Published October 22, 2024 | Version v2
Conference paper Open

Demystifying Privacy in 5G Stand Alone Networks

  • 1. Imdea Networks Institute
  • 2. Universidad Carlos III de Madrid
  • 3. ROR icon Universidad de Málaga
  • 4. Telefonica Research

Description

Ensuring user privacy remains critical in mobile networks, particularly with the rise of connected devices and denser 5G infrastructure. Privacy concerns have persisted across 2G, 3G, and 4G/LTE networks. Recognizing these concerns, the 3rd Generation Partnership Project (3GPP) has made privacy enhancements in 5G Release 15. However, the extent of operator adoption remains unclear, especially as most networks operate in 5G Non Stand Alone (NSA) mode, relying on 4G Core Networks. This study provides the first qualitative and experimental comparison between 5G NSA and Stand Alone (SA) in real operator networks, focusing on privacy enhancements addressing top eight pre-5G attacks based on recent academic literature. Additionally, it evaluates the privacy levels of OpenAirInterface (OAI), a leading open-source software for 5G, against real network deployments for the same attacks. The analysis reveals two new 5G privacy vulnerabilities, underscoring the need for further research and stricter standards.

Notes (English)

This research has received funding from: The Ministry of Economic Affairs and Digital Transformation of Spain and the European Union-Next Generation EU programme for the Recovery, Transformation and Resilience Plan and the Recovery and Resilience Mechanism under agreements TSI-063000-2021-63 (MAP-6G), TSI-063000-2021-142 and TSI-063000-2021-147 (6G-RIEMANN); The European Union Horizon 2020 program under grant agreements 101021808 (SPATIAL), and the Smart Networks and Services Joint Undertaking (SNS JU) Research and Innovation programme under Grant Agreements No 101096435 (CONFIDENTIAL6G) and 101139067 (ELASTIC). The views and opinions expressed are those of the authors only and do not necessarily reflect those of the European Union. Neither the European Union nor the granting authority can be held responsible for them.

The authors thank Maria del Mar Moreno, Javier Jimemez, Manuel Palacios Trapero for their help during the experiments.

Files

Eleftherakis_et_al_MobiCom2024_v2.pdf

Files (1.1 MB)

Name Size Download all
md5:309cc670f59d3d78f7435c94dff1a197
1.1 MB Preview Download

Additional details

Funding

ELASTIC – Efficient, portabLe And Secure orchesTration for reliable servICes 101139067
European Commission
CONFIDENTIAL6G – Confidential Computing and Privacy-preserving Technologies for 6G 101096435
European Commission
SPATIAL – Security and Privacy Accountable Technology Innovations, Algorithms, and machine Learning 101021808
European Commission