Secure Handover Management Against False Base Station Attacks

False Base Stations attack raises concerns about data privacy during handover process in 5G networks. Broadcasting of measurement reports unveils the need of security assessment since a false base station can send a stronger signal to the User Equipment (UE) to establish a connection with itself. This may cause to the leakage of information. Thus, a fundamental solution is to protect measurement reports with encryption algorithms. In this paper, we identify the security vulnerabilities of handover process and simulate a scenario, where a false base station is deployed and UEs can be connected it during handover process. In order to prevent this, we propose a secure handover scheme to protect measurement reports by using two encryption algorithms; (i) Advanced Encryption Algorithm (AES)-256, and (ii) Rivest Cipher 4 (RC4) Algorithm. Then, we analyze the computation time and show the secure connection to a legitimate base station during handover process.

Keywords:

False Base Stations, Measurement report, Handover 5G networks, Man-in-the-middle attack,

PDF

___

[1] D. Kafetzis, S. Vassilaras, G. Vardoulias and I. Koutsopoulos, “Software-Defined Networking Meets Software-Defined Radio in Mobile ad hoc Networks: State of the Art and Future Directions”, in IEEE Access, vol. 10, pp. 9989-10014, 2022, doi: 10.1109/ACCESS.2022.3144072.
[2] P. Xue and Z. Jiang, “SecRouting: Secure Routing for Network Functions Virtualization (NFV) Technology”, in IEEE Transactions on Circuits and Systems II: Express Briefs, vol. 69, no. 3, pp. 1727-1731, March 2022, doi: 10.1109/TCSII.2021.3119938.
[3] D. Zhao, Z. Yan, M. Wang, P. Zhang, B. Song, “Is 5G Handover Secure and Private: A Survey”, IEEE Internet of Things Journal vol. 8, no.16, pp. 12855–12879, 2021. doi:10.1109/JIOT.2021.3068463.
[4] IMT Vision-Framework and Overall Objectives of the Future Development of IMT for 2020 and Beyond, Recommendation ITU-R M.2083-0 (09/2015).
[5] 3GPP TS 33.501, “Security Architecture and Procedures for 5G System (version 15.4.0 release 15)”, Technical specification (2019).
[6] M. Conti, N. Dragoni, V. Lesyk, “A Survey of Man in the Middle Attacks”, IEEE Communications Surveys & Tutorials vol. 18, no. 3 pp. 2027–2051, 2016. doi:10.1109/COMST.2016.2548426.
[7] 3GPP TR 33.809 v0.20.0, “Study on 5G Security Enhancement Against False Base Stations (FBS) (Release 18)", Technical specification (2022).
[8] V. Sharma, I. You, F. Leu, M. Atiquzzaman, “Secure and Efficient Protocol for Fast Handover in 5G Mobile Xhaul Networks”, Journal of Network and Computer Applications, vol.102, pp. 38-57, 2018.
[9] L. Karaçay, Z. Bilgin, A. B. Gündüz, P. Çomak, E. Tomur, E. U. Soykan, U. Gülen, F. Karakoç, “A Network-based Positioning Method to Locate False Base Stations”, IEEE Access vol. 9, pp.111368–111382, 2021. doi:10.1109/ACCESS.2021.3103673.
[10] H. Alrashede and R. A. Shaikh, “IMSI Catcher Detection Method for Cellular Networks”, in 2019 2nd International Conference on Computer Applications & Information Security (ICCAIS), Riyadh, Saudi Arabia, 2019, pp. 1-6, doi: 10.1109/CAIS.2019.8769507.
[11] S. Park, A. Shaik, R. Borgaonkar, and J. Seifert. “Anatomy of Commercial IMSI Catchers and Detectors”, in Proceedings of the 18th ACM Workshop on Privacy in the Electronic Society (WPES'19). Association for Computing Machinery, New York, NY, USA, pp. 74–86, 2019. https://doi.org/10.1145/3338498.3358649.
