Walter Tiberti, Eleonora Di Fina, A. Marotta, D. Cassioli
{"title":"Impact of Man-in-the-Middle Attacks to the O-RAN Inter-Controllers Interface","authors":"Walter Tiberti, Eleonora Di Fina, A. Marotta, D. Cassioli","doi":"10.1109/FNWF55208.2022.00071","DOIUrl":null,"url":null,"abstract":"As the mobile traffic increases, mobile networks and user equipment are continuously improved to support higher data rates and newer communication protocols. This constantly evolving scenario represents a big challenge for mobile network operators which paid great effort, in the last years, towards the definition of flexible mobile network architectures able to dynamically adapt to the modern traffic scenarios. This is the mission of the Open-Radio Access Network (O-RAN) Alliance, which aims to create an open, interoperable, high-performance and low-cost architecture for the new generation of RANs. Moreover, the O-RAN architecture adopts a Security-by-Design approach, bringing the security-related aspects into consideration at the design phase. In this paper, we contribute to this general effort of securing the O-RAN, by analyzing the vulnerabilities of a critical interface in the current architecture proposed for the O-RAN: it is the communication interface between the two network controllers. We show what is the impact of Man-in-the-Middle attacks on this communication interface. Our test case has been implemented in the official O-RAN software implementation, thus our study accounts for security weaknesses related to the actual implementation of the O-RAN architecture. We also propose possible mitigation strategies to counteract such kind of attacks.","PeriodicalId":300165,"journal":{"name":"2022 IEEE Future Networks World Forum (FNWF)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE Future Networks World Forum (FNWF)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/FNWF55208.2022.00071","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
As the mobile traffic increases, mobile networks and user equipment are continuously improved to support higher data rates and newer communication protocols. This constantly evolving scenario represents a big challenge for mobile network operators which paid great effort, in the last years, towards the definition of flexible mobile network architectures able to dynamically adapt to the modern traffic scenarios. This is the mission of the Open-Radio Access Network (O-RAN) Alliance, which aims to create an open, interoperable, high-performance and low-cost architecture for the new generation of RANs. Moreover, the O-RAN architecture adopts a Security-by-Design approach, bringing the security-related aspects into consideration at the design phase. In this paper, we contribute to this general effort of securing the O-RAN, by analyzing the vulnerabilities of a critical interface in the current architecture proposed for the O-RAN: it is the communication interface between the two network controllers. We show what is the impact of Man-in-the-Middle attacks on this communication interface. Our test case has been implemented in the official O-RAN software implementation, thus our study accounts for security weaknesses related to the actual implementation of the O-RAN architecture. We also propose possible mitigation strategies to counteract such kind of attacks.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
