Human-centric Computing and Information Sciences volume 11, Article number: 03 (2021)
Cite this article 11 Accesses
https://doi.org/10.22967/HCIS.2021.11.003
With the advancement of information and communication technologies, fifth-generation (5G) has become an emerging communication medium to support higher speed, lower latency, and massive connectivity to various devices by leveraging the evolution of 4G with the addition of new radio technology, service-based architecture, and cloud infrastructure. Nonetheless, the introduction of new technologies and advanced features in 5G communications gives rise to new security requirements and challenges. This paper presents a comprehensive survey of various threats and solutions toward ensuring 5G security and privacy. The recent development and existing schemes of 5G wireless security are offered based on the corresponding security services, including authentication, availability, data confidentiality, integrity, and non-repudiation. We will also discuss the different emerging technologies applied to 5G, such as Blockchain, software defined networking, artificial intelligence, cyber-physical system, mobile edge computing, device-to-device (D2D) communication, and Industry 4.0. Inspired by these security research and development activities in the emerging technologies, we present various applications and services of 5G considering the security requirements and solutions. The challenges and future directions of 5G wireless security are finally summarized.
The fifth-generation (5G) wireless is the recent cellular technology to increase the speed and responsiveness of 5G wireless networks for communication [1]. With the continuous advancement of new technologies, 5G wireless networks are giving high data rates and low latency with maximum coverage areas for improving communication globally. It will be deployed in stages over the next several years to accommodate the increasing reliance on mobile and Internet-enabled devices. The 5G will provide ultra-reliable, affordable broadband access at anyplace to a lot of smart devices for Internet-oriented infrastructure such as cyber-physical system (CPS) [2] and Internet of Things (IoT) [3, 4]. The 5G network is not a new network concept because it is the advancement of the 4G networks.
With the integration of new disruptive methodologies to meet the ever-growing demands of user traffic and emerging services, IoT devices are known as 5G technology [5]. With all these requirements, 5G provides various types of communication such as machine-to-machine (M2M), human-to-machine (H2M), device-to-device (D2D), and others. Security is the main task for 5G wireless networks for communication from one person to another.
When the concept of security is integrated with 5G technologies, then it has basic needs for 5G networks and related protocols. The extension of 2G, 3G, and 4G networks is known as 5G networks. The 2G, 3G, and 4G networks have various issues such as low latency and bandwidth, limited resources, limited coverage areas, security, and privacy. Thus, 5G networks are utilized for communication because it has new architecture and new services for security purposes [6, 7]. Still, some security mechanism requires a little bit of modification for improving security for the communication of networks. The OpenAirInterface (OAI) platform [8] is utilized in the latest communication network such as 5G, providing improved security protocols and methods [9].
In the last few years, telecommunication has used various networks such as 2G, 3G, and 4G for security and provided proper functionality for applications such as billing systems, and many schemes were adopted. The encryption of communication data is used for security purposes for communication [10]. The two-way authentication scheme is utilized in 3G networks to decrease the connection generation with a base station [11, [12]]. Advanced cryptographic protocols are being used in the 4G network for user authentication. It provides security and privacy against physical attacks such as the physical tampering of base stations.
The 5G security for communication, has three parts in the 5G networks: (1) all security threats and requirements related to 2G, 3G, and 4G networks are applicable in 5G networks; (2) due to the increasing number of IoT devices, users, network services, and requirements, 5G will also have some open challenges such as security and privacy, network slices, security standardization, and device layer security; (3) 5G introduces various network utilizations of new technologies such as software-defined networks (SDN), network function virtualization (NFV), and network slices (NS) and poses new challenges related to security and privacy [13].
This paper will discuss the core technologies and services for 5G security with various taxonomies. It will describe multiple attacks generated in the 5G network and will also give solutions. The convergence of new technologies such as Blockchain, SDN, artificial intelligence (AI), CPS, mobile edge computing (MEC), D2D communication, Tactile Internet, and Industry 4.0 with 5G networks are studied in this paper [[14], [15]]. The application and services are described in relation to 5G networks. Open research challenges are also discussed in the last part of this paper. The primary goal of our survey is the study of core technologies and services for 5G security and integration of various smart applications such as smart grid, smart drones, big data analysis, automotive driving, and IoT into 5G security. The contribution of our study in relation to the existing survey is shown in Table 1.
