Vulnerability Analysis And Improvements Of 4G\5G Network

With the development of information technology,the requirement of the network is increasing.Related works show that the signal jamming attack still threatens 4G network security,especially,the application-layer DDoS attacks and the physical-layer signal jamming attacks.And 5G network uses a new architecture and authentication protocol,which will theoretically be more secure.However,since the 5G protocols have not been fully tested and some of the 5G protocols are the same as 4G,there may still be some flaws,which can threaten the security of 5G networks.So,it is a key issue to study the security of these two networks.In this thesis,the vulnerability of 4G and 5G networks will be analyzed and some enhancing solutions of the flaws will be proposed.For the attacks in the current 4G network including application-layer DDoS attacks and physical-layer signal jamming attacks,a model which can effectively detect the above two types of attacks is proposed in this thesis.Two new features,t_same and t_entropy,are used to train random forest machine learning classifiers which can identify attack traffic.And a new algorithm named Fast Feature Extractor(FFEX)is proposed which can calculate these two new features efficiently.Then,the implementation methods of the sub-modules and simulation methods of the two attacks are introduced.After implementing the attack simulations,the corresponding data are collected to test the proposed model.The tests focus on the performance of the model including accuracy and time consumption.And the performance of the FFEX algorithm also been tested.The results show that the model proposed in this thesis can effectively identify the application-layer DDoS attacks and the physical-layer signal jamming attacks data with the assistant of two new features and the FFEX algorithm.The accuracy rate of identifying the application-layer DDoS attacks is about 96.8% and identifying the physical-layer signal jamming attacks is higher,which is about 98.27%.The model training time consumption is related to the amount of the training data,but the FFEX algorithm can calculate the two new features efficiently.The average runtime to calculate the features of each data only takes about 0.0943 ms.For 5G network security,the 5G authentication protocol,that is,the 5G AKA protocol plays an important role in 5G network security.And the work in [37] proposed that the existing 5G AKA protocol has not achieved high authentication properties yet.And [44] proposed an SQN attack that can threaten the security of the 4G network,and the SQN attack may still threaten 5G network security.Therefore,a formal analysis tool named Tamarin is used in this thesis to analyze what authentication properties in Lowe's taxonomy of SEAFK can be achieved by each party of the protocol and whether the 5G AKA protocol can resist the SQN attack.The results show that each party cannot achieve high-level properties for SEAFK of the protocol and the SQN attack trace still exists in the 5G AKA protocol.Then the reasons for these problems are analyzed and an improved 5G AKA protocol is proposed.And the improved 5G AKA protocol is also analyzed by Tamarin.The results show that the improved 5G AKA protocol can not only achieve higher security properties but also resist SQN attacks.In the end,the reasons why the improved protocol can significantly improve the security properties and can resist the SQN attack are given.