No Arabic abstract
Artificial intelligence (AI) will play an increasing role in cellular network deployment, configuration and management. This paper examines the security implications of AI-driven 6G radio access networks (RANs). While the expected timeline for 6G standardization is still several years out, pre-standardization efforts related to 6G security are already ongoing and will benefit from fundamental and experimental research. The Open RAN (O-RAN) describes an industry-driven open architecture and interfaces for building next generation RANs with AI control. Considering this architecture, we identify the critical threats to data driven network and physical layer elements, the corresponding countermeasures, and the research directions.
Increasing numbers of mobile computing devices, user-portable, or embedded in vehicles, cargo containers, or the physical space, need to be aware of their location in order to provide a wide range of commercial services. Most often, mobile devices obtain their own location with the help of Global Navigation Satellite Systems (GNSS), integrating, for example, a Global Positioning System (GPS) receiver. Nonetheless, an adversary can compromise location-aware applications by attacking the GNSS-based positioning: It can forge navigation messages and mislead the receiver into calculating a fake location. In this paper, we analyze this vulnerability and propose and evaluate the effectiveness of countermeasures. First, we consider replay attacks, which can be effective even in the presence of future cryptographic GNSS protection mechanisms. Then, we propose and analyze methods that allow GNSS receivers to detect the reception of signals generated by an adversary, and then reject fake locations calculated because of the attack. We consider three diverse defense mechanisms, all based on knowledge, in particular, own location, time, and Doppler shift, receivers can obtain prior to the onset of an attack. We find that inertial mechanisms that estimate location can be defeated relatively easy. This is equally true for the mechanism that relies on clock readings from off-the-shelf devices; as a result, highly stable clocks could be needed. On the other hand, our Doppler Shift Test can be effective without any specialized hardware, and it can be applied to existing devices.
Radio Access Networks (RAN) tends to be more distributed in the 5G and beyond, in order to provide low latency and flexible on-demanding services. In this paper, Blockchain-enabled Radio Access Networks (BE-RAN) is proposed as a novel decentralized RAN architecture to facilitate enhanced security and privacy on identification and authentication. It can offer user-centric identity management for User Equipment (UE) and RAN elements, and enable mutual authentication to all entities while enabling on-demand point-to-point communication with accountable billing service add-on on public network. Also, a potential operating model with thorough decentralization of RAN is envisioned. The paper also proposed a distributed privacy-preserving P2P communication approach, as one of the core use cases for future mobile networks, is presented as an essential complement to the existing core network-based security and privacy management. The results show that BE-RAN significantly improves communication and computation overheads compared to the existing communication authentication protocols.
This work provides the community with a timely comprehensive review of backdoor attacks and countermeasures on deep learning. According to the attackers capability and affected stage of the machine learning pipeline, the attack surfaces are recognized to be wide and then formalized into six categorizations: code poisoning, outsourcing, pretrained, data collection, collaborative learning and post-deployment. Accordingly, attacks under each categorization are combed. The countermeasures are categorized into four general classes: blind backdoor removal, offline backdoor inspection, online backdoor inspection, and post backdoor removal. Accordingly, we review countermeasures, and compare and analyze their advantages and disadvantages. We have also reviewed the flip side of backdoor attacks, which are explored for i) protecting intellectual property of deep learning models, ii) acting as a honeypot to catch adversarial example attacks, and iii) verifying data deletion requested by the data contributor.Overall, the research on defense is far behind the attack, and there is no single defense that can prevent all types of backdoor attacks. In some cases, an attacker can intelligently bypass existing defenses with an adaptive attack. Drawing the insights from the systematic review, we also present key areas for future research on the backdoor, such as empirical security evaluations from physical trigger attacks, and in particular, more efficient and practical countermeasures are solicited.
Since 2016, all of four major U.S. operators have rolled out nationwide Wi-Fi calling services. They are projected to surpass VoLTE (Voice over LTE) and other VoIP services in terms of mobile IP voice usage minutes in 2018. They enable mobile users to place cellular calls over Wi-Fi networks based on the 3GPP IMS (IP Multimedia Subsystem) technology. Compared with conventional cellular voice solutions, the major difference lies in that their traffic traverses untrustful Wi-Fi networks and the Internet. This exposure to insecure networks may cause the Wi-Fi calling users to suffer from security threats. Its security mechanisms are similar to the VoLTE, because both of them are supported by the IMS. They include SIM-based security, 3GPP AKA (Authentication and Key Agreement), IPSec (Internet Protocol Security), etc. However, are they sufficient to secure Wi-Fi calling services? Unfortunately, our study yields a negative answer. We conduct the first study of exploring security issues of the operational Wi-Fi calling services in three major U.S. operators networks using commodity devices. We disclose that current Wi-Fi calling security is not bullet-proof and uncover four vulnerabilities which stem from improper standard designs, device implementation issues and network operation slips. By exploiting the vulnerabilities, together with several state-of-the-art computer visual recognition technologies, we devise two proof-of-concept attacks: user privacy leakage and telephony harassment or denial of voice service (THDoS); both of them can bypass the security defenses deployed on mobile devices and the network infrastructure. We have confirmed their feasibility and simplicity using real-world experiments, as well as assessed their potential damages and proposed recommended solutions.
The COVID-19 pandemic, which spread rapidly in late 2019, has revealed that the use of computing and communication technologies provides significant aid in preventing, controlling, and combating infectious diseases. With the ongoing research in next-generation networking (NGN), the use of secure and reliable communication and networking is of utmost importance when dealing with users health records and other sensitive information. Through the adaptation of Artificial Intelligence (AI)-enabled NGN, the shape of healthcare systems can be altered to achieve smart and secure healthcare capable of coping with epidemics that may emerge at any given moment. In this article, we envision a cooperative and distributed healthcare framework that relies on state-of-the-art computing, communication, and intelligence capabilities, namely, Federated Learning (FL), mobile edge computing (MEC), and Blockchain, to enable epidemic (or suspicious infectious disease) discovery, remote monitoring, and fast health-authority response. The introduced framework can also enable secure medical data exchange at the edge and between different health entities. Such a technique, coupled with the low latency and high bandwidth functionality of 5G and beyond networks, would enable mass surveillance, monitoring and analysis to occur at the edge. Challenges, issues, and design guidelines are also discussed in this article with highlights on some trending solutions.