The main contributions of our research are as follows:
• We study various technological aspects regarding 5G security.
• We describe in detailed tabular form the summary of various security threats in the 5G networks.
• We provide the existing solution for the security threats above in the 5G networks.
• We discuss the convergence of new technologies and paradigms such as Blockchain, SDN, AI, CPS, MEC, D2D communication, Tactile Internet, and Industry 4.0 for 5G Security in the networks.
• Finally, we will summarize and discuss the new applications and services and open research challenges for 5G security.
Many researchers have studied and discussed the open research issues for 5G security with core technologies and services. Kitanov et al. [16] mentioned an overview survey of 5G and fog computing technologies. The impact of mobile devices using the 5G network gives rise to several key challenges. With fog privacy and security threats, they also proposed security solutions using NFV as well as a hybrid environment service orchestrator, along with resilient, reliable cloud computing for cloud computing. Gandotra and Jha [17] presented an intensive survey on various energy-efficient scenarios for green communication in 5G networks including D2D communication, spectrum sharing, ultra-dense network (UDN), massive MIMO, millimeter-wave network, and IoT. A three-layer architecture was proposed for improving battery life by using relays rather than the direct transmission of information, all while providing the security umbrella for 5G networks by resisting intrusion as the density of base stations and user equipment (UE) is being controlled and supervised constantly. Thus, an increase in power consumption means that an intruder is authenticated to the network, where this approach makes it easy to detect intruders and eliminate them from the 5G network. A survey on secure power optimization has been deployed as well, and possible attacks within the small cell access points for the 5G scenario were also proposed. Ahmed et al. [18] presented an overview of the 5G security challenges and solutions. Security threats impacting 5G networks are discussed along with specific problems that affect mobile clouds, SDN and NFV, user privacy, and communication channels. The paper suggests potential security solutions such as artificial intelligence and context awareness supporting SDN and NFV to secure 5G network technologies. The survey notes that IoT gives rise to more security issues, especially in terms of a user’s privacy in 5G networks. Zhang et al. [19] identified various security issues from several perspectives, such as existing 4G networks, requirements from new architectures, and challenges. They provide potential solutions for 5G security and privacy from various situations with security architecture, cloud environment, new core networks, and radio technologies, which are all discussed in detail. Several open challenges with future direction are also being debated on. Singh et al. [20] proposed a machine learning-based network subslicing framework in a sustainable 5G environment for the optimum performance of device application with the help of various network slice resources in a sustainable 5G environment and addressed network load balancing issues. They used four key considerations: latency, load balancing, heterogeneity, and power efficiency. Nonetheless they did not provide services and applications for network subslicing in the 5G network.
Table 1. Contribution of our study in relation to the existing survey
Research work | Year | Security issues | Solutions | Technological aspects | Services and applications |
---|---|---|---|---|---|
Kitanov al.[16] | 2016 | Yes | No | No | Yes |
Gandotra and Jha [17] | 2017 | No | Yes | Yes | No |
Ahmad et al. [18] | 2018 | No | No | No | No |
Zhang et al. [19] | 2019 | Yes | No | No | Yes |
Singh et al. [20] | 2020 | Yes | Yes | No | No |
Our study | 2020 | Yes | Yes | Yes | Yes |
In this section, we discuss the contribution of the existing surveys on core technologies and services for 5G security. The 5G, also known as the fifth generation of mobile technologies, is expected to bring about major changes in mobility and growth of IoT. Consisting of software-defined network and network slices, 5G will allow dynamic programming to provide different applications for separate layers over the network. According to the existing researchers who were mentioned, 5G realizes latency, scalability, availability, reliability, ubiquitous mobility, and fog computing, which are needed for critical massive IoT applications [21–24]. The categorization by 5G security is shown in Fig. 1 such as availability, authentication, non-repudiation, integrity, and confidentiality.
