A Vulnerability Assessment of Open-Source Implementations of Fifth-Generation Core Network Functions-Reference-Cited by-同舟云学术

A Vulnerability Assessment of Open-Source Implementations of Fifth-Generation Core Network Functions

Published:2023-12-19 Issue:1 Volume:16 Page:1
ISSN:1999-5903
Container-title:Future Internet
language:en
Short-container-title:Future Internet

Author:

Dolente Filippo¹,Garroppo Rosario Giuseppe¹^ORCID,Pagano Michele¹^ORCID

Affiliation:

1. Department of Information Engineering, University of Pisa, Via Girolamo Caruso, 16, 56122 Pisa, Italy

Abstract

The paper presents an experimental security assessment within two widely used open-source 5G projects, namely Open5GS and OAI (Open-Air Interface). The examination concentrates on two network functions (NFs) that are externally exposed within the core network architecture, i.e., the Access and Mobility Management Function (AMF) and the Network Repository Function/Network Exposure Function (NRF/NEF) of the Service-Based Architecture (SBA). Focusing on the Service-Based Interface (SBI) of these exposed NFs, the analysis not only identifies potential security gaps but also underscores the crucial role of Mobile Network Operators (MNOs) in implementing robust security measures. Furthermore, given the shift towards Network Function Virtualization (NFV), this paper emphasizes the importance of secure development practices to enhance the integrity of 5G network functions. In essence, this paper underscores the significance of scrutinizing security vulnerabilities in open-source 5G projects, particularly within the core network’s SBI and externally exposed NFs. The research outcomes provide valuable insights for MNOs, enabling them to establish effective security measures and promote secure development practices to safeguard the integrity of 5G network functions. Additionally, the empirical investigation aids in identifying potential vulnerabilities in open-source 5G projects, paving the way for future enhancements and standard releases.

Publisher

MDPI AG

Subject

Computer Networks and Communications

Link

https://www.mdpi.com/1999-5903/16/1/1/pdf

Reference49 articles.

1. Witkowski, D. (2019). Bridging the Gap: 21st Century Wireless Telecommunications Handbook, Independent Publishing Platform. [2nd ed.].

2. CISCO (2023, April 16). CISCO Annual Internet Report. Available online: https://www.cisco.com/c/en/us/solutions/collateral/executive-perspectives/annual-internet-report/white-paper-c11-741490.html.

3. (2023, September 30). Open5GS. Available online: https://open5gs.org/.

4. (2023, September 30). Openairinterface: The Fastest Growing Community and Software Assets in 5g Wireless. Available online: https://openairinterface.org/.

5. Wadatkar, P.V., Garroppo, R.G., and Nencioni, G. (2023). 5G-MEC Testbeds for V2X Applications. Future Internet, 15.

Cited by 3 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. A Novel Framework for Cross-Cluster Scaling in Cloud-Native 5G NextGen Core;Future Internet;2024-09-06

2. “Work-in-Progress” Structuring the Complexity: An Ontological Approach to Analyze the Cybersecurity of a 5G Service;2024 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW);2024-07-08

3. Examining Cryptography and Randomness Failures in Open-Source Cellular Cores;Proceedings of the Fourteenth ACM Conference on Data and Application Security and Privacy;2024-06-19