5G Wireless Network Security and Privacy E-Book

Table of Contents

Cover

Table of Contents

Title Page

Copyright

About the Authors

Preface

Acknowledgments

Introduction

1 Introduction to 5G Wireless Systems

1.1 Motivations and Objectives of 5G Wireless Networks

1.2 Security Drives and Requirements

1.3 5G Wireless Network Architecture

1.4 Conclusion

2 Security from Legacy Wireless Systems to 5G Networks

2.1 Network Security for Legacy Systems

2.2 Security Attacks and Security Services in 5G Wireless Networks

2.3 The Evolution of Wireless Security Architectures from 3G to 5G

2.4 Summary

3 Security Mechanisms in 5G Wireless Systems

3.1 Cryptographic Approaches and Physical Layer Security

3.2 Authentication

3.3 Availability

3.4 Data Confidentiality

3.5 Key Management

3.6 Privacy

3.7 Conclusion

4 An Efficient Security Solution Based on Physical Layer Security in 5G Wireless Networks

4.1 Enhancing 5G Security Through Artificial Noise and Interference Utilization

4.2 A HetNet System Model and Security Analysis

4.3 Problem Formulation and Analysis

4.4 Numerical and Simulation Results

4.5 Conclusion

5 Flexible and Efficient Security Schemes for IoT Applications in 5G Wireless Systems

5.1 IoT Application Models and Current Security Challenges

5.2 A General System Model for IoT Applications Over 5G

5.3 The 5G Authentication and Secure Data Transmission Scheme

5.4 Security Analysis

5.5 Performance Evaluation

5.6 Conclusion

6 Secure and Efficient Mobility Management in 5G Wireless Networks

6.1 Handover Issues and Requirements Over 5G Wireless Networks

6.2 A 5G CN Model and HetNet System Model

6.3 5G Handover Scenarios and Procedures

6.4 A New Authentication Protocol for 5G Networks

6.5 Security Analysis of the New 5G Authentication Protocols

6.6 Performance Evaluations

6.7 Conclusion

7 Open Issues and Future Research Directions for Security and Privacy in 5G Networks

7.1 New Trust Models

7.2 New Security Attack Models

7.3 Privacy Protection

7.4 Unified Security Management

ReferencesReferences

Index

End User License Agreement

List of Tables

Chapter 3

Table 3.1 Cryptography and physical layer security.

Chapter 4

Table 4.1 Definitions of variables.

Chapter 5

Table 5.1 Design objectives.

Table 5.2 Security services comparison.

Table 5.3 Computational overhead and time cost comparison.

Table 5.4 Communication overhead comparison.

Chapter 6

Table 6.1 Parameters of authentication protocols.

Table 6.2 Communication overhead comparison.

Table 6.3 Computation overhead comparison.

List of Illustrations

Chapter 1

Figure 1.1 A generic architecture for 5G wireless systems.

Figure 1.2 Security drives and requirements for 5G wireless security.

Figure 1.3 Trust model of 4G and 5G wireless networks.

Figure 1.4 A general 5G wireless network architecture.

Chapter 2

Figure 2.1 Attacks in 5G wireless networks (a) eavesdropping, (b) jamming, (...

Figure 2.2 3G security architecture defined by 3GPP TS 33.102.

Figure 2.3 4G security architecture defined by 3GPP TS 33.402.

Figure 2.4 The 5G wireless security architecture.

Chapter 3

Figure 3.1 Symmetric‐key encryption and decryption.

Figure 3.2 Key management with KDC.

Figure 3.3 Public‐key‐based encryption and decryption.

Figure 3.4 Public‐key‐based digital signature.

Figure 3.5 A SDN‐enabled authentication model..

Figure 3.6 The authentication process of the RFID secure application revocat...

Figure 3.7 A m‐health system model Zhang et al. [2017a]..

Figure 3.8 A 5G‐enabled vehicular network.

Figure 3.9 A pseudorandom time‐hopping system block diagram.

