What problem does this paper attempt to address?

### What problems does this paper attempt to solve? This paper aims to conduct the first comprehensive security assessment of the 5G Core from the perspective of Web security. Specifically, the author attempts to solve the following problems: 1. **Insufficient Web security assessment of the 5G core network**: - Although the 5G core network has made significant progress in virtualization and software - defined networking, there is currently a lack of security assessment of its Web components. In particular, the security risks brought by these new technologies through application programming interfaces (APIs) and Web technologies have not been fully studied. 2. **Identify potential threats and attack vectors**: - The author uses the STRIDE threat - modeling method (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege) to systematically identify all possible threat vectors that may affect the 5G core network and describes in detail how a successful attack of each threat affects the 5G network. 3. **Test the security of existing 5G core implementations**: - The author selects three widely - used open - source 5G core implementations (Open5GS, Free5GC, and OpenAirInterface) and conducts extensive tests on these implementations through a series of penetration - testing tools to verify whether they are vulnerable to the identified attack vectors. 4. **Reveal vulnerabilities in existing implementations**: - The test results show that all of these 5G core implementations have at least two identified attack vectors, indicating that current 5G core development needs to pay more attention to security measures. ### Formula representation Although the content of this paper mainly involves network security assessment, for the sake of completeness of the answer, the following are the formula representations of some key concepts mentioned in the paper: - **STRIDE threat model**: \[ \text{STRIDE}=\{\text{Spoofing}, \text{Tampering}, \text{Repudiation}, \text{Information Disclosure}, \text{Denial of Service}, \text{Elevation of Privilege}\} \] - **DoS attack example**: \[ \text{DoS}=\left\{\begin{array}{ll} \text{Send a large number of requests to the target server}&\text{Exhaust the server resources}\\ \text{Cause the service to be unavailable or the response to be delayed}& \end{array}\right. \] ### Summary Through the above analysis, the paper emphasizes the vulnerability of the 5G core network in terms of Web security and calls for more attention to security in future research and development, especially in virtualization and software - defined networking environments.