Research On Gtp Protocol Security Detection Technology In LTE

Posted on:2020-05-09

Degree:Master

Type:Thesis

Country:China

Candidate:Z Fu

Full Text:PDF

GTID:2428330572972247

Subject:Computer Science and Technology

Abstract/Summary:

PDF Full Text Request

With the rapid development of LTE mobile communication networks,it is becoming inseparable from the lives of users.However,due to the all-IP of LTE,attacks against LTE are becoming more and more active,so Research on LTE safety has become very important.In the current security academia,there are many researches on the security of LTE,but the security research on LTE networks in domestic and foreign is mainly oriented to access networks,and more consideration is given to the security mechanisms when accessing.Most of the research on LTE core network security is still in the overview stage,and there is no detailed analysis for important protocols.Based on this background,this paper deeply analyzes the security of the GTPv2 protocol in the core network.According to the particularity of GTPv2 protocol field and data flow,this paper proposed a unique fuzzy test method for GTPv2 protocol.The main work of this paper is as follows:1.A fuzzy test model for the GTPv2 protocol is proposed.By analyzing the characteristics of the GTPv2 protocol format and its constituent elements,a data mutation strategy based on the information elements of the GTPv2 protocol is developed.At the same time,by analyzing the interaction process of GTPv2 protocol and the state transition mode of network elements,a network state transition sequence generation algorithm based on finite state machine and a full-deformation packet sequence fuzzy test method based on feedback are proposed.2.A security testing framework for the GTPv2 protocol was designed and implemented.The framework includes three modules:packet transmission,packet mutation generation module and vulnerability recurrence module.packet mutation generation module is used to generate fuzzy test cases.The vulnerability recurring module is used to reproduce the crash found in the fuzzing test.3.This paper use the designed security test framework to carry out the fuzzy test of GTPv2 protocol for OAI-LTE 4G simulation system,successfully found 15 vulnerabilities in OAI for GTPv2 protocol processing part,the exploited vulnerabilities can use the recurring module to reproduce,which verify the vulnerability mining ability designed in this paper for the GTPv2 protocol security testing framework.

Keywords/Search Tags:

GTPv2 protocol, Protocol fuzzing, state machine, Vulnerability mining

PDF Full Text Request

Related items

1	Research On Vulnerability Mining Industrial Control Network Protocol Based On Fuzzing Test
2	Trojan's Vulnerability Fuzzing Method Based On Reverse Analysis Of Network Protocol
3	Internet Of Things Device Vulnerability Detection System Based On Protocol Fuzzy Test
4	Online Vulnerability Mining For Network Protocols Of Surveillance Camera
5	Research On Network Protocol Vulnerability Mining Technology Based On Fuzzing
6	Vulnerability Mining For Network Protocols Based On Fuzzing
7	Research On Vulnerability Mining Technology Of Industrial Control System
8	Application Of Machine Learning Models In Vulnerability Mining Of Network Protocols
9	Research On Security Vulnerability Discovering Based On Fuzzing And Related Attack & Defense Techniques
10	Study Of Fuzzing For Implementation Of Stateful Network Protocol Based On Dynamic Taint Analysis