Analysis of Incarceration Attacks with RRCReject and RRCRelease in 5G Standalone Non-Public Network (5G SNPN에서 RRCReject과 RRCRelease를 이용한 감금 공격에 대한 분석)

Keewon Kim (김기원); Jong-Geun Park (박종근); Tae-Keun Park (박태근)

doi:10.9708/jksci.2021.26.10.093

Analysis of Incarceration Attacks with RRCReject and RRCRelease in 5G Standalone Non-Public Network

Journal of The Korea Society of Computer and Information
Abbr : JKSCI
2021, 26(10), pp.93-100
DOI : 10.9708/jksci.2021.26.10.093
Publisher : The Korean Society Of Computer And Information
Research Area : Engineering > Computer Science
Received : September 29, 2021
Accepted : October 18, 2021
Published : October 29, 2021

Keewon Kim ¹, Jong-Geun Park ², Tae-Keun Park ³

¹목포해양대학교
²한국전자통신연구원
³단국대학교

Accredited

ABSTRACT

In this paper, the possibility of a UE (User Equipment) incarceration attack using RRCRejecet and RRCRelease in 5G SNPN (Standalone Non-Public Network) is analyzed based on the 3GPP standard document. First, the cell selection and reselection procedures of the UE are analyzed, and then the processing process of the false base station and the UE before and after transmission of RRCReject and RRCRelease is analyzed. As a result of the analysis, it is possible that the false base station that transmits a strong signal causes the victim UE to establish an RRC connection to the false base station itself. In addition, if the false base station transmits an RRCReject message without integrity protection in response to the victim UE's attempt to establish an RRC connection, it is determined that the victim UE can continue to stay in the RRC connection attempt process. On the other hand, it is determined that it is impossible to incarcerate the victim UE by inducing an attempt to establish an RRC connection to another false base station using RRCRelease.

KEYWORDS

5G, Standalone Non-Public Network, RRC, 3GPP Standard, Incarceration Attack

Citation status

* References for papers published after 2023 are currently being built.

[journal] Mamta Agiwal / 2016 / Next Generation 5G Wireless Networks: A Comprehensive Survey / IEEE Communications Surveys & Tutorials / Institute of Electrical and Electronics Engineers (IEEE) 18(3) : 1617~1655

[journal] Martin Wollschlaeger / 2017 / The Future of Industrial Communication: Automation Networks in the Era of the Internet of Things and Industry 4.0 / IEEE Industrial Electronics Magazine / Institute of Electrical and Electronics Engineers (IEEE) 11(1) : 17~27

[journal] Ijaz Ahmad / 2019 / Security for 5G and Beyond / IEEE Communications Surveys & Tutorials / Institute of Electrical and Electronics Engineers (IEEE) 21(4) : 3682~3722

[journal] Rabia Khan / 2020 / A Survey on Security and Privacy of 5G Technologies: Potential Solutions, Recent Advancements, and Future Directions / IEEE Communications Surveys & Tutorials / Institute of Electrical and Electronics Engineers (IEEE) 22(1) : 196~248

[confproc] D. Basin / 2018 / A Formal Analysis of 5G Authentication / Proc. the 2018 ACM SIGSAC Conference on Computer and Communications Security (CCS ’18) : 1383~1396

[confproc] C. Cremers / 2019 / Component-based formal analysis of 5G-AKA: channel assumptions and session confusion / Proc. 26th Annual Network and Distributed System Security Symposium, NDSS : 24~27

[confproc] H. Kim / 2019 / Touching the Untouchables:Dynamic Security Analysis of the LTE Control Plane / Proc. IEEE Symposium on Security and Privacy (SP) : 1153~1168

[confproc] S.R. Hussain / 2019 / 5GReasoner: A Property-Directed Security and Privacy Analysis Framework for 5G Cellular Network Protocol / Proc. 2019 ACM SIGSAC Conference on Computer and Communications Security : 669~684

[journal] 김기원 / 2021 / Analysis of Deregistration Attacks in 5G Standalone Non-Public Network / 한국컴퓨터정보학회논문지 / 한국컴퓨터정보학회 26(9) : 81~88

[report] / 2019 / 5G-ACIA White Paper: “5G Non-Public Networks for Industrial Scenarios,”

[journal] 박태근 / 2020 / Security Threats and Potential Security Requirements in 5G Non-Public Networks for Industrial Applications / 한국컴퓨터정보학회논문지 / 한국컴퓨터정보학회 25(11) : 105~114

[other] / 2021 / 3GPP TS 38.304 v16.4.0: “NR; User Equipment (UE) procedures in Idle mode and RRC Inactive state,”

[other] / 2021 / 3GPP TS 38.331 v16.3.1: “Radio Resource Control (RRC)protocol specification,”

[other] / 2021 / 3GPP TS 38.133 v.16.7.0, “NR; Requirements for support of radio resource management,”

[other] / 2021 / 3GPP TS 38.300 v16.5.0, “NR; NR and NG-RAN Overall Description; Stage 2,”

This paper was written with support from the National Research Foundation of Korea.

KJCKorea
Journal Central

Journal of The Korea Society of Computer and Information 2023 KCI Impact Factor : 0.65

Analysis of Incarceration Attacks with RRCReject and RRCRelease in 5G Standalone Non-Public Network

ABSTRACT

KEYWORDS

Citation status

* References for papers published after 2023 are currently being built.

Journal of The Korea Society of Computer and Information 2023 KCI Impact Factor : 0.65

Analysis of Incarceration Attacks with RRCReject and RRCRelease in 5G Standalone Non-Public Network

ABSTRACT

KEYWORDS

Statistics

Tools

Issue List

Citation status

KCI Citation Counts (2)

REFERENCES (15) * References for papers published after 2023 are currently being built.

Search PDF

Citation

* References for papers published after 2023 are currently being built.