Availability: The 5G network-based radio access benefits from the resources from the cloud layer, which helps in building a cost-effective infrastructure. Still, there are security concerns such as attacks that disrupt the continued availability of network resources. Attacks such as Denial of Service disrupt network slice operations and exhaust both logical resources at the fog layer and physical resources at the cloud level. Jamming attacks degrade radio access resources, resulting in users being unable to access cellular services [25]. Attacks on 5G resources such as control plane, support system, and radio resources impact network are known as availability.
Authentication: Authentication is the fundamental concept of 5G security for verifying the identity of users in the network. Several techniques are used for authenticating the information in the 5G network. It has two parts: primary authentication and secondary authentication. Primary authentication provides device and network mutual authentication in both 4G and 5G networks [26]. Nonetheless, primary authentication in 5G has various challenges—such as control of knowledge—and call of device authentication is not adequately provided. 5G-AKA and extensible authentication protocols are used for mitigating these issues. Primary authentication works on non-3GPP technologies. Secondary authentication is utilized for outside mobile operator domain, and it works on 3GPP. EAP-based associated methods are applicable for secondary authentication.
Non-repudiation: Repudiation is the D2D communication that ensures that the users acknowledge the transmission or reception of messages among themselves. Authentication by itself cannot prevent the deniability of users. Nonetheless, authentication is essential to achieve non-repudiation as identification of different users or UE is vital to establish secure data transmission. According to non-repudiation, it ensures that the transferred data has been delivered and received by the parties claiming to have sent and accepted the data in 5G networks.
Integrity: The 5G communication network has a security method between IoT devices and next-generation node B (gNB) such as user plan integrity protection. It follows the property of encryption as a feature in IoT devices and gNB. Integrity protection is the resource-demanding feature wherein all IoT devices have constraints, so it cannot be supported at a maximum data rate. Thus, the 5G network system provides some protocols for integrity protection.
Confidentiality: Confidentiality is a property of security. It means ensuring that the sender message is only readable by the proposed destination in the 5G networks. The MeNB (master base node) derives and sends the key to be used by the SgNB (secondary next-generation base node) prior to secured communication over NR; the UE also derives the same key [27]. Unlike dual connectivity in 4G networks, radio resource control (RRC) messages can be exchanged between the UE and SgNB; thus, keys being used for integrity and confidentiality protection of RRC messages, including user plane (UP) data, are all derived. Although integrity protection for UP data is supported in the 5G networks, it will not be used in the EN-DC case. The use of confidentiality protection is optional for both UP and RRC.
In this subsection, we will discuss the summary of various security threats in 5G networks as shown in Table 2. It is categorized into various security threats with many fields such as Blockchain, SDN, AI, CPS, MEC, D2D communication, Tactile Internet, and Industry 4.0.
Table 2. Summary of various security threats in 5G
Security attack | Centralized Server | Technological impact | Privacy | Security threata) | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Wireless | MEC | SDN | Block-chain | Tactile Internet | Industry 4.0 | D2D | CPS | Cloud | UDN | ||||
HX-DoS attack | Cyber-physical cloud | No | No | No | No | No | No | No | Yes | Yes | No | No | 1 |
SIPDAS attack | Cyber-physical cloud | No | No | No | No | No | No | No | Yes | Yes | No | Yes | 1 |
Byzantine generals attack | Distributed computing | No | No | No | Yes | No | No | No | No | No | Yes | Yes | 4 |
Jamming attacks | Radio interface | Yes | Yes | No | No | No | No | No | No | No | No | No | 1 |
Spoofing attacks | Physical layer | Yes | No | No | No | No | No | No | No | No | No | Yes | 2,3,4,5 |
Rogue base stations | Centralized control element | No | Yes | No | No | No | No | Yes | No | No | No | Yes | 2,5 |
MITM attack | User equipment | No | Yes | Yes | No | Yes | No | No | No | No | No | No | 5 |
DoS attack | Cloud | No | Yes | Yes | No | Yes | Yes | No | No | No | No | No | 1,4 |
Eavesdropping | Fog computing | No | No | No | No | Yes | No | No | No | No | No | No | 4,5 |
Tampering attack | Fog and cloud computing | No | No | No | No | Yes | Yes | No | No | No | No | No | 4,5 |
Smart attack | Centralized control element | No | Yes | No | No | No | No | No | No | No | No | No | 1,2,3,4,5 |
Privacy leakage | User equipment | No | Yes | No | No | No | No | No | No | No | No | No | 5 |
Hijacking attack | SDN controller | No | Yes | Yes | No | No | No | No | No | No | No | No | 1 |
Side-channel attack | Network slices | Yes | No | Yes | No | No | No | No | No | No | No | No | 1,4,5 |
In this subsection, we provide the existing solutions in 5G networks for the aforesaid attacks, and they are summarized in detailed tabular form in Table 3, which also has various categories such as target component, technological impact, and privacy. The technological impact is also subcategorized, such as Blockchain, AI, cryptography, cloud, CPS, MEC, and others.
