Journal of Information Processing Systems

  • 제20권1호
  • /
  • Pages.38-52
  • /
  • 2024
  • /
  • 1976-913X(pISSN)
  • /
  • 2092-805X(eISSN)
한국정보처리학회 (Korea Information Processing Society)
권호 표지
DOI QR코드

DOI QR Code

A Study on the Analysis of Security Requirements through Literature Review of Threat Factors of 5G Mobile Communication

  • DongGyun Chu (Division of Business Administration, The Graduate School, Sangmyung University) ;
  • Jinho Yoo (Information Systems & Security, Division of Business Administration, Sangmyung University)
  • 투고 : 2023.04.27
  • 심사 : 2023.10.12
  • 발행 : 2024.02.29
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

The 5G is the 5th generation mobile network that provides enhanced mobile broadband, ultra-reliable & low latency communications, and massive machine-type communications. New services can be provided through multi-access edge computing, network function virtualization, and network slicing, which are key technologies in 5G mobile communication. However, these new technologies provide new attack paths and threats. In this paper, we analyzed the overall threats of 5G mobile communication through a literature review. First, defines 5G mobile communication, analyzes its features and technology architecture, and summarizes possible security issues. Addition, it presents security threats from the perspective of user devices, radio access network, multi-access edge computing, and core networks that constitute 5G mobile communication. After that, security requirements for threat factors were derived through literature analysis. The purpose of this study is to conduct a fundamental analysis to examine and assess the overall threat factors associated with 5G mobile communication. Through this, it will be possible to protect the information and assets of individuals and organizations that use 5G mobile communication technology, respond to various threat situations, and increase the overall level of 5G security.

키워드

과제정보

This research was funded by a 2021 research grant from Sangmyung University.

