A STRIDE Threat Model for 5G Core Slicing

Sattar, Danish; Vasoukolaei, Alireza Hosseini; Crysdale, Pat; Matrawy, Ashraf

doi:10.1109/5gwf52925.2021.00050

Cited by 13 publications

(10 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Limitations of the 'vulnerability explosion' are known, meaning that the number of threats can grow quickly as the complexity of the system increases. Nevertheless, several modified versions of STRIDE have been proposed [19], [20]. PASTA [13] is defined by seven stages that start from objectives related to business through to the technical requirements.…”

Section: Related Workmentioning

confidence: 99%

Toward Attack Modeling Technique Addressing Resilience in Self-Driving Car

et al. 2023

View full text Add to dashboard Cite

Self-driving cars are going to be the main future mode of transportation. However, such systems like, any other cyber-physical system, are vulnerable to attack vectors and uncertainties. As a response, resilience-based approaches are being developed. However, the approaches lack a sound attack model that recognizes the attack vectors and vulnerabilities such a system would have and that does a proper severity analysis of such attacks. Moreover, the existing attack models are too generic. Currently, the domain lacks such specific work pertaining to self-driving cars. Given the technology and architecture of self-driving cars, the field requires a domain-specific attack model. This paper gives a review of the attack models and proposes a domain-specific attack model for self-driving cars. The proposed attack model, severity-based analytical attack model for resilience (SAAMR), provides attack analysis based on existing models. Also, a domainbased severity score for attacks is calculated. Further, the attacks are classified using the decision-tree method and predictions of the type of attacks are given using long short-term memory network. INDEX TERMSAttack-model, autonomous vehicles, cyber-attacks, resilience, security, self-driving car. NOMENCLATURE AT Adversarial attack tree. CAN Controller area network. CT Code modification/injection tree. CVE Common vulnerabilities and exposures. CVSS Common vulnerability scoring system. CWE Common weakness enumeration. DATMO Detection and tracking of moving objects. DDoS Distributed denial of service. DoS Denial of service. DT Decision tree. ECU Electronic controller unit. GPS Global positioning system. InV In-vehicle. ITS Intelligent transportation system. JT Jamming attack tree. LiDAR Light detection and ranging.

show abstract

Section: Related Workmentioning

confidence: 99%

Toward Attack Modeling Technique Addressing Resilience in Self-Driving Car

et al. 2023

View full text Add to dashboard Cite

show abstract

“…Adversaries can also take advantage of the flexibility of orchestration, internal agents, authentication failure, physical downlink control channel, confidentiality failures in the communication channel, sensor networks vulnerabilities, cloud radio access networks vulnerabilities [Jeyakumar and Rajabhushanam, 2019], C-RAN vulnerabilities [Tian et al, 2017], EAP-TLS vulnerabilities [Zhang et al, 2020b], Subscriber Identity Module (SIM) vulnerabilities [Zhao et al, 2021d], machine learning models vulnerabilities [Suomalainen et al, 2020], software-defined mobile networks vulnerabilities, named data networks vulnerabilities [Bertino and Nabeel, 2018], MEC vulnerabilities, UE vulnerabilities [Amgoune and Mazri, 2018;Mahmoud et al, 2021], D2D communication vulnerabilities [Abd-Elrahman et al, 2015a,b], System Information Block (SIB) and RRC message parameters in 5G NR, edge security flaw, key sent over an insecure channel, security flaw in NS [Martini et al, 2020;Kotulski et al, 2017;Sattar et al, 2021;Cáceres-Hidalgo and Avila-Pesantez, 2021;Olimid and Nencioni, 2020], credential theft, devices without robust security mechanisms, 5G-AKA vulnerabilities [Basin et al, 2018;Pari et al, 2019], and security flaws in NFV and SDN [Ahmad et al, 2021[Ahmad et al, , 2019[Ahmad et al, , 2018Taheribakhsh et al, 2020]. Operating Systems (OS) using insecure protocols provide excessive privileges, IoT devices may have different protocols, lack processing robustness, and fail to control sensitive data privacy.…”

