1

Seminar Report

On

“CYBER SECURITY THREAT FOR 5 G”

Submitted In Partial Fulfillment Of The Requirements

For The Degree of

Bachelor Of Computer Application

SUBMITTED TO -: SUBMITTED BY :-

Ms. Shilpi Shukla Ganesh Sharma

DEPARTMENT OF COMPUTER SCIENCE AND

INFORMATION SYSTEM
SHRI RAMSWROOP MEMORIAL UNIVERSITY
LUCKNOW DEVA ROAD BARABANKI (U.P)
 2

CERTIFICATE
This is to certify that the seminar work entitled
“CYBERSECURITY FOR 5G NETWORK ” being
submitted by “Ganesh Sharma”, towards partial
fulfillment forthe award of the Degree of
Bachelor of Computer Applications from the
Department of Computer Science and Information
Systems to “SHRI
RAMSWAROOP MEMORIAL UNIVERSITY” during
session 2024-25, is a record of benefit work carried
outby them under my guidance and supervision. The
resultembodied in project synopsis have not been
submittedto any other University of Institute for the
award of any Degree.

Seminar Coordinator: - Submitted By: -

Ms. Shilpi Shukla Ganesh Sharma

202310101310024
 3

DECLARATION

I hereby declare that the project report entitled

“CYBERSECURITY FOR 5G NETWORK” submitted by
us to Shri Ramswaroop Memorial University,
Lucknow – Deva Road, Barabanki (UP) is the partial
requirement for the award of the degree of the
Bachelor of Computer Applications is a record of
bonafide seminar work carriedout. I further declare
that the work reported in this seminar has not been
submitted and will not be submitted either in part or
in full for the award of any other degree in this
institute.
Date: 23/10/2024

Signature of Student
Ganesh Sharma
 4

Abstract

The fifth-generation mobile network (5G) services have the

potential to provide high-speed connectivity to a large user base
with excellent benchmarks on low latencies, large capacity, and
faster
upload/download data rates. The potential for millimeter-wave
technologies to sustain enough power for mobile/Wi-Fi
connectivity for indoor/outdoor applications provides an additional
layer of expansion of 5G services to enhance good user experiences.
The probability of threat landscape increases with a significant
increase in network connectivity, users, non-existent or non-
compliant Internet of Things (IoT) standards, and service types.
Network mobility and applications that are planning on deploying
5G services such as Vehicle to Vehicle (V2V), Vehicle to Everything
(V2X), Vehicle or Building to Infrastructure (V2I/B2I) Augmented
and Virtual Reality (AR/VR), This paper provides a high-level
categorization of cyber attacks related to 5G environment into
Physical, Remote, and Local. The various benchmarks (latency,
bandwidth) for 5G network evaluation across multiple 5G related
technologies such as Enhanced Mobile Broadband (eMBB),
Massive Machine Type Communication (mMTC), Ultra-
Reliable Low LatencyCommunications (URLLC) are outlined.
 5

TABLE OF CONTENT

Chapter No. Title P.No

1 Abstract 1
2 Introduction 2
3 5G Network Architecture 3-4
4 5G threat Infrastructure 5-6
5 Potential Cyber Attack 7-9
6 Cyber and Non-Cyber Risk 10-13
7 Conclusion 14
8 Reference 15
 6

INTRODUCTION
Rapid demand for bandwidth and high mobile traffic burdening existing
3G/4G network performance to be slower and unreliable to many
rd
newemerging services. 5G was introduced by the 3 Generation
PartnershipProject (3GPP) to expand the quality of services (QoS) and
enhance userexperiences. It is designed to support a larger number of
networks connected devices with high data volume, and low latencies
than 4G network [1]. Fig. 1 represents the different download speeds of
the recent 3 cellular network generations. In 5G network, the devices
such as smartphones are connected through an important part of a
cellular network infrastructure called Radio Access Network (RAN) that
allows integrating and improving the network utilization of mobile
devices [4]. Device to device (D2D) communication is a “network of
networks” in which multiple networks are integrated for data services
and network communication over radio access technologies.
 7

