Lightning Talk: A Full Stack Hybrid 5G Testbed for Security Testing - Zane Ma, Georgia Institute of Technology & Dragoslav Stojadinovic, Kryptowire
In order to prepare for the growing virtualization of mobile core networks and this new attack surface, a full stack 5G testbed is crucial for preliminary implementation and testing. This talk outlines a successful integration of the OpenAirInterface5G core and radio access network to realize a production-grade testbed deployed over an OpenStack infrastructure. Our testbed includes virtualized/emulated user endpoints (UEs) for large-scale testing as well as commercial off-the-shelf and software-defined radio based UEs (e.g., OnePlus 8 mobile phone) for complementary high-fidelity experimentation. Thus, we can test a variety of realistic deployment conditions and edge cases, and gain an accurate understanding of the 5G ecosystem. To demonstrate the utility of our scalable full-stack 5G testbed, we develop a network security mechanism, DNS flow-stitching, which links network flows with DNS names. This allows us to 1) block flows associated with malicious domains, and 2) identify suspicious “orphan flows” that avoid DNS and DNS-based threat detection. We automate DNS flow-stitching using 5G network programmability, and discuss how we address practical deployment challenges.
