Research On LTE System Control Plane Security Analysis Technolog

With the vigorous development of mobile communication technology,the Long Term Evolution(LTE)system not only brings high-speed and low-latency high-quality mobile network service experience to people,but also plays an important role in the field of public basic communication and information construction in my country.Due to the wide coverage of services and the large base of user groups,the security of the LTE system is very important.Compared with the third-generation mobile network communication system,the LTE system adopts the strategy of separating the user plane and the control plane.The control plane,as the protocol specification of control signaling in the LTE system,is mainly responsible for coordinating the transmission and transmission of signaling and control signaling.The processing plays an important role in the entire LTE system,so it is particularly necessary to analyze the security of the LTE system control plane protocol stack.based on the in-depth study of the LTE system architecture and security architecture.Based on the in-depth study of the LTE system architecture and security architecture,this paper analyzes the important signaling processes and security vulnerabilities of the LTE system control plane,and points out that there may be security vulnerabilities in the LTE system terminal access process and tracking area update process.On this basis,the LTE system control plane vulnerabilities are divided into privacy vulnerabilities and usability vulnerabilities,and a security analysis method for the privacy vulnerabilities and usability vulnerabilities of LTE system control plane is proposed.The main work of this paper is as follows:(1)This paper proposes three security analysis methods for LTE system control plane privacy vulnerability.Aiming at the vulnerability of website fingerprint theft caused by unencrypted downlink control information,an analysis method of website fingerprint theft vulnerability based on DTW algorithm is proposed,which has the characteristics of low implementation cost and simple operation.Aiming at the International Mobile Subscriber Identification(IMSI)sniffing vulnerability caused by initial attach signaling,an IMSI sniffing vulnerability analysis method based on the Tracking Area Updating(TAU)process is proposed,which verifies that the vulnerability can be easily exploited.Get the user’s IMSI information.Aiming at the location information acquisition vulnerability caused by unprotected UE Information Request signaling and UE Information Response signaling,a fine-grained location information acquisition vulnerability analysis method based on "three-point positioning" is proposed.Based on the vulnerability of coarse-grained location information disclosure,the user’s precise geographic location information can be obtained.Finally,combined with the privacy vulnerability-oriented security analysis method,the results of privacy vulnerability analysis are obtained,and the security protection mechanism of privacy vulnerability in the control plane of LTE system is given.(2)This paper proposes three security analysis methods for LTE system control plane availability vulnerability.Aiming at the e Node B resource consumption vulnerability in the authentication process,an analysis method of e Node B resource consumption vulnerability based on two-way authentication is proposed.Aiming at the service degradation and service denial vulnerabilities caused by unprotected TAU Reject signaling,a service degradation vulnerability analysis method and service denial vulnerability analysis method based on the TAU process are proposed,and the analysis and verification of the above two vulnerabilities are feasible.The results show that,without knowing the user authentication key,the above two vulnerabilities can be used to perform service degradation or service denial attacks against all UEs(User Equipment)within the coverage of the e Node B,which has long-term characteristics.Finally,combined with the availability vulnerability-oriented security analysis method,and the results of the availability vulnerability analysis are obtained,the security protection mechanism for the availability vulnerability of the LTE system control plane is given.(3)Based on the above method,a software radio-based LTE system control plane security analysis system is designed and implemented.The system can intuitively display the real-time status of each network element equipment,provide an integrated operation platform,and can more accurately detect the privacy and availability vulnerabilities of the LTE system control plane,which can easily and efficiently analyzed for the security of the LTE system control plane.