Over the last ten years, 5G research and network deployments have engendered significant economic development and greatly improved lives around the world. At the same time, the Department of Defense (DoD) has made significant efforts to leverage commercial investments made in 5G networks. The push for DoD to rely heavily on 5G commercial systems is, however, problematic because commercial networks are not designed for many of the adversarial settings and electronic warfare (EW) scenarios common in military-hardened networks. Academic research must play an important role in addressing fundamental security challenges arising from the vulnerabilities and design weaknesses of 5G networks. Such challenges manifest themselves in major threats that threaten confidentiality, integrity, and availability of 5G networks such as eavesdropping on messages, spoofing and man-in-the-middle attacks, distributed denial of service (DDoS), and downgrading the service from 5G to 3G/2G. Historically, however, many of the security-related and adversarial problems common to DoD have been viewed as strictly outside of the academic research purview. The proposed project aims to change this by building upon the momentum to accelerate academic and industry research into secure beyond-5G wireless networks. The team is joining forces from academia, industry, and government with the focus on consolidating the ongoing 5G security-related research efforts of its members. The project will also contribute to workforce development by creating research experiences, involving both theory and experiments, for a diverse team of both undergraduate and graduate students.



The proposed research has three unique attributes that enable Zero Trust solutions: (a) Particular focus on signal/waveform level and 5G radio access network (RAN) security; (b) Fine-granular data-plane and control-plane threat detection, tracking, and defense mechanisms; and (c) Integration and evaluation via full-stack, Open RAN/Mobile Core testbed. DoD applications are the main motivation for the proposed solutions. To both narrow the scope of the efforts and make it more grounded, the proposed research will be organized across the following three interwoven aspects: (i) The modeling of threats at the user equipment (UE), RAN, Enhanced Data for Global Evolution (EDGE), backhaul, and 5G packet core levels to understand how suboptimal 5G networks are; (ii) The design of threat detection, tracking, and protection algorithms/mechanisms that effectively modify signaling at the 5G RAN and the software functions/protocols at the 5G Core for granular access control and encryption; and (iii) Formal verification of the various security requirements of service-based architecture in the context of 5G RAN, Core, and Internet Edge that use existing and novel programmable hardware. The level of visibility and controllability that this project enables would allow the 5G service-based architectures to adapt themselves quickly to make way for the military and other critical services in a secure and timely manner - similar to how cars make way for ambulances and fire trucks on the highways, sharing the same road infrastructure.