# 網路管理final
# 大厝歹拚掃
## 5G 核心網路設計與實作 + free5GC:第五代行動網路之核心網路開發及架構
1. List 3 advance of 4G as compared with 3G.
:::spoiler 投影片
:::
- <font color="red">**Packet-switched only core network**</font>
- <font color="red">**Simplified architecture/Flat architecture**</font>
- <font color="red">**Separation of control plane and user plane**</font>
2. List 3 Key 5G Use Cases.
:::spoiler 投影片
:::
- <font color="red">**eMBB(enhanced Mobile Broadband)**</font>
- <font color="red">**URLLC(Ultra Reliable Low Latency Communications)**</font>
- <font color="red">**mMTC(massive Machine Type Communications)**</font>
3. Briefly describe the full name and list 3 functions of the following functions of 5G network functions. AMF, SMF, UPF, AUSF, PCF, NSSF.
:::spoiler 投影片
:::
- AMF: **Access and Mobility management Function**
- SMF: **Session Management Function**
- UPF: **User Plane Function**
- AUSF:**Authentication Server Function**
- PCF: **Policy Control Function**
- NSSF: **Network Slice Selection Function**
4. Draw the architecture of 5G Non-Standalone Type 3 and 3a.
5. Draw the 5G SBA architecture with UE, gNB, UPF, and AMF, SMF, UPF, AUSF, PCF, NSSF
6. What is the 5G e2e latency and air latency, respectively?
:::spoiler 投影片
:::
- **E2E latency: end-to-end (端點到端點) 的延遲時間** < 5ms (2反過來5)
- **air latency: 資料在空氣中傳播造成的延遲** < 1 ms (a1r)
7. What is SBA in 5G?
:::spoiler 投影片
:::
**Elements are defined as** <font color="blue">**network functions**</font> **that offer their** <font color="blue">**services**</font> **via interfaces of a common framework.**
8. List two types of SBI in 5G and draw their architecture, respectively.
:::spoiler 投影片
:::
- **Request - Response**
- **Subscribe - Notify**
- architecture - 投影片(3/3)
9. List 2 popular open source 5G core network and 1 popular RAN emulator
- **open5gs、free5gc**
- **ueransim**
## 4-4-1 5G 安全挑戰與要求
1. 5G security scope is partitioned into four different domains, what are them?
:::spoiler 投影片
:::
- **User**
- **Network**
- **OAM&P**
- **Security Management**
2. List the first 3 security domains in 5G.
:::spoiler 投影片
:::
- **Network access security**
- **Network domain security**
- **User domain security**
3. What is bidding down attacks in 5G security.
:::spoiler 投影片
:::
- **(讓你沒辦法存取5g)**
- An attacker could attempt a bidding down attack **by making the UE and the network entities respecively believe that the other side does not support a secutiey feature**, even when both sides in fact support that security feature
4. What is the key length of 5GC and NG-RAN encryption and integrity protection algorithms?
:::spoiler <font size="4">**chatGPT**</font>
- The key length for encryption in 5GC and NG-RAN is typically **128 bits** for Advanced Encryption Standard (AES-128), and for integrity protection, algorithms like UIA2 and CIA2 use a key length of **128 bits**. Keep in mind that specifications may evolve, so it's advisable to refer to the latest 3GPP documentation for the most up-to-date information.
:::
- <font color="red">**128 bits**</font>
5. List three significant improvements to combat false base stations in 5G system.
<Study on 5G Security Enhancement against False Base Stations (FBS) (3GPP TR 33.809)>
::: spoiler 投影片
:::
- **SUPI concealment**
- **Guaranteed GUTI refreshment**
- **Protected redirections**
- **A general informative detection framework**
- 5G security inherited from earlier generations like mutual authentication between UE and network, integrity protected signalling, and secure algorithm negotiations.