Table 3. Summary of existing security solutions in 5G
Security solution | Target component | Technological impact | Privacy | |||||||
---|---|---|---|---|---|---|---|---|---|---|
MEC | Blockchain | AI | SDN | NFV | CPS | Cloud | Cryptography | |||
ENDER | Centralized server | No | No | No | No | No | Yes | Yes | No | Yes |
SIPDAS attack simulator | Physical cloud | No | No | No | No | No | Yes | Yes | No | No |
APG-BFT algorithm | Centralized server | No | Yes | No | No | No | No | No | No | Yes |
Deep learning framework | Wireless Android-based devices | No | No | Yes | No | No | No | No | No | No |
Machine learning-based algorithm | Physical layer authentication | No | No | Yes | No | No | No | No | No | Yes |
Elliptic-ElGamal-based authentication scheme | Secret key-based authentication | No | No | No | No | No | No | No | Yes | Yes |
SDN-guard | Centralized server | No | No | No | Yes | Yes | No | Yes | No | Yes |
Blood filter method | Fog layer | No | No | No | Yes | Yes | No | No | No | Yes |
NFV method | Edge computing | No | No | No | Yes | Yes | No | Yes | No | Yes |
SDN-5G | Centralized server | No | No | No | Yes | No | No | No | Yes | Yes |
Deep Q-network learning | Edge server | Yes | No | No | No | No | No | No | No | Yes |
SDN-SC | Core network | No | No | Yes | Yes | No | No | No | No | No |
In this section, we will describe various new technologies used in 5G. We primarily classified these technologies into various categories. Therefore, we will be discussing the categories of technological aspects and emerging technology in 5G security, which are shown in Fig. 2.
Blockchain refers to the disruptive and transformational technologies for 5G security to authenticate, validate transactions, record information, and manage the identification among various parties in a decentralized, secure manner [54, 55]. It is considered the big revolution for future communication technologies in 5G. As a peer-to-peer, decentralized database platform for storing blocks of transaction data linked together in chains, blockchain has various properties such as decentralizing, distributing, and others in order to provide security in the 5G network. It is used in many applications such as smart healthcare, smart banking, supply chain management, and driverless vehicles because it is a decentralizing and distributing technology [56]. The combination of 5G and blockchain technology has high potential to unleash a surge of economic value to share the data. The power of 5G coverage through blockchain technology has reduced latency, high speeds, and capacity, enabling IoT devices to be used widely. Simultaneously, these devices can leverage the security, decentralization, immutability, and consensus arbitration of blockchain technology as a foundation layer. Blockchain can provide consensus and protection while majority of IoT transactions and contracts occur on the network layer with the opportunity to settle payment channels and transaction disputes on a chain. 5G will directly assist blockchain technology by increasing node participation and decentralization as well as allowing for shorter block times, driving forward on-chain scalability, and providing support to the IoT economy in 5G.
Blockchain allows various parties to share, transfer, and access the data securely. A distributed ledger in blockchain has the required information that is transferred to all parties. Therefore, blockchain technology provides more security features in the 5G network. In a transportation application, blockchain offers a secure data accessibility mechanism wherein a passenger’s payment record data can be accessed by various relevant bus transport parties in the system. Centralization and scalability are also a significant issue in the IoT applications in the 5G network. In that case, blockchain-based approaches offer decentralized security and privacy mechanism for various IoT applications in 5G. The taxonomy for applications with 5G networks is shown in Fig. 3.
