Vulnerability Analysis And Technical Research Of LTE Random Access Process

With the advancement of new infrastructure construction,the wireless mobile communication network represented by the fifth-generation mobile communication(5G)technology will play a more important role in all aspects of society and the security problem of mobile communication should be paid enough attention.Most of the current research on wireless mobile communication security focuses on the confidentiality and non-repudiation of information,but relatively few studies on the availability of wireless communication services.However,with the deep integration of industrial and cellular communications,the impact of availability will be more extensive.Research on the vulnerability of physical layer services of wireless communication is beneficial to recognize potential attack methods,and can provide reference for the security standard design of wireless mobile communication network.A common form of physical layer denial of service attack is to consume the radio service resources of the base station by sending legitimate signaling requests,users will not be served under this attack.This thesis mainly studies the service vulnerability in the random access process of the physical layer.The main research work is as follows:1.Security threats in random access standards are studied.On the basis of investigating the basic architecture and signaling process of the current major wireless communication networks,the standard and protocol in the random access process are analyzed emphatically.Based on the resource competition characteristics of the access process and the technical reality that the base station cannot authenticate the User Equipment(UE)in the physical layer,It is pointed out that there are two vulnerabilities in the LTE physical layer random access process in terms of service availability,and it is demonstrated that there are similar security threats in the 5G network access process.2.A vulnerability verification system based on random access is designed and implemented.A scheme of denial of service attack by forging LTE random access signaling is proposed.Based on this scheme,a vulnerability verification system based on LTE random access process is designed and implemented,which includes three network elements:semi-physical simulation base station,legitimate users and attackers.The attack side of the system can capture and decode the broadcast signal of the target base station based on software radio technology to obtain base station parameters,complete downlink synchronization,and forge the random access preamble sequence for the target base station in strict accordance with the relevant standards and base station parameters.The preamble sequence is mapped to a timedomain signal at a specified location and sent through a software-defined radio to complete the attack process.The attack side is scheduled based on multi-threading technology as a whole,and multiple software radio devices are used to send and receive at the same time,which greatly increases the attack efficiency.3.Analyzed validation results and proposed solutions.The functional and data plane tests of the vulnerability verification system are carried out in a hardware-in-the-loop simulation environment.After verifying the functional effectiveness of the system,in order to further evaluate the harm of random access vulnerability,the data plane test was carried out through multiple experiments,and the number of signaling needed to be sent by the base station to deny service per unit time was obtained.Some currently feasible precautionary suggestions and possible solutions to ensure the access security of the physical layer of wireless communication are put forward so as to effectively strengthen the security of wireless communication network.