Figure 3.10 The resource allocation model.

Figure 3.11 A general system model with eavesdropping attacks.

Figure 3.12 The system model with D2D link and an eavesdropper.

Figure 3.13 Three key exchange schemes in Sedidi and Kumar [2016].

Chapter 4

Figure 4.1 The studied two‐tier HetNet system model.

Figure 4.2 Flow chart of Algorithm 4.1.

Figure 4.3 Secrecy rate of the user under eavesdropping attack.

Figure 4.4 Secrecy rate with different number of D2D pairs.

Figure 4.5 Secrecy rate with different SINR requirements.

Chapter 5

Figure 5.1 A general IoT system model over 5G networks.

Figure 5.2 A trust model for 5G networks based on the IoT system model.

Figure 5.3 The computational overhead comparison (50% T2 devices).

Figure 5.4 The computational overhead comparison (70% T2 devices).

Figure 5.5 The computational overhead comparison of the proposed scheme base...

Figure 5.6 The communication overhead comparison (50% T2 devices).

Figure 5.7 The communication overhead comparison (70% T2 devices).

Figure 5.8 The communication overhead comparison of the proposed scheme base...

Chapter 6

Figure 6.1 Comparison of an LTE CN and a 5G CN.

Figure 6.2 A 5G HetNet system model.

Figure 6.3 Trust model in the studied system model.

Figure 6.4 UP handover procedures from a macrocell BS to a small‐cell AP.

Figure 6.5 UP handover procedures between two small‐cell APs.

Figure 6.6 Handover procedures between two 5G macrocell BSs with unused auth...

Figure 6.7 Handover procedures between two 5G macro‐BSs without unused authe...

Figure 6.8 The proposed full authentication protocol.

Figure 6.9 The new fast authentication protocol – APs handover.

Figure 6.10 The new fast authentication protocol designed for handover betwe...

Guide

Cover

Table of Contents

Title Page

Copyright

About the Authors

Preface

Acknowledgments

Begin Reading

References

Index

End User License Agreement

Pages

iv

ix

xi

xii

xiii

xv

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

89

90

91

93

94

95

96

97

98

99

100

101

103

104

105

106

5G Wireless Network Security and Privacy

Dongfeng (Phoenix) Fang

California Polytechnic State University, San Luis ObispoSan Luis Obispo

Yi Qian

University of Nebraska‐LincolnLincoln

Rose Qingyang Hu

Utah State UniversityLogan

This edition first published 2024

© 2024 John Wiley & Sons Ltd

All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, except as permitted by law. Advice on how to obtain permission to reuse material from this title is available at http://www.wiley.com/go/permissions.

The right of Dongfeng (Phoenix) Fang, Yi Qian, and Rose Qingyang Hu to be identified as the authors of this work has been asserted in accordance with law.

Registered Offices

John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, USA

John Wiley & Sons Ltd, The Atrium, Southern Gate, Chichester, West Sussex, PO19 8SQ, UK

For details of our global editorial offices, customer services, and more information about Wiley products visit us at www.wiley.com.

Wiley also publishes its books in a variety of electronic formats and by print‐on‐demand. Some content that appears in standard print versions of this book may not be available in other formats.

Trademarks: Wiley and the Wiley logo are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates in the United States and other countries and may not be used without written permission. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc. is not associated with any product or vendor mentioned in this book.

Limit of Liability/Disclaimer of Warranty

While the publisher and authors have used their best efforts in preparing this work, they make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives, written sales materials or promotional statements for this work. This work is sold with the understanding that the publisher is not engaged in rendering professional services. The advice and strategies contained herein may not be suitable for your situation. You should consult with a specialist where appropriate. The fact that an organization, website, or product is referred to in this work as a citation and/or potential source of further information does not mean that the publisher and authors endorse the information or services the organization, website, or product may provide or recommendations it may make. Further, readers should be aware that websites listed in this work may have changed or disappeared between when this work was written and when it is read. Neither the publisher nor authors shall be liable for any loss of profit or any other commercial damages, including but not limited to special, incidental, consequential, or other damages.

