Formal Analysis of Access Control Mechanism of 5G Core Network

Mujtahid Akon; Tianchang Yang; Yilu Dong; Syed Rafiul Hussain

doi:10.1145/3576915.3623113

Formal Analysis of Access Control Mechanism of 5G Core Network

Mujtahid Akon, Tianchang Yang, Yilu Dong, Syed Rafiul Hussain

School of Electrical Engineering and Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

8 Scopus citations

Abstract

We present 5GCVerif, a model-based testing framework designed to formally analyze the access control framework of the 5G Core. With its modular design, 5GCVerif employs various abstraction techniques to craft an abstract model that captures the intricate details of the 5G Core's access control mechanism. This approach offers customizability and extensibility in constructing the abstract model and addresses the state explosion problem in model checking. 5GCVerif also sidesteps the challenge of exhaustively generating models for all possible core network configurations by restricting the model checker to explore policy violations only within the valid network configurations. Using 5GCVerif, we evaluated 55 security properties, leading to the discovery of five new vulnerabilities in 5G Core's access control mechanism. The uncovered vulnerabilities can result in multiple attacks including unauthorized entry to sensitive information, illegitimate access to services, and denial-of-services.

Original language	English (US)
Title of host publication	CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security
Publisher	Association for Computing Machinery, Inc
Pages	666-680
Number of pages	15
ISBN (Electronic)	9798400700507
DOIs	https://doi.org/10.1145/3576915.3623113
State	Published - Nov 21 2021
Event	30th ACM SIGSAC Conference on Computer and Communications Security, CCS 2023 - Copenhagen, Denmark Duration: Nov 26 2023 → Nov 30 2023

Publication series

Name	CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security

Conference

Conference	30th ACM SIGSAC Conference on Computer and Communications Security, CCS 2023
Country/Territory	Denmark
City	Copenhagen
Period	11/26/23 → 11/30/23

All Science Journal Classification (ASJC) codes

Computer Networks and Communications
Computer Science Applications
Software

Access to Document

10.1145/3576915.3623113

Cite this

Akon, M., Yang, T., Dong, Y., & Hussain, S. R. (2021). Formal Analysis of Access Control Mechanism of 5G Core Network. In CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security (pp. 666-680). (CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security). Association for Computing Machinery, Inc. https://doi.org/10.1145/3576915.3623113

Akon, Mujtahid ; Yang, Tianchang ; Dong, Yilu et al. / Formal Analysis of Access Control Mechanism of 5G Core Network. CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, Inc, 2021. pp. 666-680 (CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security).

@inproceedings{b8d7a58ae19946618e317861eb6d3fe0,

title = "Formal Analysis of Access Control Mechanism of 5G Core Network",

abstract = "We present 5GCVerif, a model-based testing framework designed to formally analyze the access control framework of the 5G Core. With its modular design, 5GCVerif employs various abstraction techniques to craft an abstract model that captures the intricate details of the 5G Core's access control mechanism. This approach offers customizability and extensibility in constructing the abstract model and addresses the state explosion problem in model checking. 5GCVerif also sidesteps the challenge of exhaustively generating models for all possible core network configurations by restricting the model checker to explore policy violations only within the valid network configurations. Using 5GCVerif, we evaluated 55 security properties, leading to the discovery of five new vulnerabilities in 5G Core's access control mechanism. The uncovered vulnerabilities can result in multiple attacks including unauthorized entry to sensitive information, illegitimate access to services, and denial-of-services.",

author = "Mujtahid Akon and Tianchang Yang and Yilu Dong and Hussain, {Syed Rafiul}",

note = "Publisher Copyright: {\textcopyright} 2023 Copyright held by the owner/author(s).; 30th ACM SIGSAC Conference on Computer and Communications Security, CCS 2023 ; Conference date: 26-11-2023 Through 30-11-2023",

year = "2021",

month = nov,

day = "21",

doi = "10.1145/3576915.3623113",

language = "English (US)",

series = "CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security",

publisher = "Association for Computing Machinery, Inc",

pages = "666--680",

booktitle = "CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security",

}

Akon, M, Yang, T, Dong, Y & Hussain, SR 2021, Formal Analysis of Access Control Mechanism of 5G Core Network. in CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security. CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, Association for Computing Machinery, Inc, pp. 666-680, 30th ACM SIGSAC Conference on Computer and Communications Security, CCS 2023, Copenhagen, Denmark, 11/26/23. https://doi.org/10.1145/3576915.3623113

Formal Analysis of Access Control Mechanism of 5G Core Network. / Akon, Mujtahid; Yang, Tianchang; Dong, Yilu et al.
CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, Inc, 2021. p. 666-680 (CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Formal Analysis of Access Control Mechanism of 5G Core Network

AU - Akon, Mujtahid

AU - Yang, Tianchang

AU - Dong, Yilu

AU - Hussain, Syed Rafiul

PY - 2021/11/21

Y1 - 2021/11/21

N2 - We present 5GCVerif, a model-based testing framework designed to formally analyze the access control framework of the 5G Core. With its modular design, 5GCVerif employs various abstraction techniques to craft an abstract model that captures the intricate details of the 5G Core's access control mechanism. This approach offers customizability and extensibility in constructing the abstract model and addresses the state explosion problem in model checking. 5GCVerif also sidesteps the challenge of exhaustively generating models for all possible core network configurations by restricting the model checker to explore policy violations only within the valid network configurations. Using 5GCVerif, we evaluated 55 security properties, leading to the discovery of five new vulnerabilities in 5G Core's access control mechanism. The uncovered vulnerabilities can result in multiple attacks including unauthorized entry to sensitive information, illegitimate access to services, and denial-of-services.

AB - We present 5GCVerif, a model-based testing framework designed to formally analyze the access control framework of the 5G Core. With its modular design, 5GCVerif employs various abstraction techniques to craft an abstract model that captures the intricate details of the 5G Core's access control mechanism. This approach offers customizability and extensibility in constructing the abstract model and addresses the state explosion problem in model checking. 5GCVerif also sidesteps the challenge of exhaustively generating models for all possible core network configurations by restricting the model checker to explore policy violations only within the valid network configurations. Using 5GCVerif, we evaluated 55 security properties, leading to the discovery of five new vulnerabilities in 5G Core's access control mechanism. The uncovered vulnerabilities can result in multiple attacks including unauthorized entry to sensitive information, illegitimate access to services, and denial-of-services.

UR - http://www.scopus.com/inward/record.url?scp=85179847739&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85179847739&partnerID=8YFLogxK

U2 - 10.1145/3576915.3623113

DO - 10.1145/3576915.3623113

M3 - Conference contribution

AN - SCOPUS:85179847739

T3 - CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security

SP - 666

EP - 680

BT - CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security

PB - Association for Computing Machinery, Inc

T2 - 30th ACM SIGSAC Conference on Computer and Communications Security, CCS 2023

Y2 - 26 November 2023 through 30 November 2023

ER -

Akon M, Yang T, Dong Y, Hussain SR. Formal Analysis of Access Control Mechanism of 5G Core Network. In CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, Inc. 2021. p. 666-680. (CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security). doi: 10.1145/3576915.3623113

Formal Analysis of Access Control Mechanism of 5G Core Network

Abstract

Publication series

Conference

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this