| With the rapid development of mobile communication technologies,LTE networks are widely deployed on a global scale.At the same time as the improvement of LTE,new security issues have also arisen due to features such as all-IP protocols in EPC.At present,the research focus on LTE security issues is mainly based on access networks,and there are few researches on security issues of LTE core networks.Some security issues caused in recent years have also proved that security research on key protocols of LTE core networks is necessary.Firstly,this paper conducts a detailed study on the network elements and protocol interfaces of the LTE core network,and analyzes the functions of each interface and the types of protocols.Then,we analysis the format and application scenarios of the Diameter protocol,which plays an important role in the core network.The characteristics of the Diameter protocol in the LTE core network are analyzed and summarized.Combined with the fuzz test,this security defect detection method is based on the characteristics of the Diameter protocol.A fuzz test packet generation algorithm suitable for the core network Diameter protocol.Afterwards,in order to verify the effect of the fuzz test algorithm,this paper builds the open source LTE core network test platform OAI,and based on the platform,the fuzz test algorithm and the full random packet generation algorithm are compared and tested,and the proposed algorithm is more effective in generate available mutation packets.The number of available mutation packet generated rate has increased.Finally,based on the proposed fuzz test algorithm,this paper designs and implements the fuzz test framework for the core network Diameter protocol,and tests the HSS network cell on the OAI platform and finds the buffer overflow vulnerability.It is proved that the fuzz test algorithm and framework have certain effects on detecting the security flaw of the core network Diameter protocol. |
PDF Full Text Request