CAREER: Proactive Techniques for Enhancing Security and Resilience of Mobile Communication Infrastructure

职业：增强移动通信基础设施安全性和弹性的主动技术

• 批准号: 1943079
• 负责人: Guanhua Yan
• 金额: $ 49.89万
• 依托单位: SUNY at Binghamton
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2020
• 资助国家: 美国
• 起止时间: 2020-07-01 至 2025-06-30
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1943079&HistoricalAwards=false
• 关键词: CAREER; Proactive; Techniques; Enhancing; Security

The 5G networks currently being rolled out globally are expected to revolutionize a wide spectrum of application domains, including, but not limited to, automotive, healthcare, smart cities, factories, and first responders. This project seeks to enhance the security and resilience of the next-generation mobile communication networks against threats that may cause infrastructure-level damages. First, the ease of distributing mobile applications from marketplaces (e.g., Google Play and Apple App Store) and the growing popularity of IoT (Internet-of-Things) devices have made it possible to construct large botnets capable of attacking critical infrastructures. Second, both insider threats (e.g., disgruntled former employees) and unintentional human errors (e.g., network misconfiguration) can cause widespread cellular service failures. Third, virtualization of 5G core network services makes them attractive targets for APT (Advanced Persistent Threat) attackers who covet sensitive user data, such as mobile users' account information, locations, and private keys. The successful execution of this project will not only produce tools that can protect the Nation's mobile communication infrastructures but also train students from diverse backgrounds for jobs in critical infrastructure protection.The main goal of this CAREER project is to develop three-layered, proactive defenses for the next-generation mobile communication infrastructures. The first layer of defense will provide infrastructure-level accountability support to deter potential attackers because their attack origins can be traced from observable network events with high accuracy. The second layer will use real-time machine learning techniques enhanced with knowledge of communication protocol specifications to identify anomalous activities. These anomaly detection methods will be designed with robustness against adversarial manipulations such as model poisoning and evasion attacks. The third layer of defense will focus on diverting attackers who have successfully penetrated into the mobile communication infrastructures to deceptive environments, where their attack capabilities, intentions, and origins can be revealed. This CAREER project will engage 5G infrastructure stakeholders in improving the security and resilience of their mobile network operations. Its research activities will involve undergraduates and under-represented minority students.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

当前在全球范围内推出的5G网络有望彻底改变广泛的应用领域，包括但不限于汽车，医疗保健，智能城市，工厂和急救人员。该项目旨在增强下一代移动通信网络的安全性和韧性，以防止可能导致基础架构级损害的威胁。首先，从市场上（例如Google Play和Apple App Store）和物联网（Thing-Things-things）设备日益普及的易于分发移动应用程序，使得构建能够攻击关键基础架构的大型僵尸网络成为可能。其次，这两个内部人士威胁（例如，心怀不满的前雇员）和无意的人类错误（例如，网络错误配置）都可能导致广泛的蜂窝服务失败。第三，5G核心网络服务的虚拟化使其成为渴望敏感用户数据的APT（高级持续威胁）攻击者（例如移动用户的帐户信息，位置和私钥）的吸引力目标。该项目的成功执行不仅将产生能够保护美国移动通信基础设施的工具，而且还将培训来自不同背景的学生在关键基础设施保护方面的工作。该职业项目的主要目标是为下一代移动交流基础设施开发三层，积极主动的防御。第一层的防御将为阻止潜在攻击者提供基础架构级别的问责制支持，因为他们的攻击起源可以从可观察到的网络事件中追溯到高精度。第二层将使用实时的机器学习技术，并了解通信协议规范的知识来识别异常活动。这些异常检测方法将以鲁棒性针对对抗性操作（例如模型中毒和逃避攻击）进行设计。第三层的防御将集中于将成功渗透到移动通信基础设施中的攻击者转移到欺骗性环境中，在这种环境中，他们的攻击能力，意图和起源可以揭示。该职业项目将吸引5G基础设施利益相关者，以提高其移动网络运营的安全性和弹性。它的研究活动将涉及本科生和代表性不足的少数族裔学生。该奖项反映了NSF的法定任务，并且使用基金会的知识分子优点和更广泛的影响标准，被认为值得通过评估来获得支持。

项目成果

VET5G: A Virtual End-to-End Testbed for 5G Network Security Experimentation

VET5G：用于 5G 网络安全实验的虚拟端到端测试平台

• DOI: 10.1145/3546096.3546111
• 发表时间: 2022
• 期刊: The 15th Workshop on Cyber Security Experimentation and Test
• 作者: Wen, Zhixin;Pacherkar, Harsh Sanjay;Yan, Guanhua
• 通讯作者: Yan, Guanhua

IoTInfer: Automated Blackbox Fuzz Testing of IoT Network Protocols Guided by Finite State Machine Inference

• DOI: 10.1109/jiot.2022.3182589
• 发表时间: 2022-11
• 期刊: IEEE Internet of Things Journal
• 影响因子: 10.6
• 作者: Zhan Shu;Guanhua Yan