In the context of privacy protection, there is an increasing popular concern that 5G, the latest generation of mobile networks currently under deployment, will be vulnerable to higher privacy risks due to deploying a higher number of smaller antenna systems delivering highly accurate data coming in at faster speeds closer to mobile users. However, 5G radio communication also features specificities that can render the reproduction of known attacks a much more challenging task. Passive network attacks are attacks not involving any interactions between the attacker and the attacked network, thus making them practically infeasible to detect. Those type of attacks may still pose serious security risks as important information about the user, its terminal and the network applications currently running on it can be extracted and used to exploit known vulnerabilities in software and/or network protocols. The project target is to investigate if well-known passive network attacks are easily reproducible on 5G networks. Particular emphasis will be devoted to information extraction (system identification, website finger- printing, application fingerprinting) and geo-localization extraction (users’ identification and position tracking). These type of attacks have all been demonstrated and are known to be easily reproducible in many types of mobile networks including wireless short-range networks (IEEE 802.11 family) and LTE cellular networks to some extent. It is however not clear if they can easily be modified to 5G environments (featuring beam forming and massive MIMO, allowing communication in 5G to be much more directional than in previous generation).
The project is closed: 30/06/2022