Library of Congress Cataloging‐in‐Publication Data applied for:

Hardback ISBN: 9781119784296

Cover Design: Wiley

Cover Image: © Immersion Imagery/Shutterstock

About the Authors

Dongfeng (Phoenix) Fang is an assistant professor in the Department of Computer Science and Software Engineering, and Department of Computer Engineering at California Polytechnic State University, San Luis Obispo (Cal Poly). Her research interests include network security, wireless security, security and privacy of Internet‐of‐Things, and security and privacy in machine learning.

Yi Qian, PhD, is an IEEE Fellow and is a Professor in the Department of Electrical and Computer Engineering at the University of Nebraska‐Lincoln, USA.

Rose Qingyang Hu is a professor in the Department of Electrical and Computer Engineering and Associate Dean for Research of College of Engineering at Utah State University in Logan, USA. Her research interests include next‐generation wireless communications, wireless network design and optimization.

Preface

5G wireless system is not only an evolution of the legacy 4G networks, but also a system with many new service capabilities, related to our daily life. To support these new service capabilities, 5G wireless systems integrate many new technologies, which can potentially bring new security vulnerabilities. Moreover, strict performance requirements for certain applications can not be satisfied with the current security solutions. For instance, vehicular communications over 5G require extremely low latency and IoT applications demand low overhead.

The new developments in network architecture and algorithms bring the challenges to the researchers to face new security vulnerabilities and high performance requirements of security solutions. This book intends to survey the current challenges in the field of security and privacy over 5G wireless systems, and to present flexible and efficient solutions for security and privacy over 5G wireless systems. Specifically, the book focuses on security and privacy improvements over 5G wireless systems based on security network architecture, cryptographic solutions, and physical layer security solutions for better flexibility and efficiency. There are seven chapters in this book.

Chapter 1 provides an introduction to 5G wireless systems. The chapter first introduces the motivations and objectives of 5G wireless networks. Based on the features of 5G wireless networks, 5G security drives and requirements are discussed. An overview of the 5G wireless network architecture is presented, and a comparison between the legacy cellular network and the 5G wireless network is discussed to better understand the systems.

Chapter 2 discusses cellular network security from 1G to 5G. A overview of security development from 1G to 4G is presented. Security attacks and security services in 5G wireless networks are discussed. Security architectures from 3G to 5G are illustrated.

Chapter 3 presents the security services and current solutions for security and privacy over 5G systems. The fundamental approaches for providing security in 5G wireless systems are first reviewed. Security solutions are introduced based on authentication, availability, data confidentiality, key management, and privacy.

Chapter 4 discusses interference management and security in heterogeneous networks (HetNet) over 5G wireless systems. Current studies and background of interference management and security issues on confidentiality are first introduced. A general HetNet system model and corresponding threat model are proposed. A security solution is proposed to utilize the existing interference to improve confidentiality in the 5G network. This chapter presents the details of the proposed method. An experimental study and evaluation are then demonstrated.

Chapter 5 deals with improving flexibility and efficiency of security schemes for heterogeneous IoT networks over 5G systems. A few security and privacy schemes for IoT applications are first discussed. A general IoT system architecture, trust models, threat models, and design objectives are presented. An authentication and secure data transmission scheme is proposed. Security analysis is presented to verify the proposed scheme. This chapter also presents an experimental study and evaluation.

Chapter 6 explores the efficiency of secure mobility management over 5G networks based on software‐defined networking (SDN). A HetNet system model is proposed over a SDN‐based 5G network. The handover scenarios and procedures are discussed. The proposed authentication protocols are presented with security analysis and performance analysis and evaluations.

Chapter 7 discusses the open issues and possible future research directions over 5G wireless networks.

We hope that our readers will enjoy this book.