5G NETWORK ARCHITECTURE
In 5G network, the devices such as smartphones are
connected through an important part of a cellular
networkinfrastructure called Radio Access Network
(RAN) that allows integrating and improving the network
utilization of mobile devices. Device to device (D2D)
communication is a “network of networks” in which
multiple networks are integrated for data services and
network communication over radio access
technologies .All of the connection types in 5G network
are linked to multiple input multiple output (MIMO),
which is a technology to multiply the capacity of radio
link by relying on arrays of transmission and receiving
antennasto exploit multi-path propagation . The network
architecture comprises of three different layers:
infrastructure, control, and application layers. Each
layer differs by the type of component placements and
varying degree of functionalities. The connectivity
components like routers, switches, and base stations are
placed in the infrastructure layer. The control layer
implements the decision-making entities and network
control function that is integrated into the application
layer. Network services are utilized, and business
 8

applications are executed in the application layer. 5G can

reduce the MTC latencies to 1 millisecond (ms)
betweenwireless devices. Massive machine-type
communication(mMTC) is a communication carried by
machine or software platforms for coordinating,
sensing, and actuation that are not operated by humans
[8]. 5G can reduce the MTC latencies to 1 millisecond
(ms) betweenwireless devices. This is a significant
improvement fromthe latencies of 50 ms and 60 ms for
3G and 4G technologies respectively [9] Machine-type
communication enables 5G services to operate securely,
reliably and autonomously [10]. AT&T and FirstNet
network organizations collaborated to provide public
safety or emergency.
 9

THREAT SURFACES

5G, at its inception, was expected to build upon

existing 3G and 4G/4G (LTE) infrastructure
toprovide low latency and high-speed
services to applications in transportation,
aviation, automotive, and energy domains.
However, 5G can be exploited by its threat
surfaces. A threat surface, as defined by the
National Institute of Standards and
Technology (NIST), consists of “the set of
points on the boundaryof a system, a system
element, or an environment where an
attacker can try to enter, cause an effect on,
or extract data from, that system, system
element, or environment.” For example,
disruption to aviationservices due to 5G
services are emerging and causing mass
schedule changesand
cancellations.According to FAA, as 5G
infrastructure uses new frequencies,
increased power levels, and warrants closer
proximity of flight operations,
existing aviation equipment’s (e.g., radio
altimeter equipment closer to antennas) are
 10

noticing disruptions to airport

operations .Similarthreats exist to other critical
infrastructures such as U.S. Power Grid
assets .Distributed Energy

Resource (DER’s) controllers), Gas Pipeline

Networks (e.g., pumping stations/junctions,
switches), and Water/Sewage or Storm
TreatmentSystems (e.g., key interconnect units or
switches).This section classifies three threat
surfaces to 5G infrastructure: hardware,
operations, and network as show.
 11

POTENTIAL CYBER ATTACKS

Cyber security properties such as
confidentiality, integrity, and availability
(CIA)of 5G networks require multi-layered
authentication to thwart threats. Cyber threats
to5G infrastructure can broadly be classified
into two attack types: passive and active.
Passive attacks such as dropping and traffic
analyses donot intervene in a network’s traffic
to modify, insert, or delete data but passively
monitor the data being transferred; they do not
alter the system states or data.
A. Remote Attacks
B. Local Attacks.
C. Physical Attacks.
 12

Remote Attacks

Vulnerabilities in the General Packet Radio

Service Tunneling Protocol (GTP), can be
exploited by remote threat actors to
impersonate users using details such as
authentication status, location, and
subscriber settings [27]The likelihoods and
the associated consequences of remote
attacks (i.e., impersonation, DoS/DDoS,
jamming) are medium-high as they
primarily compromise the availability of a
5G network.

