{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,12]],"date-time":"2026-03-12T15:39:47Z","timestamp":1773329987910,"version":"3.50.1"},"reference-count":28,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2021,1,3]],"date-time":"2021-01-03T00:00:00Z","timestamp":1609632000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2021,1,3]],"date-time":"2021-01-03T00:00:00Z","timestamp":1609632000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"name":"Institute of Information & communications Technology Planning & Evaluation","award":["2019-0-00793"],"award-info":[{"award-number":["2019-0-00793"]}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Computing"],"published-print":{"date-parts":[[2021,3]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>With the advent of 5G technology, the enhanced Mobile Broadband technology is translating 5G-based Internet of Things (IoT) such as smart home\/building into reality. With such advances, security must mitigate greater risks associated with faster and more accessible technology. The 5G-based IoT security analysis is crucial to IoT Technology, which will eventually expand extensively into massive machine-type communications and Ultra-Reliable Low Latency Communications. This paper analyses the countermeasures and verification methods of eavesdropping vulnerabilities within IoT devices that use the current 5G Non-Standalone (NSA) network system. The network hierarchical structure of 5G-based IoT was evaluated for vulnerability analysis, performed separately for 5G Access Stratum (AS), Non-Access Stratum (NAS), and Internet Protocol (IP) Multimedia Subsystem (IMS). AS keystream reuse, NAS null-ciphering, and IMS IPsec off vulnerabilities were tested on mobile carrier networks to validate it on the 5G NSA network as well. A countermeasure against each vulnerability was presented, and our Intrusion Detection System based on these countermeasures successfully detected the presented controlled attacks.<\/jats:p>","DOI":"10.1007\/s00607-020-00855-0","type":"journal-article","created":{"date-parts":[[2021,1,3]],"date-time":"2021-01-03T18:03:05Z","timestamp":1609696985000},"page":"425-447","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":34,"title":["Towards 5G-based IoT security analysis against Vo5G eavesdropping"],"prefix":"10.1007","volume":"103","author":[{"given":"Sungmoon","family":"Kwon","sequence":"first","affiliation":[]},{"given":"Seongmin","family":"Park","sequence":"additional","affiliation":[]},{"given":"HyungJin","family":"Cho","sequence":"additional","affiliation":[]},{"given":"Youngkwon","family":"Park","sequence":"additional","affiliation":[]},{"given":"Dowon","family":"Kim","sequence":"additional","affiliation":[]},{"given":"Kangbin","family":"Yim","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2021,1,3]]},"reference":[{"key":"855_CR1","unstructured":"IoT Industrial Devices, Edge of 2020 in Industrial IoT\u2014forecast, 2020.06.01. https:\/\/iot-industrial-devices.com\/edge-of-2020-in-industrial-iot-forecast\/. Accessed 15 Sep 2020"},{"key":"855_CR2","unstructured":"No W (2019) Ministry of science and ICT central radio management service, number of 5G base station in, 2019.09.05"},{"key":"855_CR3","unstructured":"Wong S (2020) Number of 5G base stations in Chana 2019\u20132024, statista, 2020.05.27"},{"key":"855_CR4","unstructured":"Rupprecht D et al. Call me maybe: eavesdropping encrypted LTE calls with ReVoLTE. In: 29th USENIX security symposium (USENIX security 20)"},{"key":"855_CR5","doi-asserted-by":"crossref","unstructured":"Chlosta M et al (2019) LTE security disabled: misconfiguration in commercial networks. In: Proceedings of the 12th conference on security and privacy in wireless and mobile networks","DOI":"10.1145\/3317549.3324927"},{"key":"855_CR6","doi-asserted-by":"crossref","unstructured":"Park S et al (2020) Security problems of 5G voice communication. In: The 21st world conference on information security applications (WISA)","DOI":"10.1007\/978-3-030-65299-9_30"},{"key":"855_CR7","doi-asserted-by":"crossref","unstructured":"Rosenberg J et al (2002) SIP: session initiation protocol. RFC 3261","DOI":"10.17487\/rfc3261"},{"key":"855_CR8","unstructured":"Third Generation Partnership Project, Confidentiality and Integrity Algorithms UEA2 & UIA2; Document 1: UEA2 and UIA2 specifications, TS 35.215, 2020.07.10"},{"key":"855_CR9","unstructured":"National Institute of Standards and Technology, \u201cAdvanced Encryption Standard (AES)\u201d, FIPS PUB 197, 2001.11.26"},{"key":"855_CR10","doi-asserted-by":"crossref","unstructured":"Dworkin M (2001) Recommendation for Block Cipher Modes of Operation, National Institute of Standards and Technology, NIST Special Publication 800-38A","DOI":"10.6028\/NIST.SP.800-38a"},{"key":"855_CR11","doi-asserted-by":"crossref","unstructured":"Dworkin M (2005) Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication, National Institute of Standards and Technology, NIST Special Publication 800-38B","DOI":"10.6028\/NIST.SP.800-38b-2005"},{"key":"855_CR12","unstructured":"Third Generation Partnership