참고문헌

  1. International Telecommunication Union, "IMT Vision - Framework and overall objectives of the future development of IMT for 2020 and beyond (ITU-R M.2083-0)," 2015 [Online]. Available: https://www.itu.int/rec/R-REC-M.2083-0-201509-I/en. 
  2. 5G Americas, "5G Services & Use Cases," 2017 [Online]. Available: https://www.5gamericas.org/5gservices-use-cases/. 
  3. M. Geller and P Nair, "5G security innovation with Cisco," 2018 [Online]. Available: https://www.cisco.com/ c/dam/en/us/solutions/collateral/service-provider/service-provider-security-solutions/5g-security-innovationwith-cisco-wp.pdf. 
  4. 5G Americas, "The evolution of security in 5G," 2019 [Online]. Available: https://www.5gamericas.org/theevolution-of-security-in-5g-2/. 
  5. Q. V. Pham, F. Fang, V. N. Ha, M. J. Piran, M. Le, L. B. Le, W. J. Hwang, and Z. Dong, "A survey of multiaccess edge computing in 5G and beyond: Fundamentals, technology integration, and state-of-the-art," IEEE Access, vol. 8, pp. 116974-117017, 2020. https://doi.org/10.1109/ACCESS.2020.3001277 
  6. J. Hodges, "5G security strategy considerations," 2019 [Online]. Available: https://www.juniper.net/content/dam/www/assets/white-papers/kr/ko/5g-security-strategy-considerations.pdf. 
  7. A. Nieto, A. Acien, and G. Fernandez, "Crowdsourcing analysis in 5G IoT: cybersecurity threats and mitigation," Mobile Networks and Applications, vol. 24, pp. 881-889, 2019. https://doi.org/10.1007/s11036- 018-1146-4 
  8. 5GPPP, "View on 5G architecture," 2016 [Online]. Available: https://5g-ppp.eu/wp-content/uploads/2014/02/5G-PPP-5G-Architecture-WP-July-2016.pdf. 
  9. D. Park and H. Lee, "Standards/test certification technology trend - 5G technology development trend for vertical integration," TTA Journal, vol. 168, pp. 61-69, 2016. 
  10. P. Song and S. Song, "Trends of standardization activity for 5G RAN architecture," Electronics and Telecommunications Trends, vol. 31, no. 6, pp. 88-96, 2016. https://doi.org/10.22648/ETRI.2016.J.310610 
  11. 3GPP, "Security architecture and procedures for 5G system (TS 33.501 version 16.3.0 Release 16)," 2020 [Online]. Available: https://www.etsi.org/deliver/etsi_ts/133500_133599/133501/16.03.00_60/ts_133501v1 60300p.pdf. 
  12. I. Ahmad, T. Kumar, M. Liyanage, J. Okwuibe, M. Ylianttila, and A. Gurtov, "Overview of 5G security challenges and solutions," IEEE Communications Standards Magazine, vol. 2, no. 1, pp. 36-43, 2018. https://doi.org/10.1109/MCOMSTD.2018.1700063 
  13. European Union Agency for Cybersecurity, "ENISA threat landscape for 5G networks," 2019 [Online]. Available: https://doi.org/10.2824/49299. 
  14. Next Generation Mobile Networks, "The NGMN 5G white paper," 2015 [Online]. Available: https://www.ngmn.org/work-programme/5g-white-paper.html. 
  15. Anritsu, "A bottom-up approach to 5G network slicing security in user equipment," 2021 [Online]. Available: https://resources.goanritsu.com/white-papers/a-bottom-up-approach-to-5g-network-slicing-security-in-userequipment. 
  16. 5G Americas, "Security Considerations for the 5G era," 2020 [Online]. Available: https://www.5gamericas.org/download/security-considerations-for-the-5g-era-2020-white-paper/. 
  17. E. Bertino, S. R. Hussain, and O. Chowdhury, "5G security and privacy: a research roadmap," 2020 [Online]. Available: https://arxiv.org/abs/2003.13604. 
  18. S. Fonyi, "Overview of 5G security and vulnerabilities," The Cyber Defense Review, vol. 5, no. 1, pp. 117- 134, 2020. 
  19. S. Sullivan, A. Brighente,S. A. Kumar, and M. Conti, "5G security challenges and solutions: a review by OSI layers," IEEE Access, vol. 9, pp. 116294-116314, 2021. https://doi.org/10.1109/ACCESS.2021.3105396 
  20. 5GPPP, "5G and the Factories of the future," 2015 [Online]. Available: https://5g-ppp.eu/wp-content/uploads/ 2014/02/5G-PPP-White-Paper-on-Factories-of-the-Future-Vertical-Sector.pdf. 
  21. 5GPPP, "5G Automotive vision," 2015 [Online]. Available: https://5g-ppp.eu/wp-content/uploads/2014/02/ 5G-PPP-White-Paper-on-Automotive-Vertical-Sectors.pdf. 
  22. 5GPPP, "5G and energy," 2015 [Online]. Available: https://5g-ppp.eu/wp-content/uploads/2014/02/5G-PPPWhite_Paper-on-Energy-Vertical-Sector.pdf. 
