Defensive 5G

Presented at DEF CON 30 (2022), Aug. 13, 2022, noon (115 minutes)

In this work we developed a 4.5G/5G network using only commercial off the shelf (COTS) hardware and open-source software to serve as test-infrastructure for studying vulnerabilities in 5G networks. We are using software defined networking (SDN) tools such as Faucet and Dovesnap and software defined radio(SDR) capabilities such as Open5gs and srsRAN along with Docker Containers to facilitate the rapid and reliable setup and configuration of network topologies that can be used to represent the 5G networks that we intend to test. By having a configurable and repeatable mechanism that could be shared among multiple users with differing hardware setups we were able to test 5G network configurations in a variety of ways and have those results validated by other team members.

Audience: Target Audience: Network Defense and Attack, 5G, Software Defined Radio and Infrastructure-as-Code.

Presenters:

• Ryan Ashley
  Ryan Ashley is currently a senior software-engineer at In-Q-Tel Labs. He is responsible for architecture, design, and implementation of open-source tools for analysis and visualization of network activity and other cyber-security use-cases. He is the primary maintainer of the IQT-Labs project NetworkML, and is a contributor to various other open-source projects.
• Eric Mair
  Eric Mair has been working in wireless communications for over 20 years and is currently working for In- Q-Tel Labs in Arlington, VA as a senior communications-technologist focusing on 5G, SDR and the application of machine-learning to RF communications. Prior to IQT he was with the US Government for 19 years.

Similar Presentations:

• TROOPERS17 (2017) / Outlook on 5G security from 3GPP perspective
• Black Hat USA 2021 / 5G IMSI Catchers Mirage
• Black Hat USA 2021 / Over the Air Baseband Exploit: Gaining Remote Code Execution on 5G Smartphones