Blockchain provides a fast security authentication scheme for solving the APG trusted generation and security, and it can efficiently access the user equipment in the UDN environment for 5G. According to blockchain technology, various UDN systems generate consortium blockchain and user equipment access to the APG, which is the combination of different APs. Local service center (LSC) manages the APs clusters. That being said, UE performs secure and reliable access in the 5G environment with Blockchain technology.
The CPS is a very crucial smart system for 5G securities because it is the combination of the physical and cyber worlds, interacting with the physical and computational components in 5G. CPS technology is the security approach that ensures consistent protection of the entire cyber-physical ecosystem. Sensors and actuators are often battery-powered, with modest resources that preclude implementing computationally intensive security algorithms [57]. It interacts with the physical world as a process and communicates information from one place to another between distributed elements in a cloud environment with 5G [58]. It achieves the virtualization of network slices using cyber-physical clouds. This cloud is using various types of sensors and actuators. These virtualized network components provide cloud services in 5G. Existing research has many challenges, such as communication latency, more resource requirement, accuracy, and others in 5G. To mitigate these challenges, we can use open-source solution MANO that is utilized by many industrial organizations to promote the flexibility of 5G for CPS. As a combination of hypervisor and container-based virtualization technologies, it has low resource requirements, low latency, and flexibility in the 5G network. For achieving secure CPS operations in 5G, it gives the security and industrial requirements in 5G such as lightweight and secure processing (authentication, encryption, integrity).
Vulnerable CPS devices in a dynamic network topology require security visibility-related collection of log data regarding 5G networks. CPS security in 5G needs not only confidentiality, integrity, and availability; it must also ensure the veracity of sensors’ observations and maintain a plausible system state at any time. HTTP and XML DoS (HX-DoS) attack is related to cloud-based CPS. In this attack, HTTP and XML DoS messages are forwarded to the cloud by the attacker in the 5G environment [59]. To mitigate this attack, Ahmad et al. [41] proposed ENDER methods in a cloud-enabled CPS environment. It has two decision theory methods to detect attack traffic on the cloud and uses a technique similar to a traditional intrusion detection system. It is then able to identify and mark an attack message. When detecting the HX-DoS or SIPDAS attack messages, the 1-bit mark is added to the message. Reconstruct and Drop RAD algorithms are used for removing such type of messages in the system
AI is one of the most essential technologies for 5G security in order to manage a system that can identify anomalies and predict future scenarios. Algorithms such as machine learning and deep learning enable 5G networks to be both predictive and proactive in providing efficient and reliable services. AI-based algorithms help realize the diverse requirements of the 5G technology to perform in an automated, pre-programmed manner to fulfill the expected standards of the higher quality of experience (QoE). The integration of AI for 5G security helps in predicting and forecasting degradation in the performance of the network by monitoring traffic at the SDN-enabled switches. Various fraudulent activities such as MITM attacks, radio jamming attacks, and other malicious activities can be traced and identified by learning the historical flow pattern and analyzing the current traffic to prevent similar attacks in the future. The summary of emerging technology for 5G securities is shown in Table 4.
