Abstract – The rapid evolution of technology has been astonishing.Initiallywhat started as analogue cellular systems grew to digital wireless communica-tion systems. The first generation of technology 1G was followed by the secondgeneration 2G and so on. 5G aims to achieve the perfect combination of cost,speed and latency. With the evolution of the technology comes new risks andsecurity challenges. The existing methods are not enough to secure this tech-nology. This paper discusses about the 5G architecture and the reasons forsecurity being a major concern.There are various challenges encountered at thephysical layer. 5G implements certain methodologies to deal with the securityrequirements like confidentiality,integrity, availability and authentication. Fur-thermore, the potential threats that would be faced by 5G wireless network andsolutions to overcome them.1 IntroductionThe motive of 5G wireless network is to achieve good coverage with densernetwork, higher capacity, higher data rates by deploying comparatively betterQuality of Service(QoS), lower energy consumption and lower latency for im-plementation of Internet of Things (IoT). The fourth generation (4G) increasedthe multimedia traffic and introduced wide range of services into the network.These services range from personal to militarian services. People trust thesewireless mediums to perform all sort of transactions and transfer confidentialdata. This makes the security of network transactions a vital issue in 5G. Thereare various protocols at each level and cryptographic schemes to ensure secrecybut some of the weaknesses of the standard mechanisms is known making themvulnerable.All security attacks are categorized into two categories: active attacks andpassive attacks. Passive attacks are those where the attacker does not attack theon going communication directly. In this, the attacker quietly listens to the thecommunication between two parties or views the traffic that is passing throughthe channel. Examples of passive attacks are traffic analysis and eavesdropping.The second type are the active attacks where the attacker attack the end systemor the network. The attacker could interrupt an on going communication ormodify the data that is been sent through the network. Examples of active1
attacks are man in the middle (MITM), denial of service (DoS), distributeddenial of service(DDoS) and replay attack.[3]Figure 1: Security Attacks are classified into two types, Passive and Active.Passive attacks are the ones where attacker silently listens to the on goingcommunications such as Eavesdropping and Traffic Analysis. Active attacksare the ones where the attacker intervenes or alters the data such as MITM,DoS, DDos and Replay attack.The techniques to handle these attacks are categorized into two categories:physical layer security (PLS) and cryptographic mechanisms. ImplementingPLS is beneficial for two reasons, it provides high scalability and very less com-putational power [3]. However, it comes with its own problems and makes thenetwork vulnerable.[5] The second approach is by using cryptographic methods.One can use symmetric keys to encrypt data that is the sender and receivershare a secret key which is used to encrypt and decrypt the data. Exchangingthis secret key over an insecure medium is an issue and every user will then haveto store n-1 keys that is one secret key for every user. The other technique isasymmetric key cryptography where each user has a pair of keys, one is privatekey and another is public key which is known to all. Whoever wants to commu-nicate with that user will use the public key to encrypt the message and sendit over the insecure medium. The user then decrypts that message using theirprivate key.[3]Long Term Evolution (LTE) came with an increase in security and fidelity.The traffic flowing from user equipment (UE) to the base stations were en-crypted and two side authentication was also performed. To ensure mobility, itimplements good key management controls. Unlike the previous generations, 5Gnetwork is going to be service-oriented that is security and privacy concerns aregoing to be from service point of view.[3] New techniques are tested to maintainsecurity in these wireless networks without compromising on the prime featuresof 5G.2
Figure 2: Approaches to tackle the security attacks, Physical Layer Security(PLS) and Cryptographic. There are two types of cryptographic methods, Sym-metric key where a secret key is shared between two users or Asymmetric keywhere the each user has a public and a private key.One of the ways to secure transmissions is to implement some techniques atthe physical layer as they do are not related to the computational complexitythat is if attacker with powerful computational resources tries break into thenetwork will still not be able to interpret the message and could also generatecryptographic keys in 5G. Implementing security techniques at this layer wouldact as an additional layer on the top of the existing security methodologies. Toachieve the goal of 5G different technologies such as heterogeneous networks(HetNet),Non orthogonal multiple access(NOMA), massive multiple-input mul-tiple output (MIMO) and millimeter wave(mmWave) are integrated with 5Gnetwork. [6]2 Security Threats in 5G wireless networks5G wireless network will integrate some of the major existing infrastructures.Also the data transmitted through these infrastructures should be sent via se-cure communication channels. Following are some of the challenges that arepresent in these existing infrastructure and possible solutions to tackle thosechallenges.