Threat Remote De-Registration Attack
Category Denial of Service
Description In this scenario, an attacker can exploit implementation flaws in MMEs that causes them to de-register a legitimate UE attached to the network without notification, resulting in a DoS for the victim UE.
The attacker establishes an RRC connection spoofed as the victim using the legitimate UE’s S-TMSI and then proceeds to send a NAS message such as an invalid security protected message or an initial plain request message to the MME serving the victim. The MME will then process the received NAS message from the attacker inappropriately and will consequently de-register the connection of the victim UE without any notification
This attack was demonstrated by researchers117 against a live
operational LTE network and should be considered a major security threat for CAVs using LTE as a connectivity platform.
Mitigation CIS controls recommend the implementation, management and correction of the configuration of network elements using rigorous configuration management and change management processes. De-registration attacks are mainly possible due to incorrect implementation of the MME and its functionalities in the EPC. Therefore, this attack is mitigated by implementing an MME that adheres fully with the 3GPP standards and requirements. CIS 12 & 11
Related
Interactions/Assets
UE, eNodeB , MME
Mitigation Status Mitigated
Threat Authentication & Key Agreement (AKA) Bypass Attack
Category Information Disclosure / Tampering
Description The connection between the UE and MME is mutually authenticated after the initiation and completion of the
Authentication and Key Agreement procedure. The procedure is completed when the UE sends the NAS authentication response to the MME. At this stage, all control plane messages that should be protected are encrypted and integrity protected using the agreed security algorithms.
However, researchers117 demonstrated that an AKA bypass attack
can be employed to bypass the existing encryption of user data between the UE and MME.
An AKA bypass attack can be launched by using a rogue eNodeB and actively exploiting a known weakness to skip the key
agreement procedure in the RRC layer. This then nullifies the security context of RRC and user data allowing for an attacker to spoof the RRC messages and intercept private information and communication of the victim’s UE.
Mitigation Since the AKA bypass attack stems from lack adherence to the mandatory security procedures, it can be mitigated by making sure that the MME and UE do not continue with any control plane procedures prior to the successful completion of the mandatory security procedures.
CIS recommends assessing and taking continuous action on new information in order to identify vulnerabilities, remediate, and minimise the window of opportunity for attackers.
CIS 3, 15, 9
Related
Interactions/Assets
UE, eNodeB, EPC, HSS, AuC
Mitigation Status Partially Mitigated
117 Kim, H., Lee, J., Lee, E., & Kim, Y. (2019). Touching the Untouchables: Dynamic Security Analysis of the LTE Control Plane.
Threat Signalling Storm Attack
Category Denial of Service
Description Signalling traffic can be maliciously generated by an attacker through repeated and simultaneous sending of multiple dedicated bearer or NAS requests with the expressed intention of disrupting the services provided by the EPC. If the maliciously generated signalling load exceeds the actual capacity of the MME, then services may be impacted. This is because the resources available at the core network is being diverted away from serving genuine and legitimate subscribers effectively leading to a DoS.
Mitigation CIS recommends the continuous maintenance, monitoring and analysis of network audit logs. It is also recommended to control network traffic between network nodes by employing boundary defence solutions.
Despite intrusion prevention systems and network and traffic monitoring mechanisms, signalling storm attacks cannot be entirely prevented.
CIS 6 & 12
Related
Interactions/Assets
UE, EPC, MME, HSS/AuC
Mitigation Status Not Mitigated
Threat Single Key Dependency
Category Information Disclosure / Tampering
Description Safeguarding the key used in the cryptographic algorithm such as EPS-AKA is a major security concern in LTE networks. If the source key (K) that is shared between the UE and the HSS and used to derive all the future keys is compromised, then the network becomes vulnerable and attackers can exploit this vulnerability and be easily authenticated by the LTE network, jeopardising the integrity and confidentiality of the network.
The EPS-AKA protocol used currently in LTE is therefore rooted on the secrecy of the permanent key K. If K is compromised,
especially given advances in quantum computing, then the security of the network cannot be guaranteed118.
Mitigation CIS recommends management of the ongoing operational use of protocols, and services on networked devices in order to minimise windows of vulnerability available to attackers
It is also recommended to implement robust key management mechanisms that provide a balance between computational
complexity and the secure storage and use of cryptographic keys. CIS 9 & 16
Related
Interactions/Assets
UE, EPC, MME, HSS/AuC
Mitigation Status Not Mitigated
118 Rajakumar , A., Raja, G., Almagrabi, A. O., Alkatheiri, M. S., Hussain, C. S., & Bashir, A. K. (2019) A Quantum-safe Key Hierarchy and Dynamic Security Association for LTE/SAE in 5G Scenario