[12] K.-W. Huang, H.-M. Wang, “Identifying the Fake Base Station: A Location Based Approach”, IEEE Communications Letters vol. 22, no. 8, pp. 1604–1607, 2018. doi:10.1109/LCOMM.2018.2843334.
[13] J. Shin, Y. Shin, J.-G. Park, “Network Detection of Fake Base Station Using Automatic Neighbour Relation in Self-organizing Networks”, in 13th International Conference on Information and Communication Technology Convergence (ICTC), 2022, pp. 968–970. doi:10.1109/ICTC55196.2022.9952901.
[14] A. Ali, G. Fischer, “Symbol Based Statistical RF Fingerprinting for Fake Base Station Identification”, in 29th International Conference Radioelektronika (RADIOELEKTRONIKA), pp. 1–5, 2019. doi:10.1109/RADIOELEK.2019.8733585.
[15] A. Ali, G. Fischer, “The Phase Noise and Clock Synchronous Carrier Frequency Offset based RF Fingerprinting for the Fake Base Station Detection”, in IEEE 20th Wireless and Microwave Technology Conference (WAMICON), pp. 1–6, 2019. doi:10.1109/WAMICON.2019.8765471.
[16] A. Mazroa, M. Arozullah, “Detection and Remediation of Attack by Fake Base Stations in LTE Networks”, International Journal of Soft Computing and Engineering (IJSCE), vol.5, no. 2, 2015.
[17] X. Yan, M. Ma, “A Lightweight and Secure Handover Authentication Scheme for 5G Network Using Neighbour Base Stations”, Journal of Network and Computer Applications vol. 193, p. 103204, 2021. https://doi.org/10.1016/j.jnca.2021.103204.
[18] A. Sharma, I. Sharma and A. Jain, “A Construction of Security Enhanced and Efficient Handover AKA Protocol in 5G Communication Network”, in 10th International Conference on Computing, Communication and Networking Technologies (ICCCNT), Kanpur, India, pp. 1-6, 2019. doi: 10.1109/ICCCNT45670.2019.8944569.
[19] J. Guo, Y. Du, Y. Zhang, M. Li, “A Provably Secure ECC-based Access and Handover Authentication Protocol for Space Information Networks”, Journal of Network and Computer Applications vol. 193, 2021. 103183. https://doi.org/10.1016/j.jnca.2021.103183.
[20] R. Ma, J. Cao, D. Feng, H. Li, Y. Zhang, X. Lv, “PPSHA: Privacy Preserving Secure Handover Authentication Scheme for All Application Scenarios in LTE-A Networks”, Ad Hoc Networks vol. 87, pp. 49–60, 2019. https://doi.org/10.1016/j.adhoc.2018.11.012.
[21] Y. Zhang, R. H. Deng, E. Bertino and D. Zheng, “Robust and Universal Seamless Handover Authentication in 5G HetNets,” in IEEE Transactions on Dependable and Secure Computing, vol. 18, no. 2, pp. 858-874, 1 March-April 2021, doi: 10.1109/TDSC.2019.2927664.
[22] 3GPP TS 36.331 – “Evolved Universal Terrestrial Radio Access (E-UTRA); Radio Resource Control (RRC); Protocol Specification (Release 8)”, Technical Specification (2013).
[23] Y. Y. Deng, C. L. Chen, J. Shin and K. H. Wang, “Cryptanalysis of Yang et al.’s Handover Authentication Scheme for Mobile Network Environment,” in 2017 International Symposium on Computer Science and Intelligent Controls (ISCSIC), Budapest, Hungary, pp. 152-157, 2017. doi: 10.1109/ISCSIC.2017.43.
[24] V. A. Vasudevan, M. Tayyab, G. P. Koudouridis, X. Gelabert, and I. Politis, “An Integrated Approach for Energy Efficient Handover and Key Distribution Protocol for Secure NC-enabled Small Cells”, Computer Networks, vol.206, 2022. https://doi.org/10.1016/j.comnet.2022.108806.
[25] W. Saad, M. Bennis and M. Chen, “A Vision of 6G Wireless Systems: Applications, Trends, Technologies, and Open Research Problems”, in IEEE Network, vol. 34, no. 3, pp. 134-142, May/June 2020, doi: 10.1109/MNET.001.1900287.