A Distributed Wireless Shield for protecting private 5G networks
Our project is based on the premise that a 5G mobile modem cannot be fundamentally trusted. This conclusion stems from the observation that 5G modems
- for end devices are currently only offered by non-European manufacturers. At the same time, the digitalization of European industry relies heavily on 5G, which will also be deployable for mission-critical applications up to availability class 6 from the end of 2022.
- are complex System-on-Chips (SoCs) with modifiable microcode. As modem complexity inherently increases with each new mobile communication standard due to backward compatibility and additional features, the likelihood of security vulnerabilities also rises. Trends such as Open RAN and Cloud RAN further expand this attack surface significantly, including through the diversification of modem hardware and the partial outsourcing of modem functionalities to remote hardware.
- are ideally positioned for sniffing and man-in-the-middle attacks. These modems handle the flow of user and metadata, manage the cryptographic security of the second protocol layer, and support a wide range of frequency bands and radio standards. This makes the extraction of data via covert channels particularly easy.
These observations give rise to the overarching goal of our project: we are developing ADWISOR5G (A Distributed Wireless Shield for Protecting Private 5G Networks) — a distributed shield designed to detect, locate, and counteract attacks on 5G networks. Our project implements a zero-trust model for the 5G air interface by continuously monitoring the mobile modem using a Software-Defined Radio (SDR). This approach detects attack attempts and unauthorized data flows at the physical layer and prevents them via an integrated controller. This allows novel attacks to be identified as radio signals before they are known or understood at the logical level, effectively complementing byte-level attack detection. Through spatially distributed monitoring and synchronization of observations, sources of attack signals can be located in real-time and countered with precision.
Within this project, the complete ADWISOR5G system will be developed, validated, and demonstrated in the field. This builds on the groundwork laid by the partners: aconnic will provide the SDN platform, into which the Spectral Intrusion Detection (SID) method and the appropriate SDN controller developed by the Darmstadt University of Applied Sciences will be integrated. Fraunhofer IIS will contribute a low-latency radio interface for synchronizing the distributed SDRs and localizing attackers within the overall system. The resulting system will undergo randomized blind validation studies in the laboratory before being evaluated and demonstrated in relevant deployment environments.
The focus of this project is on the radio-based protection of 5G campus networks in industrial environments with the highest requirements for availability and data security. Our industrial partners frequently face corresponding security concerns from their customers and see strong demand for the described product in the European market. By integrating physical security and real-time attacker localization into 5G campus networks, ADWISOR5G is unique worldwide.
Publications and Lectures
- “Traue keinem Gerät, das komplexer ist als ein Toaster” (de | en)
- M. Varotto, S. Valentin, and S. Tomasin, “Detecting 5G signal jammers with autoencoders based on loose observations,” in Proc. IEEE GLOBECOM WS, Dec. 2023.
- S. Rieger, L.-N. Lux, J. Schmitt, and M. Stiemerling, “DigSiNet: Using Multiple Digital Twins to Provide Rhythmic Network Consistency,” in Proc. IEEE/IFIP NOMS WS, May 2024
- S. Valentin, “5 and 6G – new threats and their mitigation through physical layer security,” Invited talk at SAP, Apr. 2024.
- M. Varotto, S. Valentin, and S. Tomasin, “Detecting 5G signal jammers using spectrograms with supervised and unsupervised learning,” in Proc. IEEE Int. Conf. on Commun. Workshops (ICC WS), Jun. 2024. accepted for publication
- M. Varotto, S. Valentin, F. Ardizzon, S. Marzotto, and S. Tomasin, “One-class classification and the GLRT for jamming detection in 5G private networks,” in Proc. IEEE Int. Workshop on Signal Processing Advances for Wireless Commun. (SPAWC), Sep. 2024. Invited Paper, Preprint: https://arxiv.org/abs/2405.09565
- M. Varotto, F. Heinrichs, T. Schuerg, S. Tomasin, and S. Valentin, “Detecting 5G narrow- band jammers with CNN, k-nearest neighbors, and support vector machines,” in Proc. IEEE Int. Workshop on Inf. Forensics and Security (WIFS), Dec. 2024. accepted for publication, preprint at https://arxiv.org/abs/2405.09564
Funding Guidelines: Cybersicherheit und digitale Souveränität in den Kommunikationstechnologien 5G/6G, Themenschwerpunkt 4b) Sicherheitsinnovationen für Resilienz von Infrastrukturen
Title: ADWISOR5G – A Distributed Wireless Shield for protecting private 5G networks
Duration: 1.6.2023 – 31.5.2025
Coordinator: aconnic
Contact: adwisor5g@aconnic.com
