Security Analysis Of Designs And Implementations Of LTE Network Protocols

As widely commercialized, LTE network is spread out so quickly,which gave people quicker Internet speed and better voice services than before. But at the same time, some potential security vulnerabilities gradually exposed. In order to protect the privacy and legitimate benefits of LTE operators and users, we have to analyze the security mechanism of the LTE system. Protocols specify network entities' behaviors when communications happen, which will further determine the network functionalities. Therefore, security analysis of network protocols plays an important role in analyzing the security of the whole LTE system.Meanwhile, due to complexity of development environment and carelessness of developers, there are usually some security vulnerabilities in some real protocols' implementations. So it's necessary and worthwhile for us to analyze the security of protocols' implementations.This paper analyzed the security of Designs and Implementations of LTE Network Protocols in four steps as follows:Firstly, this paper introduced the basic concept of LTE system,including the structure of E-UTRAN and EPC, security architecture of LTE system and the existing security mechanism used in system.Secondly, this paper analyzed the security of the AKA procedure, Key Management in X2 Handover procedure and Attach and Authentication procedure on the theoretical level, for unveiling the potential security vulnerabilities in them. As a result, this paper found two security weaknesses in them. One is the lack of one-hop front security in X2 Handover procedure. Another is HSS are potentially crashed when they face large number requests in a short time in Attach and Authentication procedure.Thirdly, due to lack of actual LTE testing equipment, this paper analyzed securities of LTE protocols' implementation based on two open source LTE simulators: NS3 and OAI. Which led to two potential security weaknesses: one is potential SQL Injection in OAI and the other is potential segment fault in NS3 LTE. In addition, this paper built testing platform based on NS3 and test and validate security vulnerabilities on them.Finally, the paper proposed some solutions to enhance and extend the standard security mechanism and analyzed the feasibility of the enhancement.