Analyzing the Security in the GSM Radio Network Using Attack Jungles

Abdulla, Parosh Aziz; Cederberg, Jonathan; Kaati, Lisa

doi:10.1007/978-3-642-16558-0_8

Cited by 7 publications

(13 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…might create new attack methods by exploiting weakness of an isolation providing system to reach resources assigned to another slice with better parameters in order to lower costs or to intercept sensitive data stream. An attack on these properties could also be a part of a more complex attack scenario (it could be the subject of an attack in the Attack Jungle concept [26]).…”

Section: Security In Sliced Networkmentioning

confidence: 99%

Towards constructive approach to end-to-end slice isolation in 5G networks

Kotulski

Nowak

Sepczuk

et al. 2018

EURASIP J. on Info. Security

View full text Add to dashboard Cite

Although 5G (fifth generation) networks are still in the realm of ideas, their architecture can be considered as reaching a forming phase. There are several reports and white papers which attempt to precise 5G architectural requirements presenting them from different points of view, including techno-socio-economic impacts and technological constraints. Most of them deal with network slicing aspects as a central point, often strengthening slices with slice isolation. The idea of isolation in the network is not new. However, currently considered technologies give new capabilities that can bring added value in this field. The goal of this paper is to present and examine the isolation capabilities and selected approaches to its realization in network slicing context. As the 5G architecture is still evolving, the specification of isolated slices operation and management brings new requirements that need to be addressed, especially in a context of end-to-end (E2E) security. Thus, an outline of recent trends in slice isolation and a set of challenges are presented. The challenges, if properly addressed, could be a step from the concept of 5G networks to proof-of-concept solutions which provide E2E user's security based on slices isolation. Among other things, the key features are proper slice design and establishment, security at interfaces, suitable access protocols, correct virtual resources sharing, and an adaptable management and orchestration architecture (MANO). In conclusion of the paper, short outlines of two of the main secure isolation challenges are given: a proper definition of isolation parameters and designing suitable MANO system. which is close to end users and ensuring an end-toend security services chain realized by virtualized open access physical layer security (PLS). These novel crosslayer approaches to security address such areas as: data confidentiality, data integrity, provider's resources isolation, and authentication and authorization. The security aspects of 5G networks are discussed in 5G-ENSURE project [3]. Main goals of the initiative focus on developing non-intrusive security and privacy mechanisms, which will ensure the following: AAA services, privacy, trust, network management and monitoring, and virtualization isolation for the core 5G architecture. Within the project, the 5G security testbed with proposed security components was demonstrated. The 5G NORMA (Novel Radio Multi-service adaptive network Architecture) [4] project has the key objective to develop a novel, adaptive, and future-oriented 5G mobile network architecture. The created architecture should provide network customizability and, at the same time, ensure meeting requirements associated with rigorous performance, energy saving, cost

show abstract

Section: Security In Sliced Networkmentioning

confidence: 99%

Towards constructive approach to end-to-end slice isolation in 5G networks

Kotulski

Nowak

Sepczuk

et al. 2018

EURASIP J. on Info. Security

View full text Add to dashboard Cite

show abstract

“…by exploiting weak isolation providing system to reach resources in other slice with better parameters, lower costs or sensitive data stream. An attack on these properties could also be a part of more complex attack scenario (it could be subject to attack in the Attack Jungle concept [9]). …”

Section: B Security In a Sliced Networkmentioning

confidence: 99%

On end-to-end approach for slice isolation in 5G networks. Fundamental challenges

Kotulski¹,

Nowak²,

Sepczuk³

et al. 2017

Annals of Computer Science and Information Systems

View full text Add to dashboard Cite

Abstract-There are several reports and white papers which attempt to precise 5G architectural requirements presenting them from different points of view, including techno-socio-economic impacts and technological constraints. Most of them deal with network slicing aspects as a central point, often strengthening slices with slice isolation. The goal of this paper is to present and examine the isolation capabilities and selected approaches for its realization in network slicing context. As the 5G architecture is still evolving, the specification of isolated slices operation and management brings new requirements that need to be addressed, especially in a context of End-to-End (E2E) security. Thus, an outline of recent trends in slice isolation and a set of challenges are proposed, which (if properly addressed) could be a step to E2E user's security based on slices isolation.

show abstract

“…The example below illustrates the bottom-up procedure for an attribute called satisfiability. 1 In fact, symbols ∨ p , ∧ p , ∨ o , and ∧ o represent unranked functions, i.e., they stand for families of functions…”

Section: Definition 3 An Attribute Domain For Adterms Is a Tuplementioning

confidence: 99%

“…Most of the questions usually asked for attack trees can be adapted so that they can be answered on ADTrees as well. Thus, questions related to attributes such as attacker's/defender's costs [26,7,27,4,25,21,31,1,24,8,2,29,10], attack/defense time [12,26,29], attack detectability [27,8], attacker's special skill [21,1,26], difficulty of attack/protection [8,11,27,12,21,1,3,29], penalty [7,13,29], impact of the attack [26,27,12,19,25,21,3,1,23,10,29], attacker's profit [3,13,6,24], etc., all belong to Class 1. We analyze questions of this class in Section 4.…”

Section: Classification Of Questionsmentioning

confidence: 99%

See 1 more Smart Citation

Quantitative Questions on Attack–Defense Trees

Kordy

Mauw

Schweitzer

2013

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Attack-defense trees are a novel methodology for graphical security modeling and assessment. The methodology includes visual, intuitive tree models whose analysis is supported by a rigorous mathematical formalism. Both, the intuitive and the formal components of the approach can be used for quantitative analysis of attack-defense scenarios. In practice, we use intuitive questions to ask about aspects of scenarios we are interested in. Formally, a computational procedure, defined with the help of attribute domains and a bottom-up algorithm, is applied to derive the corresponding numerical values. This paper bridges the gap between the intuitive and the formal way of quantitatively assessing attack-defense scenarios. We discuss how to properly specify a question, so that it can be answered unambiguously. Given a well specified question, we then show how to derive an appropriate attribute domain which constitutes the corresponding formal model. Since any attack tree is in particular an attack-defense tree, our analysis is also an advancement of the attack tree methodology.

show abstract

Analyzing the Security in the GSM Radio Network Using Attack Jungles

Cited by 7 publications

References 7 publications

Towards constructive approach to end-to-end slice isolation in 5G networks

Towards constructive approach to end-to-end slice isolation in 5G networks

On end-to-end approach for slice isolation in 5G networks. Fundamental challenges

Quantitative Questions on Attack–Defense Trees

Contact Info

Product

Resources

About