On security research towards future mobile network generations

David Rupprecht, Adrian Dabrowski, Thorsten Holz, Edgar Weippl, Christina Popper

Research output: Contribution to journalArticlepeer-review

Abstract

Over the last decades, numerous security and privacy issues in all three active mobile network generations have been revealed that threaten users as well as network providers. In view of the newest generation (5G) currently under development, we now have the unique opportunity to identify research directions for the next generation based on existing security and privacy issues as well as already proposed defenses. This paper aims to unify security knowledge on mobile phone networks into a comprehensive overview and to derive pressing open research questions. To achieve this systematically, we develop a methodology that categorizes known attacks by their aim, proposed defenses, underlying causes, and root causes. Further, we assess the impact and the efficacy of each attack and defense. We then apply this methodology to existing literature on attacks and defenses in all three network generations. By doing so, we identify ten causes and four root causes for attacks. Mapping the attacks to proposed defenses and suggestions for the 5G specification enables us to uncover open research questions and challenges for the development of next-generation mobile networks. The problems of unsecured pre-authentication traffic and jamming attacks exist across all three mobile generations. They should be addressed in the future, in particular to wipe out the class of downgrade attacks and, thereby, strengthen the users' privacy. Further advances are needed in the areas of inter-operator protocols as well as secure baseband implementations. Additionally, mitigations against denial-of-service attacks by smart protocol design represent an open research question.

Original languageEnglish (US)
Article number8329226
Pages (from-to)2518-2542
Number of pages25
JournalIEEE Communications Surveys and Tutorials
Volume20
Issue number3
DOIs
StatePublished - Jul 1 2018

Keywords

  • 5G
  • GSM
  • LTE
  • Security research
  • UMTS
  • mobile networks
  • systematization of knowledge

ASJC Scopus subject areas

  • Electrical and Electronic Engineering

Fingerprint

Dive into the research topics of 'On security research towards future mobile network generations'. Together they form a unique fingerprint.

Cite this