  23. Cisco, "5G cybersecurity guidance," 2020 [Online]. Available: https://www.cisco.com/c/dam/en_us/about/ doing_business/trust-center/docs/cisco-5g-cybersecurity-guidance.pdf. 
  24. O. Park, H. Hwang, C. Lee, and J. Shin, "Trends of 5G Massive IoT," Electronics and Telecommunications Trends, vol. 31, no. 1, pp. 68-77, 2016. https://doi.org/10.22648/ETRI.2016.J.310107 
  25. Financial Security Institute, "Security requirements for 5G-based financial services," e-Finance and Financial Security, vol. 2019, no. 17, pp. 33-52, 2019. 
  26. Korea Internet & Security Agency, "Home/home appliances IoT security guide," 2017 [Online]. Available: https://www.kisa.or.kr/2060205/form?postSeq=3&page=2. 
  27. T. Wan, "False base station or IMSI Catcher: what you need to know," 2019 [Online]. Available: https://www.cablelabs.com/blog/false-base-station-or-imsi-catcher-what-you-need-to-know. 
  28. 3GPP, "NR; Radio Resource Control (RRC); Protocol specification (TS 38.331)," 2020 [Online]. Available: https://portal.3gpp.org/desktopmodules/Specifications/SpecificationDetails.aspx?specificationId=3197. 
  29. 3GPP, "Study on 5G security enhancement against false base stations (TR 33.809 Release 11)," 2020 [Online]. Available: https://portal.3gpp.org/desktopmodules/Specifications/SpecificationDetails.aspx?specificationId=3539. 
  30. R. Chirgwin, "Fake mobile base stations spreading malware in China," 2017 [Online]. Available: https://www.theregister.com/2017/03/23/fake_base_stations_spreading_malware_in_china/. 
  31. Y. Kim, J. Park, J. Lee, J. Jang, D. Moon, and I. Kim, "Security threat and response technology for multiaccess edge computing in 5G environments," Communications of the Korean Institute of Information Scientists and Engineers, vol. 38, no. 9, pp. 16-24, 2020. 
  32. X. Lu, D. Niyato, N. Privault, H. Jiang, and P. Wang, "Managing physical layer security in wireless cellular networks: a cyber insurance approach," IEEE Journal on Selected Areas in Communications, vol. 36, no. 7, pp. 1648-1661, 2018. https://doi.org/10.1109/JSAC.2018.2825518 
  33. S. Vural, S. Revell, M. Shepherd, G. Foster, M, Hawkins, G. Lupton, et al., "5G Network Architecture and Security," 2018 [Online]. Available: https://www.wlep.co.uk/wp-content/uploads/5G_Architecture_and_ Security_technical_report_-_04Dec18.pd_.pdf. 
  34. 5G PPP Security WG, "5G PPP Phase 1 Security Landscape," 2017 [Online]. Available: https://5gppp.eu/wp-content/uploads/2014/02/5G-PPP_White-Paper_Phase-1-Security-Landscape_June-2017.pdf. 
  35. R. Khan, P. Kumar, D. N. K. Jayakody, and M. Liyanage, "survey on security and privacy of 5G technologies: potential solutions, recent advancements, and future directions," IEEE Communications Surveys & Tutorials, vol. 22, no. 1, pp. 196-248, 2020. https://doi.org/10.1109/COMST.2019.2933899 
  36. B. Curtis, "5G innovations and cybersecurity risk," ISACA Journal, vol. 5, pp. 1-6, 2022. https://www.isaca.org/resources/isaca-journal/issues/2022/volume-5/5g-innovations-and-cybersecurity-risk
  37. US Department of Homeland Security, Cybersecurity & Infrastructure Security Agency, "Potential threat vectors to 5G infrastructure," 2021 [Online]. Available: https://www.cisa.gov/resources-tools/resources/5gpotential-threat-vectors. 
  38. US Department of Homeland Security, Cybersecurity & Infrastructure Security Agency, "Ensuring the security and resilience of 5G infrastructure in our nation," 2020 [Online]. Available: https://www.cisa.gov/sites/default/files/publications/cisa_5g_strategy_508.pdf. 
  39. H. Park, J. Park, B. Kim, and I. Yu, "Analysis of major issues in response to false base stations in 5G security," Review of KIISC, vol. 30, no. 6, pp. 23-30, 2020. 
  40. F. Salahdine, T. Han, and N. Zhang, "Security in 5G and beyond recent advances and future challenges," Security and Privacy, vol. 6, no. 1, article no. e27, 2023. https://doi.org/10.1002/spy2.271 
  41. C. Mangla, S. Rani, N. M. F. Qureshi, and A. Singh, "Mitigating 5G security challenges for next-gen industry using quantum computing," Journal of King Saud University-Computer and Information Sciences, vol. 35, no. 6, article no. 101334, 2023. https://doi.org/10.1016/j.jksuci.2022.07.009