The emergence of upcoming 5G networks is based on the vision of providing very high data rates, wider coverage area, enhanced throughput, delay-less services, and significantly better Quality-of-Services (QoS), however as a new technology it can also bring to 5G security risk.
5G wireless networks is expected to accommodate several times larger customers and their increasing data traffic efficiently. It is not just an upper version of the 4G network but is much more beyond that in terms of technological capabilities and service provision.
Current wireless network systems have become insufficient to manage user requirements, which are tremendously increasing on daily basis, due to their limited resources. So, the deployment of 5G networks is the need of the hour as it aims to achieve 1-10Gbps connection, 10-100x devices, 100% availability, 90% reduced power consumption of network, and 10 years long battery life for low power consumption devices. To achieve all these goals, 5G will integrate and utilize the capabilities of other technologies such as Heterogeneous networks (HetNets), Internet-of-Things (IoT), Device-to-device (D2D) communication, massive multiple-input-multiple-output (mMIMO), millimeter wave (mmWave) communication, cognitive radio networks (CRN), cooperative radio access network (CRAN), unmanned aerial vehicle (UAV) network, and machine-to-machine (M2M) communication.
Moreover, some crucial new techniques will also become part of 5G networks such as New Radio on unlicensed band (NR-U), Integrated Access and Backhaul (IAB), NR Vehicle-to-X (V2X), software defined network (SDN), Network Function Virtualization (NFV), with new features including diversified terminals, large number of nodes, ultra-high density node deployment, coexistence of multiple wireless technologies and security schemes, end-to-end direct communication, along with the improvements in wireless and wireline convergence, the service based architecture (SBA) and Network Slicing. Hence, 5G is not just a new cellular network generation but it is going to be an integration of many extraordinary technologies and techniques.
Integration of these new technologies in 5G will revolutionize the current wireless networks and bring immense services by using state-of-the-art techniques but, such new technologies, architectures, and applications will introduce new challenging security issues as well. See below some of 5G security risks:
Types of 5G Security Risks
In 5G network, security attacks are categorized into two sub-domains:
Passive Attacks: Passive attacks are referred to as unauthorized use of information of the authorized users and have no intention to interrupt the communication. Eavesdropping and traffic analysis are two of the most famous types of passive attacks:
- Eavesdropping and traffic analysis: Eavesdropping and traffic analysis attacks are such where eavesdroppers try to steal the useful information message from passive network and uses traffic analysis passive attacks to steal the encrypted signals from the wireless radio links.
Active Attacks: Active attacks are attacks that have the intention to disrupt the communication of authorized users and alter the communication. The examples of active attacks include jamming, denial of service (DoS) attack, distributed denial of service (DDoS) attack, and man in the middle (MITM) attack.
- Jamming: Jamming attack is an attack that disrupt the data communication. These attacks target the physical layer of the network and are also the basis of DoS attacks. Jamming attacks impose severe challenges over the network as it is very difficult to deal with their detection because a jammer is able to smartly adapt its transmission power to match the signal of a legitimate user and avoid getting observed. Even if a jammer is detected, it is still very challenging to mitigate the impact of a jamming attack.
- Man-in-the-Middle (MITM) Attack: It is a type of an active attack where an attacker secretly takes control of the main communication channel between two legitimate users. MITM can be targeted at different layers of a communication channel, with the objective to degrade its confidentiality, integrity, and availability.
To deal with these 5G security risks, many security frameworks are proposed which are based on two types of security techniques, cryptographic technique and physical layer security (PLS) technique.
Cryptographic techniques: Cryptographic techniques are being employed at different layers of 5G network architecture to deal with security breaches. These techniques are further divided into two types namely symmetric key cryptography that is based on the concept of sharing a secret key between legitimate users for encryption and decryption, and asymmetric key cryptography, where a public key is used to encrypt the data and a private key is used to decrypt the data. The public key is shared among all the communicating parties of the network whereas each user owns his own unique private key. The performance of the cryptographic technique is based on the key length and complexity of the algorithm. The more complex the algorithm, the better the performance. But, these complex algorithms consume more time and power.
Physical layer security: This security technique provides higher security with less complex techniques, having less delay and consuming lower power. It exploits the characteristics and impairments of the wireless channels such as noise, fading, interference, dispersion, diversity, etc. to degrade the quality of the received signal at the malicious users and provide keyless secure transmission by using signal design and signal processing techniques. PLS guarantees high security of user information even if the channel of a legitimate user is in worse condition than the eavesdropper’s channel. The major security approaches based on PLS to preserve the confidentiality of wireless communication medium include:
- Artificial Noise Injection;
- Anti-eavesdropping Signal Design;
- Secure Beamforming/Precoding;
- Secure Cooperative Transmission Techniques;
- Resource Allocation and Power Control;
To not occur 5G security risks, the security of 5G networks is significantly important for networks safety and to take full advantage of the capabilities of this technology. It must incorporate privacy-by-design approaches where the privacy in the system is taken into account from the beginning and must be built with all the necessary security features.
The telecommunication authorities must consider strong privacy regulations and legislations at its own level, during the standardization of 5G. Firstly, the government officials should make country-specific privacy regulations with the support of multi-national organizations such as the United Nations (UN) and European Union (EU). Secondly, several big industries such as 3GPP, ETSI, and ONF should derive a set of rules and practices that guarantees high security. And thirdly, such security frameworks should be brought to light that fulfill the privacy requirements of consumers at all levels.