Local Attacks

Local area network (LAN) and wireless local area

network (WLAN) can be accessed with an open base
station through unauthorized users on the network
[32]. The likelihoods and associated consequences of
local attacks (i.e., data sniffing, spoofing, man-in-
the-middle) are medium-high.
 13

Physical Attacks

Physical attacks refer to damage to property or

people,where an intruder (or a malicious actor) takes
controlof key sensing, or communication or a control
equipment. The likelihoods of such attacks and their
associated consequences can be considered low-
medium. Some common examples for this attack
typeinclude: eavesdropping, tampering of physical
environment (i.e., cellular towers or
associated equipment), and sybil.
 14

Cyber Risks in 5G Networks

• Definition: Risks associated with digital attacks or

vulnerabilitiestargeting data, devices, and
infrastructure.
• Examples:
o Data Breaches: Unauthorized access to sensitive
user orbusiness data due to vulnerabilities in the
5G network.
o Distributed Denial of Service (DDoS) Attacks: Overloading
5G-enabled systems with traffic, leading to network
downtime.

o Network Slicing Attacks: Exploiting vulnerabilities

in virtual network slices to gain unauthorized access
or disrupt services.
o IoT Device Hijacking: With 5G enabling more IoT
devices,attackers can compromise these devices to
form botnets.
• Impact:
 15

o Loss of confidentiality, integrity, and availability of data.

o Financial losses, reputational damage, and legal
consequencesfor businesses.
• Mitigation:
o Implementing robust encryption protocols.
o Regular security updates and patches.
o Multi-factor authentication and network monitoring.

Non-Cyber Risks in 5G Networks

• Definition: Risks not directly related to digital attacks but

affecting thephysical, operational, or social aspects of the 5G
ecosystem.
• Examples:
o Health Concerns: Perceived risks of increased
electromagneticradiation affecting human
health.
o Infrastructure Risks: Physical damage to 5G towers due
tonatural disasters, vandalism, or geopolitical tensions.
o Regulatory and Compliance Issues: Delays or penalties due
tonon-compliance with local or international 5G deployment
regulations.
o Supply Chain Disruptions: Delays in hardware/
softwarecomponents due to global supply chain
issues.
• Impact:
o Delayed deployment and operation of 5G networks.
o Increased costs due to maintenance, legal fines, or rebuilding.
• Mitigation:
o Conducting regular risk assessments.
o Strengthening supply chain resilience.
o Educating the public on health concerns based on
scientificevidence.
 16

CONCLUSION

This paper provides a review of potential cyber attacks into three categories:
Physical, Remote, and Local. Further, several threat vectors can also be
classified into Hardware, Operations, and Network types. As demand for
morespectrum will surge, it is natural for the cyber threat landscape to grow.
Telecommunication companies and network providers have begun to deploy
5G services and it is important to assess the security exploitations early on
across the three categories to avoid expensive re-design/re- installations of 5G
infrastructure that may hinder both critical (i.e., energy, aviation, water/
sanitary

systems, and transportation networks), and non-critical (user authentication

and privacy challenges) infrastructures. Futuristic mitigation solutions (e.g.,
blockchain, encryption mechanisms, multi-layered credential or policy
authentication, access privileges to key resources) should be carefully
designed and must be robust to track and deter threats as this technology is
new and evolving.
 17

REFERENCES

1. H. Fourati, R. Maaloul, and L. Chaari, A survey of 5G network systems: challenges and machine learning approaches.

2. E. O’Connell, D. Moore, T. N.- Telecom, and undefined 2020, “Challenges associated with

implementing 5G inmanufacturing,” mdpi.com, Available: https://www.mdpi.com/2673-400

3. A. Gupta, R. J.-I. access, and undefined 2015, “A survey of 5G network: Architecture and emerging technologies,”

ieeexplore.ieee.org, Available: https://ieeexplore.ieee.org/abstract/document/7169508/

4. A. Gudipati, D. Perry, L. E. Li, and S. Katti, “Softran: Software defined radio access network,” HotSDN 2013

- Proceedingsof the 2013 ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking,

5. M. Höyhtyä, O. Apilo, and M. Lasanen, “Review of latest advances in 3GPP standardization: D2D communication

in 5Gsystems and its energy consumption models,” Future Internet.

18
19
20
21