In this paper, the possibility of a UE (User Equipment) incarceration attack using RRCRejecet and RRCRelease in 5G SNPN (Standalone Non-Public Network) is analyzed based on the 3GPP standard document. First, the cell selection and reselection procedures of the UE are analyzed, and then the processing process of the false base station and the UE before and after transmission of RRCReject and RRCRelease is analyzed. As a result of the analysis, it is possible that the false base station that transmits a strong signal causes the victim UE to establish an RRC connection to the false base station itself. In addition, if the false base station transmits an RRCReject message without integrity protection in response to the victim UE's attempt to establish an RRC connection, it is determined that the victim UE can continue to stay in the RRC connection attempt process. On the other hand, it is determined that it is impossible to incarcerate the victim UE by inducing an attempt to establish an RRC connection to another false base station using RRCRelease.

5G , Standalone Non-Public Network , RRC , 3GPP Standard , Incarceration Attack