CaliforniaAugust 2022

Dongfeng (Phoenix) Fang

California Polytechnic State University, San Luis Obispo

Yi Qian

University of Nebraska‐Lincoln

Rose Qingyang Hu

Utah State University

Acknowledgments

First, we would like to thank our families for their love and support.

We would like to thank our colleagues and students at California Polytechnic State University, San Luis Obispo, University of Nebraska‐Lincoln, and Utah State University for their support and enthusiasm in this book project and topic.

We express our thanks to the staff at Wiley for their support and to the book reviewers for their great feedback. We would like to thank Sandra Grayson, Juliet Booker, and Becky Cowan for their patience in handling publication issues.

This book project was partially supported by the U.S. National Science Foundation under grants CNS‐2007995, CNS‐2008145, CCCS‐2139508, and CCCS‐2139520.

Introduction

The advanced features of fifth‐generation (5G) wireless network systems yield new security and privacy requirements and challenges. This book addresses the motivation for security and privacy of 5G wireless network systems, an overview of 5G wireless network systems security and privacy in terms of security attacks and solutions, and a new security architecture for 5G systems. The aim of 5G wireless network security is to ensure the provision of robust security services to 5G wireless systems, without compromising the high‐performance capabilities that characterize 5G technology. Due to the inadequacy of 4G security architectures for 5G systems, novel security architectures are required to ensure the effectiveness and adaptability of security in 5G wireless networks. The topics to be addressed in this book include:

Introduction and background of 5G wireless networks,

Attacks and security services in 5G wireless networks,

Current 5G wireless security solutions,

A new 5G wireless security architecture,

Flexible and efficient security solutions, e.g., physical layer security, authentication, and mobility management.

1Introduction to 5G Wireless Systems

Fifth‐generation wireless networks, or 5G, are the fifth‐generation mobile wireless telecommunications beyond the current 4G/International Mobile Telecommunications (IMT)‐Advanced Systems [Panwar et al., 2016]. 5G wireless network is not only an evolution of the legacy 4G cellular networks but also a new communication system that can support many new service capabilities [Fang et al., 2017a]. In this chapter, we will introduce a general background of 5G wireless networks and 5G security, including motivations and objectives, security drives and requirements, and a general 5G wireless network architecture.

1.1 Motivations and Objectives of 5G Wireless Networks

The research and development of 5G technology is focused on achieving advanced features such as enhanced capacity to support a greater number of users at faster speeds than 4G, increased density of mobile broadband users to improve coverage [Xu et al., 2021], and supporting device‐to‐device (D2D) communications and massive machine‐type communications [NGMN Alliance, 2015]. 5G planning also aims to provide better network performance at lower latency and lower energy consumption to better support the implementation of the Internet of Things (IoT) [Andrews et al., 2014]. More specifically, there are eight advanced features of 5G wireless systems as follows [Warren and Dewar, 2014]:

Data rate: 1–10 Gbps connections to endpoints in the field;

Low latency: 1‐ms latency;

Bandwidth: 1000 bandwidth per unit area;

Connectivity: 10–100 number of connected devices;

Availability: 99.999% availability;

Coverage: 100% coverage;

Network energy efficiency: 90% reduction of network energy usage;

Device energy efficiency: Up to 10 years of battery life for low‐power devices.

To achieve these eight advanced network performance features, various technologies [Agiwal et al., 2016] are applied to 5G systems, such as heterogeneous networks (HetNet), massive multiple‐input multiple‐output (MIMO), millimeter wave (mmWave) [Qiao et al., 2015], D2D communications [Wei et al., 2016], software‐defined network (SDN) [Dabbagh et al., 2015], network functions virtualization (NFV) [Zhang et al., 2015], and networking slicing [NGMN Alliance, 2016]. The standardization process for 5G wireless systems has been carried out. Figure 1.1 illustrates a generic 5G wireless systems.

