Research On 5G Authentication And Anomaly Traffic Detection Technology

At present,according to the progress of the 3GPP(3rd Generation Partnership Project)5G Promotion Group,the R16 standard has been announced to be frozen on July 3,2020,which marks the completion of the first evolutionary version of 5G.5G is the country's key infrastruc-ture,and it has important significance and far-reaching impact on its security research.Through the existing 5G Authentication and Key Agreement mechanism and the security research of the5 G network,we found that there are the following three problems:First of all,the Globally Unique Temporary UE Identity(GUTI)used in the 5G AKA pro--tocol can only be allocated and updated by the network side.If the network side updates GUTI not in time,It will bring the risk of potential user privacy leakage.Secondly,re--authentication may occur when the message is out of sync during the authentication process.The existing re-authentication mechanism is caused by abnormal conditions such as network delays or message loss in certain scenarios of 5G(such as UE high-speed mobile scenarios).There is a problem of low efficiency.In addition,5G networks are confronted with the problem of huge and complex traffic,and the anomaly traffic detection algorithm does not take into account the time--domain characteristic information of the traffic data.To address the above problems,the main work of this paper is described as follows:1.Analyze the current research status of 5G AKA scheme,and analyze the 5G AKA process.It is pointed out that the allocation and update of GUTI can only be specified by the network side,which has potential security threats,and gives specific attack scenarios.It is analyzed that the UE cannot change the GUTI as needed,which reduces the confidentiality of the user's identity.In addition,in the current 5G AKA process,the message synchronization mechanism has the problem of low authentication efficiency under certain circumstances.2.Proposed a 5G AKA protocol enhancement scheme based on the identity pool and Bloom filter.The scheme mainly includes two mechanisms,namely the UE change temporary identity mechanism and the message out-of-synchronization fast re-authentication mechanism.The temporary identity is generated by using the identity pool,and the bloom filter is used to establish a many-to-one mapping relationship between the temporary identity and the user,so as to realize rapid verification in the follow-up.In our enhanced scheme,the UE has the function of changing the temporary identity,and the authentication process can be completed quickly even in the scenario where the message is out-of-synchronization.Through the experiment simulation and analysis of the scheme,it is concluded that our scheme is safe and efficient.3.A 5G anomaly traffic detection scheme based on the GRU network is proposed.The entities involved in the reform scheme are virtualized,which is convenient for dynamic deploy-ment to adapt to network changes.At the same time,an abnormal traffic detection model based on Gated Recurrent Unit(GRU)network is studied.The model is lightweight and fully consid-ers the time domain characteristics between the flow data.We conducted experiments on the IDS2018(Intrusion Detection Systems 2018)public dataset,and compared the performance of other four statistical learning algorithms,and concluded that the model proposed in this article has the advantages of fast detection speed and high accuracy.