Security Analysis On Wireless Access Network In 4G LTE System

Due to the advantages of high data transmission rate,low access delay,flexible broadband operation,increased capacity and coverage,LTE has become the designated technology of the fourth generation broadband wireless mobile network.The great changes in the structure of LTE wireless access network meet the requirements of high-rate communication,but it also brings new security risks.How to prevent the communication content between the terminal and the base station from being eavesdropped and tampered with,and how the communication process is not controlled and induced,all need to be studied.Based on the analyses of the current security mechanism of wireless access network in LTE system and the working principle and intrusion strategy of mature 2G/3G virtual base station,this paper studies the security loopholes in the actual operation of LTE system,and carries on the experimental verification in the public network environment.F inally,the effective security suggestions are given.The main work of this paper is as follows:(1)On the basis of summarizing the security prevention mechanism of 2G GSM and 3G WCDMA,the LTE EPS-AKA mechanism and security risk are analyzed,and the network detection approach of virtual base station based on Uu interface is proposed.This method has the characteristics of low dependence on environment and strong engineering practicability.(2)Three key signaling processes: cell search,random access and paging control of LTE mobile phone terminal are analyzed to find the loopholes in the TAU process of LTE.On this basis,this paper studies the intrusion strategy and implementation methods from four aspects: mobile phone terminal identity detection,mobile phone terminal direction finding and positioning,key mobile phone communication positive interruption and strobe,and specific mobile phone terminal redirection.And in-depth analyses of the harmfulness of various intrusion strategies are also studied.(3)The overall design scheme of LTE network detection system is established,and the transmission and reception design of baseband signal is discussed in detail.The implementation principle of V-BTS hardware system is described,and the design scheme of core signal processing platform based on FPGA+DSP+AD9361 is also analyzed.Finally,the design scheme and implementation of LTE V-BTS management and control software are introduced from three aspects: software module composition,system workflow and so ftware module interface design.(4)The basic workflow of the existing LTE TDD/FDD dual-mode virtual base station system and the configuration method of the virtual base station are analyzed.Further,setting 4G public mobile communication network as the experimental environment,V-BTS is disguised into the public network,and four aspects of experimental verification are achieved: detection of mobile phone terminal IMSI identity,mobile phone terminal power measurement and positioning,key mobile phone terminal communication blocking or strobe test,mobile phone terminal service network redirection.The results show that the four intrusion detection methods can conform to the desired design purpose,and the security threats faced by LTE wireless access net work are clear.Finally,the paper puts forward some suggestions on the security of LTE wireless access network from four aspects: perfecting the cooperative detection of LTE base station,optimizing the TAU design of LTE,comprehensively implementing Vo LT E and standardizing the use of V-BTS equipment.