5G wireless systems can provide not only traditional voice and data communications but also many new use cases [Xu et al., 2022, Wang et al., 2021b], new industry applications, and a multitude of devices and applications to connect the society at large [AB Ericsson, 2018] as shown in Figure 1.1. Different 5G use cases are specified, such as vehicle‐to‐vehicle and vehicle‐to‐infrastructure communications [Fang et al., 2019b], industrial automation, health services, smart cities, and smart homes [Global Mobile Suppliers Association, 2015]. It is believed that 5G wireless systems can enhance mobile broadband with critical services and massive IoT applications [Qualcomm, 2016]. With the new architecture, technologies, and use cases in 5G wireless systems, it will face new challenges to provide security and privacy protections [Huawei, 2015].

Figure 1.1 A generic architecture for 5G wireless systems.

1.2 Security Drives and Requirements

To accomplish the objectives of 5G wireless networks, several fundamental security drivers and requirements are necessary. Figure 1.2 illustrates the main drives for 5G wireless security as supreme built‐in security, flexible security mechanisms, and automation. Supreme built‐in security is needed since, in 5G, new use cases, new technologies, and new networking paradigms are introduced. The other use cases can introduce specific requirements, such as ultra‐low latency in user communications, which will require improving the performance of the current security mechanisms. New technologies not only yield advanced service capabilities but also open the door to vulnerabilities and thus impose new security requirements in 5G [Liyanage et al., 2016]. In HetNet, different access technologies may have different security requirements, and a multi‐network environment may need highly frequent authentications with stringent delay constraints [Wang et al., 2016b]. Massive MIMO has been deemed a critical 5G technique to achieve higher spectral efficiency and energy efficiency. It is also considered a valuable technique against passive eavesdropping [Deng et al., 2015]. Furthermore, SDN and NFV in 5G will support new service delivery models and thus require new security aspects [Chen et al., 2016b, Tian et al., 2017]. With the advent of 5G networking paradigms, a new security architecture is needed. To address these issues, security must be considered an integral part of the overall architecture and should initially be integrated into the system design.

Figure 1.2 Security drives and requirements for 5G wireless security.

To support various use cases, new technologies, new networking paradigms, new threats, new trust models in an optimal way, and flexible security mechanisms are needed with changing ecosystem and growing need for dependability. Based on the current research on 5G wireless networks, security services on 5G wireless networks have more specific requirements due to the advanced features that 5G wireless networks have, such as low latency, and high energy efficiency. With various applications on 5G wireless networks and their network performances, flexible security mechanisms are desired with better efficiency performance [Xu et al., 2019].

Figure 1.3 Trust model of 4G and 5G wireless networks.

The trust models of the legacy cellular networks and 5G wireless networks are presented in Figure 1.3 [Huawei, 2015]. Not only full trust but also semi‐trust or not trust are considered. Authentications are required not only between subscribers and the two operators (the home and serving networks) but also among service parties in 5G wireless networks. Moreover, for the use case of vertical industries, the security demands vary significantly among different applications. For instance, mobile devices require lightweight security mechanisms as their power resource constraint, while high‐speed services require efficient security services with low latency. Therefore, the general flexibility for 5G security mechanisms is another critical requirement [Schneider and Horn, 2015]. Authentication management in 5G is more complex due to various types of and a massive number of devices connected. For different applications, different authentication models can be implemented. In Figure 1.3, user authentication can be done by the network provider, service provider, or both.

Besides the supreme built‐in security and flexibility security mechanisms, security automation is also a key element. It combines automated holistic security management with automated and intelligent security controls [NOKIA, 2017]. Since more personal information is used in various applications, such as surveillance applied over 5G wireless networks, privacy concerns escalate. Moreover, various services in 5G can be tied closer than before. For example, the fixed telephone line, internet access, and TV service can be terminated simultaneously due to the outage of a major network [Huawei, 2015]. Therefore, security automation is needed to make the 5G system robust against various security attacks.

1.3 5G Wireless Network Architecture

1.3.1 Overview of the 5G Wireless Network Architecture

The 5G wireless network architecture is introduced here. As shown in Figure 1.4