[1].2.1 Mobile CloudsSince resources in cloud computing are shared between the users the chances ofa user injecting malicious code to consume network resources or to gain accessto other user’s data increases. In multi-tenant environment every user mighthave different set of requests and tasks to perform which could lead to conflicts.To avoid this, Virtual Machines (VM) could be used. This would isolate everyconnection from rest of the users.Mobile Cloud Computing (MCC) implementsthis onto 5G eco-systems which could make the network vulnerable. The frontend of MCC is the client side which could be attacked by the physical threatswhere hardware device could be the target or application based threats where3
the attacker injects malicious code into the client platform. The back end ofMCC are the servers. The attacker replicate the data stored on the servers ormodify it or could launch a DoS attack to consume the available resources ofthe server which would restrict the legitimate users to connect to the server.To protect the servers a learning based mechanism could be adapted where thetraffic and the packets are analyzed to detect such attacks and contain them.The network based security threats include DDoS, session hijacking, MITM andWi-Fi sniffing. To prevent this network could be monitored and confidentialityof the messages could be maintained by encrypting the messages.2.2 SDN and NFVSDN consists of controllers that centralizes the network control and managesthe flow control which makes it easy to identify them. The attacker could hijackthe SDN controller and manage the network. For this reason, it is necessaryto maintain a strict control over the access granted to the primary nodes inthe network. Centralizing acts as a bottleneck in the network, it is better todecentralize or install cache with the network. NFV does not provide strongconfidentiality, integrity, non repudiation and authenticity.[4]2.3 Communication ChannelsAttacker could attack the medium through which the message is transmitted.It is necessary to maintain message confidentiality, integrity, authencity andnon repudiation at all times. There are several attacks such as TCP level at-tacks, main in the middle attack, IP spoofing, scanning attacks and securitykey exposure that can take place at this level. To maintain the secrecy of themessage and a secure end to end connection several protocols like TransportLayer Security (TLS), Secure Socket Layer (SSL) and HIP are implemented.2.4 Privacy in 5GThe three main components that give rise to privacy breaches are location, dataand identity.5G environment consists of Virtual MNOs (VMNOs), network in-frastructure providers and Communication Service Providers(CSPs). There is aconflict with security and privacy required by each party. 5G mobile operatorswill hand over the control to CSPs which would mean that they will lose controlover data storage. Cross country data storage would challenge privacy as eachcountry has different set of privacy mechanisms.Privacy would be compromisedif there is user identity theft and man in the middle attack. To ensure privacyit is essential to enforce strong identity verification, location security, a hybridcloud to process sensitive data locally and rest of the public clouds. This wayoperators will have little control. 5G networks will necessitate strong regula-tions at government, industry and consumer level. To preserve location privacymechanisms like obfuscation can be used.4
Table 1: Threats and potential solutions in 5G technologiesThe network is vulnerable to several attacks like these. It is important totake precautionary actions against such attacks. The security of any technologyis dependent on how strong are the security requirements enforced. Some ofthe security requirements are authentication, confidentiality, non repudiation,integrity, availability, access control and authorization.3 Security Services in 5GThe advent of 5G gives rise to new requirements in security services. There areseveral security services that need to be taken into consideration. Below are thefour primary security services that I will be focusing on.3.1 AuthenticationThere are mainly two types of authentication, message authentication and en-tity authentication. Entity authentication is where the user can trust that theother party is who it claims to be. 5G communications require user equipment,mobility management entity and service providers to be authenticated. Thereare three ways to achieve this. One by performing authentication at network,second by performing authentication at service provider and third by perform-ing authentication by network and the service provider. The main concern hereis that one of the primitive goal of 5G is low latency that means this authenti-cation has to be performed very quickly.[2] Message authentication guaranteesthat the message has not been altered. To ensure message authenticity efficientcyclic redundancy check(CRC) has been proposed where error can be detectedwithout using moore bandwidth.5
3.2 ConfidentialityIt has two forms, data confidentiality and privacy. Data confidentiality is secur-ing the data from the passive attacks while privacy fortifies information frombeing manipulated.