전자통신동향분석 (Electronics and Telecommunications Trends)

한국전자통신연구원 (Electronics and Telecommunications Research Institute)
권호 표지
DOI QR코드

DOI QR Code

초연결 지능화 인프라 보안기술 동향 -5G 시대의 이동통신 보안 중심

Mobile Network Issues regarding 5G Security

  • 발행 : 2019.02.01
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

Recently, competition among global mobile operators has focused on the commercialization of 5G for the first time. Apart from protecting the privacy of subscribers and the confidentiality and integrity of communication, protecting the network against various cyber attacks is also important to ensure that high-quality mobile services operate safely. In this study, we examine the security vulnerabilities with respect to mobile communication environments using previous and current LTEs. We also investigate whether existing vulnerabilities can be effectively protected and identify security issues that need to be considered in the approaching 5G environment.

키워드

HJTOCM_2019_v34n1_36_f0001.png 이미지

(그림 1) 시그널링 프로토콜 공격 유형

HJTOCM_2019_v34n1_36_f0002.png 이미지

(그림 2) 5G 표준화 기구 및 단체

<표 1> 시그널링 프로토콜을 이용한 공격 사례

HJTOCM_2019_v34n1_36_t0001.png 이미지

<표 2> 모바일 에지 클라우드에 따른 특징과 보안 고려사항

HJTOCM_2019_v34n1_36_t0002.png 이미지

<표 3> 클라우드 무선 액세스 네트워크에 따른 특징과 보안 고려사항

HJTOCM_2019_v34n1_36_t0003.png 이미지

<표 4> 네트워크 슬라이싱에 따른 특징과 보안 고려사항

HJTOCM_2019_v34n1_36_t0004.png 이미지

참고문헌

  1. 최진홍, "한국이동통신 30년, 그 격동의 역사를 넘어-통신3사의 현재와 미래," 이코노믹리뷰, 2018. 7. 2, available from http://www.econovill.com/news/articleView.html?idxno=340742.
  2. ENISA, "Signalling Security in Telecom SS7/Diameter/5G: EU level assessment of the current situation," Mar. 2018, available from https://www.enisa.europa.eu/publications/signalling-security-in-telecom-ss7-diameter-5g.
  3. Positive Technologies, "Primary Security Threats for SS7 Cellular Networks," May 10, 2016 available from https://www.ptsecurity.com/upload/corporate/ww-.en/analytics/SS7-Vulnerabilities-2016-eng.pdf
  4. U. Meyer and S. Wetzel, "A man-in-the-Middle Attack on UMTS," Proc. ACM Workshop Wireless Security(WiSe '04), Philadelphia, PA, USA, Oct. 1, 2004, pp. 90-97.
  5. S.R. Hussain et al., "LTEInspector: A Systematic Approach for Adversarial Testing of 4G LTE," Netw. Distrib. Syst. Security(NDSS) Symp., San Diego, CA, USA, Feb. 18-21, 2018, pp. 1-15.
  6. D. Rupprecht, K. Jansen, and C. Popper, "Putting LTE Security Functions to the Test: A Framework to Evaluate Implementation Correctness," USENIX Conf. Offensive Technol. (WOOT '16), Austin, TX, USA, Aug. 8-9, 2016, pp. 40-51.
  7. M. Arapinis et al., "New Privacy Issues in Mobile Telephony: Fix and Verification," ACM Conf. Comput. Commun. Security (CCS '12), Raleigh, NC, USA, Oct. 16-18, 2012, pp. 205-216.
  8. F. van den Broek, R. Verdult, and J. de Ruiter, "Defeating IMSI Catchers," ACM SIGSAC Conf. Comput. Commun. Security (CCS '15), Denver, CO, USA, Oct. 12-16, 2015, pp. 340-351.
  9. M. Arapinis et al., "Privacy through Pseudonymity in Mobile Telephony Systems," Netw. Distrib. Syst. Security (NDSS) Symp., San Diego, CA, USA, Feb. 23-26, 2014, pp. 1-14.
  10. A. Shaik et al., "Practical Attacks Against Privacy and Availability in 4G/LTE Mobile Communication Systems," Netw. Distrib. Syst. Security (NDSS) Symp., San Diego, CA, USA, Feb. 21-24, 2016, pp. 23:1-15.
  11. R.P. Jover, "Security Attacks Against the Availability of LTE Mobility Networks: Overview and Research Directions," Int. Symp. Wireless Personal Multimedia Commun. (WPMC '13), Atlantic City, NJ, USA, June 24-27, 2013, pp. 1-9.
  12. J. Jermyn, G. Salles-Loustau, and S. Zonouz, "An Analysis of DoS Attack Strategies Against the LTE RAN," J. Cyber Security, vol. 3, no. 2, 2014, pp. 159-180. https://doi.org/10.13052/jcsm2245-1439.323
  13. N. Golde, K. Redon, and J.-P. Seifert, "Let Me Answer that for you: Exploiting Broadcast Information in Cellular Networks," SEC'13 Proc. USENIX Conf. Security, Washington, D.C., USA, Aug. 14-16, 2013, pp. 33-48.
  14. ITU-R, "IMT Vision - Framework and Overall Objectives of the Future Development of IMT for 2020 and Beyond," ITU-R M. 2083-0, 2015.
  15. A. Dutta, "Security Challaenges and Opportunities in SDN/NFV and 5G Network," ETSI Security Day, 2017.
  16. G. Horn and P. Schneider, "Towards 5G Security," IEEE Trustcom/BigDataSE/ISPA, Helsinki, Finland, Aug. 20-22, 2015, pp. 1165-1170.
  17. 5G PPP Security WG, "5G PPP Phase 1 Security Landscape," 5G PPP White Paper, 2017, available from https://5g-ppp.eu/wp-content/uploads/2014/02/5G-PPP_White-Paper_Phase-1-Security-Landscape_June-2017.pdf