5Greplay: a 5G Network Traffic Fuzzer -- Application to Attack Injection

Zujany Salazar,Huu Nghia Nguyen,Wissam Mallouli,Ana R Cavalli,Edgardo Montes de Oca
DOI: https://doi.org/10.1145/3465481.3470079
2023-04-12
Abstract:The fifth generation of mobile broadband is more than just an evolution to provide more mobile bandwidth, massive machine-type communications, and ultra-reliable and low-latency communications. It relies on a complex, dynamic and heterogeneous environment that implies addressing numerous testing and security challenges. In this paper we present 5Greplay, an open-source 5G network traffic fuzzer that enables the evaluation of 5G components by replaying and modifying 5G network traffic by creating and injecting network scenarios into a target that can be a 5G core service (e.g., AMF, SMF) or a RAN network (e.g., gNodeB). The tool provides the ability to alter network packets online or offline in both control and data planes in a very flexible manner. The experimental evaluation conducted against open-source based 5G platforms, showed that the target services accept traffic being altered by the tool, and that it can reach up to 9.56 Gbps using only 1 processor core to replay 5G traffic.
Networking and Internet Architecture
What problem does this paper attempt to address?
### What problems does this paper attempt to solve? This paper aims to solve the testing and security challenges in 5G networks, especially the evaluation of 5G network security and functionality. Specifically, the paper proposes an open - source tool named **5Greplay** for fuzz testing 5G network traffic. The following are the main problems that the paper attempts to solve: 1. **Testing challenges brought by 5G network complexity**: - 5G networks introduce new technologies and architectures (such as SDN, NFV, MEC, and network slicing), which need to be comprehensively tested from both functional and non - functional perspectives. - It is necessary to verify the performance of the system in terms of data throughput, latency, scalability, and robustness. 2. **5G network security threats**: - The 5G service - based architecture (SBA) brings new network security threats, and some traditional security mechanisms may no longer be effective in the 5G environment. - New security test cases and tools need to be created to deal with 5G - specific security problems, such as replay attacks, man - in - the - middle (MiTM) attacks, and denial - of - service (DoS) attacks. 3. **Lack of publicly available 5G test data sets**: - Currently, there is a lack of publicly labeled data sets that contain real - user behaviors and the latest attack scenarios, which makes it difficult to test 5G components and intrusion detection systems (IDS). 4. **Limitations of existing tools**: - Existing network traffic replay tools (such as Tcpreplay) can usually only replay pre - captured traffic and cannot modify or generate specific 5G protocol packets. - These tools mainly focus on IP - layer modifications and cannot flexibly modify the content of 5G protocol layers. ### 5Greplay's solutions To address the above challenges, 5Greplay provides the following functions: - **Flexible traffic modification and replay**: Allows users to select, modify, and replay 5G network traffic through rule definitions, and supports online and offline modes. - **Supports multiple 5G protocols**: It can parse and modify 5G - specific protocols such as NAS - 5G and NGAP. - **High performance**: Experimental results show that 5Greplay can achieve a replay cache rate of 9.56 Gbps using a single processor core. - **Integration ability**: It can be combined with other tools and service chains to provide more powerful testing capabilities. Through these functions, 5Greplay provides a powerful tool for researchers and developers to evaluate the security and functionality of 5G networks and helps to discover potential vulnerabilities and problems.