Table 4. Summary of emerging technology for 5G security
Technology | Description | Technological aspects | Impact | Ref. |
---|---|---|---|---|
Blockchain | It provides more security features in the 5G network with the decentralized and distributed method. | Decentralization, UDN | Provide authenticated communication between APs. | [54, 55, 69] |
CPS | It gives the security approach for accessing secure cloud services on the cloud network in 5G. | Cloud-based CPS threats and solution such as ENDER | Secure SaaS, PaaS, IaaS services to the cloud. | [67, 68] |
AI | It enables 5G networks to be both predictive and proactive against security attacks. | Using AI, 5G technology provides higher Quality of Experience as it performs in an automated manner. | Provides security to 5G networks via secure authentication and ensuring data confidentiality. | [44, 45, 60–62] |
D2D communication | It facilitates communication between devices directly without the requirement of a Base station or cellular network. | Devices exchange data with one another without routing it to any 5G network infrastructure. | D2D communication improves the 5G network performance improving spectral efficiency, network delay, and cellular coverage. | [63–66] |
Tactile Internet | It will empower a lower latency for the 5G network communication system. | In order to reduce the latency use nonorthogonal multiple access (NOMA) based applications specific layer architecture and networking slicing | This technology in 5G achieves high bandwidth, low latency end to end security, and availability. | [70–72] |
Industry 4.0 | It refers to the industrial revolution technology, which focuses on the automation interconnectivity and real data time. | Connects the cyber world with the real world through CPS | Has the potential to expand and strengthen the competitiveness of companies in order to increase the flexibility, efficiency of production. | [73] |
MEC | Provides computing, storage, and networking resources within the edge of the mobile RAN | Allow applications to run closer to the end-user, reduce latency, and facilitate the emergence of novel applications such as Tactile Internet. | Empowering the network edge, optimizing mobile resources, pre-processing of large data and providing context- aware services. | [74] |
SDN | Centralize the network control platforms and enables programmability in communication networks | Facilitates quick threat identification, support highly reactive and proactive security monitoring | Network security protocols can be deployed across the network due to global network visibility. | [75-78] |
Post-Quantum cipher | Secure 5G network against Quantum attacks and Quantum-based cryptography. | Secure key distribution system between network users. | Prone against future Quantum attacks. | [79-82] |
Quantum computers can solve complex mathematical problems exponentially faster than the current computers. Nowadays, Quantum computers and Quantum-related information technology are being developed at a fast rate, which threaten the classic public key cryptography used to secure 5G network communication. To this end, securing the network against any possible Quantum attack is critical before moving to the next network generation. To secure 5G network against Quantum attacks, using post-Quantum cyphers is mandatory. Lattice-based cryptography is one of the possible and feasible solutions. The first application of Lattice systems in cryptography was proposed by Ajtai [79], where they used a random lattice picked based on a specific distribution explained in their proposal as a random key. Lattice-based cryptography is used in numerous applications as it is theoretically proven to be strong against Quantum attacks. One of the main lattice-based cryptosystem schemes is NTRU (Nth degree truncated polynomial ring units), which is used for not only encryption but also signature formulation [80]. The security of NTRU is based on solving the shortest vector problem and was adopted in IEEE Standard 1363.1. As another feasible solution that is strong against Quantum attacks, Quantum key distribution (QKD) is based on using individual photons to exchange cryptographic data between users [81]. SK Telecom has been using QKD schemes since 2016 to secure LTE backhaul network between Sejong and Daejeon in South Korea with over 350,000 subscribers [82]. In 2018, SK Telecom applied the first Quantum cryptographic solution to 5G networks. Post-Quantum ciphers are critical to 5G networks and beyond as the threat of Quantum attack will arise by the time.
In this section, we will discuss the applications and services of 5G securities and also provide the open research challenges for 5G securities in the network. The applications and services of 5G security are shown in Fig. 4.
Healthcare: It is the most prominent application in the 5G network. Blockchain technology wields high impact on the decentralized methodology of computation. In the healthcare domain, the secure transfer of the patient’s health information is the main requirement to provide intelligent services regarding 5G security because it is susceptible to data leak [83]. For this requirement, Blockchain technology provides a secure data accessibility mechanism wherein patients’ health data can be easily accessed by various doctors in the healthcare system [84]. Blockchain technology has also provided the storage capacity for patient's and doctor's data in the healthcare system and used a centralized security system [85, 86].
Big data analytics: 5G network in big data application plays an essential role within the network computing and storage. While using the core features of 5G networks, radio access network, and core network segments, big data can transport large volumes of structured and unstructured data to the data centers effectively. Another benefit of big data in 5G is faster and real-time anomaly detection systems from a large volume of data collected from connected devices. Parwez et al. [87] proposed a user activity analysis and user anomaly detection system in 5G wireless networks. With the k-means and hierarchical clustering along with big data call records, malicious activity in the network can be identified.
