyond LTE Network Architecture , Wiley, 2015.
Journals
• An Braeken, Madhusanka Liyanage, Pardeep Kumar, John Murphy, Novel 5G Authentication Protocol to Improve the Resistance against Active Attacks and Malicious Serving Networks, in IEEE Access Journal 2019 (Impact Factor: 3.557)
• Rabia Khan, Madhusanka Liyanage, Pardeep Kumar, Nalin Jayakody, “A Survey on Security and Privacy of 5GTechnologies: Potential Solutions, Recent Advancements and Future Directions”, inIEEE Communications Surveys and Tutorials (Impact Factor: 22.973)
• Pasika Ranaweera, Anca Jurcut, Madhusanka Liyanage, “Survey on Multi-Access Edge Computing Security and Privacy”, Under Revision IEEE Communications Surveys and Tutorials, 2019 (Impact Factor: 22.973)
• Pawani Porambage, Jude Okwuibe, Madhusanka Liyanage, Mika Ylianttila, Tarik Taleb, Survey on Multi-Access Edge Computing for Internet of Things Realization, in IEEE Communications Survey and Tutorials 2018 (Impact Factor: 20.23)
• Ijaz Ahmed, Tanesh Kumar, Madhusanka Liyanage, Jude Okwuibe, Andrei Gurtov, Mika Ylianttila, Overview of 5G Security Challenges and Solutions , in IEEE Communications Standards Magazine, 2018
• Madhusanka Liyanage, Ijaz Ahmed, Jude Okwuibe, Mika Ylianttila, Hammad Kabir, Jesús LlorenteSantos, Raimo Kantola, Oscar López Pérez, Mikel Uriarte Itzazelaia, Edgardo Montes de Oca, Enhancing Security of Future Software Defined Mobile Networks , published in IEEE Access, 2017 (Impact Factor: 3.244)
• Madhusanka Liyanage, An Braeken, Anca Delia Jurcut, Mika Ylianttila, Andrei Gurtov, Secure Communication Channel Architecture for Software Defined Mobile Networks , published in Elsevier Journal on Computer Networks (COMNET), 2017 (Impact Factor: 2.516)
Related Publications (5G Security)
Conference Articles:
• A. Nag, A.Kalla Madhusanka Liyanage , ”Blockchain-over-Optical Networks : A Trusted Virtual Network Function (VNF) Management Proposition for 5G Optical Networks”, to be appeared in Asia Communications and Photonics Conference (ACP 2019), Chengdu, Sichuan, China, N0ovember 2019
• P. Ranaweera, A.D. Jurcut, Madhusanka Liyanage , ”Realizing Multi-Access Edge Computing Feasibility : Security Perspective”, to be appeared in IEEE Conference on Standards for Communications and Networking (CSCN 2019), Granada, Spain, October 2019
• P. Porambage, Y. Miche, A. Kalliola Madhusanka Liyanage , M. Ylianttila ”Secure Keying Scheme for Network Slicing in 5G Architecture”, to be appeared in IEEE Conference on Standards for Communications and Networking (CSCN 2019), Granada, Spain, October 2019
• A. Manzoor, Madhusanka Liyanage , A. Braeken, S. Kanhere, M. Ylianttila, ”Blockchain based Proxy Re-Encryption Scheme for Secure IoT Data Sharing”, to be appeared in 2019 IEEE International Conference on Blockchain and Cryptocurrency (ICBC 2019) , Seoul, South Korea, May 2019
• Yushan Siriwardhana, Pawani Porambage, Madhusanka Liyanage , J. S. Walia, Marja Matinmikko-Blue and Mika Ylianttila, ”Micro-Operator driven Local 5G Network Architecture for Industrial Internet”, to be appeared in Proc. of 2019 IEEE Wireless Communications and Networking Conference (WCNC), Marrakech, Morocco, April 2019.
• Madhusanka Liyanage, Jukka Salo, An Braeken, Tanesh Kumar, Suranga Seneviratne, Mika Ylianttila, 5G Privacy: Scenarios and Solutions, in 2018 IEEE 5G World Forum (5GWF), California, USA, July 2018
• Ijaz Ahmed, Tanesh Kumar, Madhusanka Liyanage, Jude Okwuibe, Mika Ylianttila, Andrei Gurtov, 5G Security: Analysis of Threats and Solutions , the 2017 IEEE Conference on Standards for Communications and Networking (CSCN), Helsinki, Finland, September 2017 – Best Paper Award
• Madhusanka Liyanage, Jude Okwuibe, Ijaz Ahmed, Mika Ylianttila, Oscar López Pérez, Mikel Uriarte Itzazelaia, Edgardo Montes de Oca, Software Defined Monitoring (SDM) for 5G Mobile Backhual Networks , in Proc. of the 23th IEEE International Symposium on Local and Metropolitan Area Networks (LANMAN), Osaka, Japan, June 2017
Related Publications (5G Security)
Conference Articles:
• Ijaz Ahmad, Madhusanka Liyanage, Suneth Namal, Mika Ylianttila, Andrei Gurtov, Marcus Eckert, Thomas Bauschert, Zoltan Faigl, Laszlo Bokor, Ece Saygun, Hasan Anil Akyildiz, Oscar Lopez Perez, Mikel Uriarte Itzazelaia, Berna Ozbek and Aydin Ulas, New Concepts for Traffic, Resource and Mobility Management in Software-Defined Mobile Networks , in Proc. of 12th Wireless On-demand Network systems and Services Conference (WONS), Cortina d'Ampezzo, Italy. January 2016.
• Madhusanka Liyanage, Ijaz Ahmed, Mika Ylianttila, Jesús Llorente Santos, Raimo Kantola, Oscar López Pérez, Mikel Uriarte Itzazelaia, Edgardo Montes de Oca, Asier Valtierra, Carlos Jimenez, Security for Future Software Defined Mobile Networks , in Proc. of 9th International Conference on Next Generation Mobile Applications, Services and Technologies (NGMAST,2015), Cambridge, UK. September 2015. – Best Paper Award
• Jose Costa-Requena, Jesús Llorente Santos, Vicent Ferrer Guasch, Kimmo Ahokas, GopikaPremsankar, Sakari Luukkainen, Ijaz Ahmed, Madhusanka Liyanage, Mika Ylianttila, Oscar López Pérez, Mikel Uriarte Itzazelaia, Edgardo Montes de Oca, SDN and NFV Integration in Generalized Mobile Network Architecture , in Proc. of European Conference on Networks and Communications (EUCNC), Paris, France. June 2015.
• Madhusanka Liyanage, Mika Ylianttila, Andrei Gurtov, Securing the Control Channel of Software-Defined Mobile Networks , in Proc. of IEEE 15th International Symposium on World of Wireless, Mobile and Multimedia Networks (WoWMoM), Sydney, Australia. June 2014.
Recommended