Vulnerability Exploit Pattern Generation and Analysis for proactive security risk mitigation for 5G networks

Abstract

This paper presents a proactive intelligent mechanism to detect possible variants of known vulnerability exploits being attempted on any component of wireless networks. Vulnerability Exploit Pattern Analyzer presented in this paper can prevent possible zero-day attacks by learning from the available known exploits from published databases. There have been incidents like WannaCry ransomware attack, where a known Operating Systems vulnerability was exploited sometime after it was published, and even the patches were available in public. In 5G wireless networks, the number of network functions and devices are expected to be in millions. For most of the CVEs published, different exploits are also published, and available in online databases like Exploit DB. It is likely that attackers take such exploits, manipulate them to create different variants of such exploits and launch attacks on networks. For example, https://www.exploit-db.com/has more than 8000 exploits published only for SQL injection kind of vulnerabilities. Older vulnerability exploits can inspire creation of newer ones for other products. 5G and future wireless networks having service-based architecture at the core will require more proactive approaches to predict any misuse of emerging or manipulated variants of known exploits. This paper proposes one possible solution for the same and presents results from experiments done using patterns generated from a remote command injection vulnerability exploit.