Tesi etd-03292023-001755 |
Link copiato negli appunti
Tipo di tesi
Tesi di laurea magistrale
Autore
DOLENTE, FILIPPO
URN
etd-03292023-001755
Titolo
Security Analysis of 5G Core Network
Dipartimento
INGEGNERIA DELL'INFORMAZIONE
Corso di studi
CYBERSECURITY
Relatori
relatore Prof. Garroppo, Rosario Giuseppe
Parole chiave
- 5G
- API injection
- NRF
- SBA
- Vulnerability Assessment
Data inizio appello
28/04/2023
Consultabilità
Completa
Riassunto
The fifth generation of mobile networks defined by 3GPP introduces improvements
in every respect over previous ones: bandwidth, latency, security, new use cases and
more. The new standard introduce a new architecture in the Core Network, the
Service-Based Architecture (SBA), and a new method of intercommunication
between the functions (Network Functions) of the Core Network: the ServiceBased Interface (SBI).
In this new architectural style, each Network Function communicates with the
others through REST API requests (HTTP2/JSON). The mode of communication
that is new to telecom technologies has already been established in the realm of web
services, where there are a wide range of vulnerabilities that can be targeted by
automated tools.
The goal set in this thesis work is to analyze the SBA of the 5G Core and
test the security of the API interfaces of Network Functions (NFs) implemented
in open-source frameworks, with a hands-on approach, performing API Injection
attacks. The security of the Core Network will also be analyzed by evaluating Network Functions that are reachable from the outside, such as the Access and Mobility
Management Function, assessing resistance to replay and DDoS attacks.
Two widely used open-source implementations of the 5G Core will be explored:
Open Air Interface (OAI) and Open5GS
in every respect over previous ones: bandwidth, latency, security, new use cases and
more. The new standard introduce a new architecture in the Core Network, the
Service-Based Architecture (SBA), and a new method of intercommunication
between the functions (Network Functions) of the Core Network: the ServiceBased Interface (SBI).
In this new architectural style, each Network Function communicates with the
others through REST API requests (HTTP2/JSON). The mode of communication
that is new to telecom technologies has already been established in the realm of web
services, where there are a wide range of vulnerabilities that can be targeted by
automated tools.
The goal set in this thesis work is to analyze the SBA of the 5G Core and
test the security of the API interfaces of Network Functions (NFs) implemented
in open-source frameworks, with a hands-on approach, performing API Injection
attacks. The security of the Core Network will also be analyzed by evaluating Network Functions that are reachable from the outside, such as the Access and Mobility
Management Function, assessing resistance to replay and DDoS attacks.
Two widely used open-source implementations of the 5G Core will be explored:
Open Air Interface (OAI) and Open5GS
File
| Nome file | Dimensione |
|---|---|
| TesiMScC...urity.pdf | 10.43 Mb |
Contatta l’autore |
|