NLP-based Cross-Layer 5G Vulnerabilities Detection via Fuzzing Generated Run-Time Profiling

Zhuzhu Wang, Ying Wang

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

2 Scopus citations

Abstract

The effectiveness and efficiency of 5G software stack vulnerability and unintended behavior detection are essential for 5G assurance, especially for its applications in critical infrastructures. Scalability and automation are the main challenges in testing approaches and cybersecurity research, especially for fuzz testing and formal verification, which are commonly used to detect vulnerabilities. To this end, we propose an innovative approach for automatically detecting vulnerabilities and unintended emergent behaviors in 5G stacks via run-time profiling documents corresponding to fuzz testing in code repositories. More specifically, piloting on the srsRAN platform, we consider log files as regular text and leverage modern techniques from natural language processing (NLP) to map the run-time profiling via Logging Information (LogInfo) generated by fuzzing test to a high dimensional metric space. Then we construct feature spaces combined with their timestamp information. Lastly, we further exploit them using classifiers, including Logistic Regression, K-Nearest Neighbors, and Random Forest to categorize the impacts on performance and security attributes. After verification by examples, the performance of the proposed approach has high accuracy, ranging from 93.4% to 95.9%, in detecting the fuzzing impacts. In addition, the proof of concept could identify real-time vulnerabilities in 5G infrastructures and critical applications in various verticals.

Original languageEnglish
Title of host publication2023 IEEE 12th International Conference on Cloud Networking, CloudNet 2023
Pages194-202
Number of pages9
ISBN (Electronic)9798350313062
DOIs
StatePublished - 2023
Event12th IEEE International Conference on Cloud Networking, CloudNet 2023 - Hoboken, United States
Duration: 1 Nov 20233 Nov 2023

Publication series

Name2023 IEEE 12th International Conference on Cloud Networking, CloudNet 2023

Conference

Conference12th IEEE International Conference on Cloud Networking, CloudNet 2023
Country/TerritoryUnited States
CityHoboken
Period1/11/233/11/23

Keywords

  • 5G systems
  • LogInfo
  • fuzzing test
  • machine learning
  • natural language processing

Fingerprint

Dive into the research topics of 'NLP-based Cross-Layer 5G Vulnerabilities Detection via Fuzzing Generated Run-Time Profiling'. Together they form a unique fingerprint.

Cite this