Section: Item Description Item Descriptionmentioning

confidence: 99%

A Systematic Literature Mapping on the Security of 5G and Vertical Applications

Sobrinho,

Santos,

Silva

et al. 2023

Preprint

View full text Add to dashboard Cite

The deployment of 5G infrastructure is one of the main vectors for new application scenarios since it enables enhanced data bandwidth, low latency, and comprehensive signal coverage. As a result, this communication system supports various vertical applications such as the Industrial Internet of Things, smart health, smart cities, smart grids, and transportation systems. However, these applications bring new challenges to 5G networks due to specific requirements for such scenarios. Furthermore, as software-based technologies, including network slicing, software-defined networks, network function virtualization, and multi-access edge computing are a fundamental part of the 5G architecture, the network can expose these applications to new security and privacy concerns. This study summarizes the existing literature on 5G vertical applications security. We highlight vulnerabilities, threats, attacks, and solutions for 5G vertical applications. We conducted a Systematic Literature Mapping (SLM) to discuss security and privacy challenges regarding the 5G vertical applications. The SLM answered the following research question: what is the state-of-the-art regarding security in 5G networks and vertical applications? We reviewed 389 papers from 2,349 produced by searching with a curated search query and discussed vulnerabilities, threats, attacks, and solutions for 5G vertical applications. Smart cities, Industry 4.0, smart transportation, public services, smart grids, and smart health are vertical applications with relevant security concerns. We observed the need for more research since the 5G and vertical applications continuously evolve. This review also uncovers research gaps and future research directions.

show abstract

“…• Connection Authentication [5]: Necessary and proper authentication and authorization protocols must be developed/adopted to add devices to the network for data transmission. For a faster response, solutions such as digital signatures or a cryptographic-based solution should not be computation heavy.…”

Section: Plan and Implement Cybersecurity Controlsmentioning

confidence: 99%

Draft Methodology for Cybersecurity Analysis for Adoption of Wireless Technology in Nuclear Power Plants

Manjunatha

McJunkin

Chwasz

2022

View full text Add to dashboard Cite

The report is delivered as DOE-NE Cybersecurity Program Milestone M2CT-22IN1104014-Industry cybersecurity guidance adoption status. The milestone is specifically to document the process and the status of the efforts towards developing guidance in support of industry's adoption of wireless communication technologies. To transform the operation of nuclear power plants, including domestic light-water reactors, advanced reactors, microreactors, and fission battery, for grid and non-grid applications, secure and resilient wireless capabilities are required. In addition, to realize new operational concepts such as autonomous operation and remote monitoring, advanced sensor, and instrumentation, wireless technology is essential. However, industry implementation is low, and there is no technical basis for how to understand and address potential risks for wireless communications for critical plant functions. A methodology with a technical basis for implementing secure wireless communication is crucial. This wireless adoption methodology is intended to assist a licensee in identifying an appropriate technological approach for securing wireless communications in nuclear power plant. However, this methodology does not provide guidance for addressing wireless design criteria or for addressing all the cybersecurity commitments in licensees' cybersecurity plans (CSPs) including addressing security impact analysis that a licensee must perform before an update to a Critical Digital Asset (CDA). This methodology guides a licensee through a process of evaluating a proposed wireless implementation and drafting a plant change notification for an example use case. The example is a generic/nonproprietary version of the first test case of the methodology, which, if successfully implemented, is part of the consideration for protecting other functions' use of wireless in a cybersecure manner.Disclaimer: Neither INL, NRC, nor any of its employees, members, supporting organizations, contractors, or consultants make any warranty, expressed or implied, or assume any legal responsibility that the method provided in this document meets the NRC cyber or completeness of NRC requirements. Blanc for coordinating important critical reviews of the methodology within the DOE-NE Cybersecurity team. The team of researchers that provided comments that contributed to this report during the program reviews are listed below. Idaho National Laboratory had multiple technical exchanges with the NRC staff through the Office of Nuclear Regulatory Research under the DOE-NRC Memorandum of Understanding (MOU) on Nuclear Energy Innovation, Amendment 4, Research Related to Light Water Reactor Sustainability (ML21083A072). We are grateful to the NRC staff colleagues who provided their insights and expertise under the LWRS MOU as part of this effort. However, these exchanges should not be interpreted as NRC endorsement, acceptance, or concurrence with this report. This work would not have been possible without the commitment of the Nuclear Energy Institute (NEI) Cybers...

show abstract

A STRIDE Threat Model for 5G Core Slicing

Cited by 13 publications

References 14 publications

Toward Attack Modeling Technique Addressing Resilience in Self-Driving Car

Toward Attack Modeling Technique Addressing Resilience in Self-Driving Car

A Systematic Literature Mapping on the Security of 5G and Vertical Applications

Draft Methodology for Cybersecurity Analysis for Adoption of Wireless Technology in Nuclear Power Plants

Contact Info

Product

Resources

About