Internet of Things: IoT devices produce large volumes of data every day and require the efficient transmission of data and large amounts of bandwidth, which 4G-based networks have struggled to provide. 5G networks offer increased capacity in bandwidth, reduced latency, and improved data rate as required by IoT devices. The next evolution in network technology has the technological ability to use network slicing and fog computing to fulfill the requirements for future complex IoT architectures. Security is still a significant concern for secured authentication and preservation of data confidentiality for 5G data transmission with IoT devices. Ni et al. [88] proposed an efficient, reliable framework for authentication and privacy. The slice selection mechanism is focused on maintaining the confidentiality of users who are accessing services on network slices. The key-based agreement ensures secured authentication and integrity of users. The framework retains data service confidentiality wherein users can anonymously authenticate with IoT servers and securely access data cached on the fog layer.
Automotive driving: Automotive driving in the context of 5G network is being discussed as fully automated vehicle steering and plotting as the new steps in terms of mobility. For the autonomous reduction of traffic jams and accidents, sustainable and considerable reduction can be performed. The time required to avoid a collision in the current safety application is below 10 milliseconds. Therefore, latency is required in case of bidirectional data exchange for automatic driving, where it is technically accomplished by Tactile Internet, at the same time providing high availability and reliability [89, 90].
Smart grid: It is part of Industrial 4.0, which uses the CPS in 5G technology that will allow individualized solutions, flexibility, and cost-saving in the industrial process. To create effective communication in the smart grid, security concerns are addressed before being deployed to any energy-efficient system [91, 92]. Digital signature, timestamping, and Blockchain-based access control technological methods are utilized for 5G security characteristics, such as non-repudiation and integrity, and availability in smart grid applications.
Smart drones: 5G can efficiently accelerate the deployment of unmanned aerial vehicles (UAV) base stations knows as drones base stations, especially with the usage of millimeter-wave and massive number of connections. The previous radio frequency spectrum was below 6 GHz and was not capable of supporting smart drones; with the usage of a large spectrum between 28 and 95 GHz, 5G can enable effective communication between drones and ground users as it will enhance wireless mobile broadband with low latency and high connection density. Moreover, the energy efficiency of 5G is a complementary feature that can extend drones’ operation time [93]. Nonetheless, the adoption of smart drones exposes the network to several security threats; specifically, drones could be used to launch physical attacks on a smart city. In this case, network slicing and virtualization could be used to mitigate the latter security challenge [94, 95]. Tag Key Encapsulation Mechanism (eCLSC-THEM), and certificateless signcryption technological functions are used for 5G security characteristics such as non-repudiation and integrity in smart drones application.
This paper has presented various vulnerabilities and security measures to prevent and overcome challenges in 5G networks. Technologies such as radio access and virtualization technologies such as NFV and SDN are protected by using AI and Blockchain. Nonetheless, there are still some open security issues in 5G systems such as data integrity in SDN devices, slice isolation in network slices, and securing NFV interface tools. The vulnerabilities are as follows:
SDN security: AI-based algorithms will protect against abnormal network traffic and help optimize the performance of the network. Nonetheless, several controllers and switches are deployed in the 5G network, which requires security for the flow tables to ensure smoother operations in the system [96]. Blockchain technology provides data integrity in devices and ensures that other blocks verify any new data added to the network. Data modified at SDN switches will require them to be verified by other controllers as the planned flow rules are implemented at both controllers and switches [97, 98]. Another critical issue in implementing AI-based algorithms for securing SDN is the availability of labeled data. Data labeling is essential for AI based on the accurate detection of anomalous traffic in real time. High costs and time limitations remain a challenge in implementing a real-time detection model using AI to secure SDN.
Network slices: The 5G introduces a new multi-tenant-based network slice feature that improves load balancing in the network. Security concerns such as DDoS based cyber-attacks that were discussed in recent research address many overloading issues. Still, a single successful attack on a network slice can be used to disable other network slices as these are separate logical networks. Furthermore, an attack on a single slice may also be used to disable physical resources at the core network [99]. Network isolation is needed between network slices and physical resources. Access and security control methods using machine learning and cryptographic-based solutions can protect other logical slices, provide data confidentiality, and maintain scalability of the network [100–102]. Practical implementation of SDN in network slicing remains a challenge in network slicing due to the lack of a centralized security policy for different slices, which support varying services with separate security and privacy policies. For example, a single slice’s security policy requiring additional computational resources affects resource allocation for other network slices.