6. Two categories of attacks against 5G UEs over radio interfaces
:::spoiler 圖片
:::
- **Active attacks**
an attacker actively injects signal or messages to influence what UE would receive
- **Passive attacks**
an attacker silently sniffs sigals exchanged between a UE and a gNB
7. List 3 different active attacks in 5G.
:::spoiler 圖片
:::
- **Radio Jamming**
- **Signal Shadowing**
- **Message attacks**
8. Passive attacks can be classified into 2 sniffing, What are them?
:::spoiler 圖片
:::
- **Uplink sniffing**
- **Downlink sniffing**
9. List the first 3 Key Issues of 5G Security?
:::spoiler 圖片
:::
- **Security of unprotected unicast messages**
- **Security protection of system information**
- **Network detection of false base stations**
10. Please draw the architecture of FBS authentication relay attack in the same PLMN
11. List 3 messages between the UE and the network with a MitM FBS.
:::spoiler 投影片
:::
- **The pre-authentication traffic**
- **MAC/RLC layer message headers**
- **Lower layer control messages such as buffer status reports**
12. How to support high handover robustness during Conditional Handover in order to avoid UE Connecting to False Base Station
:::spoiler 圖片
:::
- **support conditional handover in addition**
- the source gNB A sends threshold to the UE to make the handover decision
- additional signalling to report measured signalling is not needed so that HO rebustness can be guaranteed
13. List 2 new 5G features related to service delivery for CIoT capable Ues.
:::spoiler 圖片
:::
- **for the ++infrequent++ transmission of small data**
- **for the ++frequent++ transmission of small data and is targeted at more active Ues**
## 5G Security Overview
1. List 3 Challenges of Cellular Network.
::: spoiler 圖片
:::
- **Wireless medium**: boardcast nature
- **Mobility**: changes in network attachment points
- **Wireless device constraints**
2. For security in 5G, list 3 Device Threats.
::: spoiler 圖片
:::
- **Bots**
- **DDoS**
- **MitM Attacks**
- **Firmware Hacks**
- **Device Tempering**
- **Malware**
- **Sensor Suceptibility**
3. For security in 5G, list 3 Air Interface Threats.
::: spoiler 圖片
:::
- **Jamming**
- **MitM Attacks**
- **Eavesdropping**
4. For security in 5G, list 3 Core Network Threats.
::: spoiler 圖片
:::
- **Software issues**
- **API vulnerabilities**
- **Networking Slicing issues**
- **DoS and DDoS attacks**
- **Improper Access Control**
- **Virtualization issues**
5. List the first 3 security domains in 5G.
:::spoiler 圖影片
:::
- **Network access security**
- **Network domain security**
- **User domain security**
6. Draw the architecture and describe the mechanism using encryption algorithm with SUPI and SUCI for Trust Model: Roaming Scenario in 5G security.
- (SUPI + public key -> SUCI; SUCI + private key -> SUPI)
7. What is bidding down attacks in 5G security.
::: spoiler 圖片
:::
- **making UE and network entities believe that the other side does not support a security feature**
8. What is the key length Requirement on 5GC and NG-RAN related to AS and NAS protection.
::: spoiler 圖片
:::
- **128 bits**
9. What is the key length Requirement on 5GC and NG-RAN related to Network interfaces.
:::spoiler 圖影片
:::
- **256 bits**
## 5G Authentication
1. What is the General solution for Remote Authentication in 5G?
:::spoiler 圖影片
:::
- General solution: <font color="blue">**challenge-response protocols**</font>
2. What are 2 goals of 5G Authentication?
:::spoiler 圖影片
:::
- **Mutual authentication** between UE and network
- **Providing keying material for subsequent security procedures**
3. What are 2 Main functions of AKA?
:::spoiler 圖片
:::
- **Mutual authentication**
- **Derive cryptographic keying materials**
4. Describe the architecture for Initial Attach and Re-attach of 4G EPS-AKA, including two IDs in identifying UEs in LTE networks.
5. What are Weaknesses in 4G EPS-AKA?
::: spoiler 圖片
:::
- UE IDs are sent over the air without encryption
- Authentication is made solely by the serving network
6. What is 5G Permanent Identifier? What is 5G Permanent Identifier with Privacy? What are the difference between them?
- 1. SUPI
- 2. SUCI
- 3.
- A privacy preserving ID containing the concealed SUPI
- Only the MSIN part of the SUPI gets concealed
:::spoiler 圖影片
:::
7. List 3 Differences between 5G-AKA and 4G EPS-AKA?
:::spoiler 圖片
:::
- Entities involved in the authentication are different
- UE always uses the public key of the 5G home network to encrypt the UE permanent identity
- the 5G home network makes the final decision on UE authentication
Sign in with Wallet
Connect another wallet