Project, Confidentiality and Integrity Algorithms EEA3 & EIA3; Document 1: EEA3 and EIA3 specifications, TS 35.221, 2020.07.10"},{"key":"855_CR13","doi-asserted-by":"crossref","unstructured":"Manral V (2007) Cryptographic algorithm implementation requirements for encapsulating security payload (ESP) and authentication header (AH), Network Working Group, RFC 4835","DOI":"10.17487\/rfc4835"},{"key":"855_CR14","doi-asserted-by":"publisher","first-page":"24956","DOI":"10.1109\/ACCESS.2019.2899254","volume":"7","author":"RP Jover","year":"2019","unstructured":"Jover RP, Marojevic V (2019) Security and protocol exploit analysis of the 5G specifications. IEEE Access 7:24956\u201324963","journal-title":"IEEE Access"},{"key":"855_CR15","doi-asserted-by":"crossref","unstructured":"Shaik A, Borgaonkar R, Asokan R, Niemi V, Seifert J-P (2016) Practical attacks against privacy and availability in 4G\/LTE mobile communication systems. In: Proceedings of the 23rd annual network and distributed system security symposium (NDSS)","DOI":"10.14722\/ndss.2016.23236"},{"key":"855_CR16","doi-asserted-by":"crossref","unstructured":"Hussain SR, Chowdhury O, Mehnaz S, Bertino E (2018) LTEInspector: a systematic approach for adversarial testing of 4G LTE. In: Proceedings of the symposium network and distributed system security (NDSS), pp 18\u201321","DOI":"10.14722\/ndss.2018.23313"},{"key":"855_CR17","doi-asserted-by":"crossref","unstructured":"Rupprecht D, Kohls K, Holz T, P\u00f6pper C (2019) Beaking LTE on layer two. In: Proceedings of the IEEE symposium security, privacy (SP)","DOI":"10.1109\/SP.2019.00006"},{"issue":"1","key":"855_CR18","first-page":"117","volume":"5","author":"S Fonyi","year":"2020","unstructured":"Fonyi S (2020) Overview of 5G security and vulnerabilities. Cyber Defense Rev 5(1):117\u2013134","journal-title":"Cyber Defense Rev"},{"key":"855_CR19","doi-asserted-by":"publisher","unstructured":"Cremers C, Dehnel-Wild M (2019) Component-based formal analysis of 5G-AKA: channel assumptions and session confusion. In: Network and distributed systems security (NDSS) symposium 2019. https:\/\/doi.org\/10.14722\/ndss.2019.23394","DOI":"10.14722\/ndss.2019.23394"},{"key":"855_CR20","doi-asserted-by":"publisher","first-page":"108","DOI":"10.2478\/popets-2019-0039","volume":"3","author":"R Borgaonkar","year":"2019","unstructured":"Borgaonkar R, Hirschi L, Park S (2019) Shaik A (2019) New privacy threat on 3G, 4G, and upcoming 5G AKA protocols. Proc Priv Enhanc Technol 3:108\u201327. https:\/\/doi.org\/10.2478\/popets-2019-0039","journal-title":"Proc Priv Enhanc Technol"},{"key":"855_CR21","doi-asserted-by":"crossref","unstructured":"Basin D et al (2018) A formal analysis of 5G authentication. In: Proceedings of the 2018 ACM SIGSAC conference on computer and communications security. ACM, pp 1383\u20131396","DOI":"10.1145\/3243734.3243846"},{"key":"855_CR22","unstructured":"Third Generation Partnership Project, System Architecture Evolution (SAE); Security architecture, TS 33.401, 2020.07.10"},{"key":"855_CR23","unstructured":"Third Generation Partnership Project, Network Domain Security (NDS); IP network layer security, TS 33.210, 2020.07.10"},{"key":"855_CR24","unstructured":"Third Generation Partnership Project, IP Multimedia Subsystem (IMS) media plane security, TS 33.328, 2020.07.10"},{"key":"855_CR25","unstructured":"Third Generation Partnership Project, Study on 5G security enhancements against false base stations version, TR 33.809, 2020.08.31"},{"key":"855_CR26","unstructured":"srsLTE. https:\/\/github.com\/srsLTE\/srsLTE. Accessed 15 Sep 2020"},{"key":"855_CR27","unstructured":"USRP B210. https:\/\/www.ettus.com\/product\/details\/UB210-KIT. Accessed 15 Sep 2020"},{"key":"855_CR28","unstructured":"OPTis-S. https:\/\/www.dtaq.re.kr\/_custom\/dtaq\/_common\/board\/download.jsp?attach_no= 192170 Accessed 15 Sep 2020"}],"container-title":["Computing"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00607-020-00855-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s00607-020-00855-0\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00607-020-00855-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,2,27]],"date-time":"2021-02-27T17:08:07Z","timestamp":1614445687000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s00607-020-00855-0"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,1,3]]},"references-count":28,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2021,3]]}},"alternative-id":["855"],"URL":"https:\/\/doi.org\/10.1007\/s00607-020-00855-0","relation":{},"ISSN":["0010-485X","1436-5057"],"issn-type":[{"value":"0010-485X","type":"print"},{"value":"1436-5057","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,1,3]]},"assertion":[{"value":"15 September 2020","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"13 October 2020","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"3 January 2021","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Compliance with ethical standards"}},{"value":"The authors declare that they have no conflict of interest.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}}]}}