Network function virtualization: The NFV interface consists of many virtual tools such as hypervisors, virtual machines, and network functions that need security. A compromise of any single tool by attacks such as cyber and physical attacks hampers the performance of the system. Intrusion detection systems and firewalls can protect the network from cyber-attacks, whereas trusted computing can protect hypervisors from physical attacks [103]. Trusted computing ensures data privacy and identification of malicious software in the virtual functions, assuring accountability that only trusted software is operating on it. Hypervisor security is essential as virtual machines run on top of it; disabling the hypervisor results in the degradation of the entire network's performance [104, 105].
Security standardization: Many security standard groups are used in 5G securities, such as 3GPP, 5G PPP, ITU-T, NVF, ETSI, ANSI, and others, for resolving various security issues [106]. These standard groups provide technical specifications, defining security protocols and M2M security specifications and detecting and preventing security attacks along with others for 5G networks. Nonetheless, these are not sufficient for the requirement to make large 5G networks efficient as well as more precise 5G security mechanisms such as confidentiality, authentication, integrity, and non-repudiation [107, 108]. Lack of security standards affects the proper implementation of MEC and gives rise to security issues such as user privacy protection and usage of devices. Thus, developing significant standards for 5G network security is a requirement.
Device layer security: As a very crucial part of the 5G networks, it used various spread spectrum techniques such as frequency hopping, sequence coding, encryption, and others for avoiding eavesdropping [109]. Many researchers provide solutions for device layer security in the 5G networks, but it is not sufficient because security in UAVs, millimeter-wave, D2D, and smart industries is not received. Today, the integration of the device layer and Industry 4.0 is being utilized globally [110, 111]. Thus, there is a need to develop the device layer security in the 5G networks. Most network devices in smart industries or base stations support the deployment of IoT devices for monitoring and gathering data for improved services. These sensor nodes work in a D2D environment where mutual sharing and data collaboration are essential for the optimized performance of 5G-supported real-time smart city applications. A general lack of computational power in many IoT devices impedes the implementation of effective security mechanisms.
Computation: With the recent advancement of technologies such as AI and neural networks, it does not quickly resolve the security issues for new applications due to resource constraints and limited computations [112, 113]. Thus, the 5G network needs new computation techniques for improving 5G safety in the networks, and it will be utilizing new computation methods for overall 5G networks because 5G networks are continuously used in various smart applications such as CPS, D2D, and Intelligent transportation system. A key area of challenge for CPS is the lack of sufficient concurrency models in computing, which affects the 5G network’s ability to provide real-time performance.
With the recent development and existing schemes for 5G wireless networks, we discussed various technological aspects and services for 5G security, such as availability, authentication, integrity, non-repudiation, and confidentiality in this study. We presented a high-level taxonomy of different security threats in 5G communication and provided existing solutions in detail in tabular form. We gave possible general motivations behind the convergence of different emerging technologies applied to 5G such as Blockchain, SDN, AI, CPS, MEC, D2D communication, Tactile Internet, and Industry 4.0 and paradigms for 5G securities in the networks. Furthermore, we also discussed new applications such as smart grid, smart drones, big data, automotive driving, smart healthcare, and IoT services for 5G security. Finally, we described open research challenges for 5G security in the networks.
In the future, we will utilize core technologies including Blockchain, CPS, MEC, AI, D2D, Tactile Internet, and Industry 4.0 and propose advanced architecture and framework for 5G security in smart city applications such as smart manufacturing, smart transportation, and smart healthcare.
Everyone in the author list has participated in the writing of this article, reviewed and revised the article reasonably. All authors read and approved the final manuscript.
This study was supported by the Advanced Research Project funded by the SeoulTech (Seoul National University of Science and Technology).
The authors declare that they have no competing interests.
Jin Ho Park1, Shailendra Rathore2, Sushil Kumar Singh2, Mikail Mohammed Salim2, Abir EL Azzaoui2, Tae Woo Kim2, Yi Pan3, and Jong Hyuk Park2,*, A Comprehensive Survey on Core Technologies and Services for 5G Security: Taxonomies, Issues, and Solutions, Article number: 11:03 (2021) Cite this article 11 Accesses
Download citationAnyone you share the following link with will be able to read this content:
Provided by the Springer Nature SharedIt content-sharing initiative