{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,20]],"date-time":"2026-05-20T16:40:43Z","timestamp":1779295243259,"version":"3.51.4"},"reference-count":95,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"4","license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"name":"Natural Sciences and Engineering Research Council of Canada (NSERC) and TELUS Communications through Collaborative Research and Development"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Commun. Surv. Tutorials"],"published-print":{"date-parts":[[2024]]},"DOI":"10.1109\/comst.2024.3377161","type":"journal-article","created":{"date-parts":[[2024,3,13]],"date-time":"2024-03-13T15:49:51Z","timestamp":1710344991000},"page":"2382-2410","source":"Crossref","is-referenced-by-count":26,"title":["Security Analysis of Critical 5G Interfaces"],"prefix":"10.1109","volume":"26","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-5728-1814","authenticated-orcid":false,"given":"Mohammed","family":"Mahyoub","sequence":"first","affiliation":[{"name":"School of Information Technology, Carleton University, Ottawa, ON, Canada"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3888-3975","authenticated-orcid":false,"given":"AbdulAziz","family":"AbdulGhaffar","sequence":"additional","affiliation":[{"name":"Department of Systems and Computer Engineering, Carleton University, Ottawa, ON, Canada"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8378-2241","authenticated-orcid":false,"given":"Emmanuel","family":"Alalade","sequence":"additional","affiliation":[{"name":"School of Information Technology, Carleton University, Ottawa, ON, Canada"}]},{"given":"Ezekiel","family":"Ndubisi","sequence":"additional","affiliation":[{"name":"School of Information Technology, Carleton University, Ottawa, ON, Canada"}]},{"given":"Ashraf","family":"Matrawy","sequence":"additional","affiliation":[{"name":"School of Information Technology, Carleton University, Ottawa, ON, Canada"}]}],"member":"263","reference":[{"key":"ref1","year":"2022","journal-title":"The stride threat model"},{"key":"ref2","volume-title":"The Threats to Our Products","volume":"33","author":"Kohnfelder","year":"1999"},{"key":"ref3","volume-title":"System architecture for the 5G system 5GS; (Release 17), Version 16.6.0","year":"2021"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.13052\/jicts2245-800X.616"},{"key":"ref5","volume-title":"Architecture enhancements for control and user plane separation of EPC nodes; (Release 17)","year":"2022"},{"key":"ref6","article-title":"5G system security analysis","author":"Holtrup","year":"2021","journal-title":"arXiv:2108.08700"},{"key":"ref7","volume-title":"ENISA Threat Landscape for 5G Networks","year":"2020"},{"key":"ref8","volume-title":"5G security assurance specification SCAC, user plane function UPF; (Release 16)","year":"2021"},{"key":"ref9","volume-title":"5G; NG-RAN; architecture description; (Release 16)","year":"2020"},{"key":"ref10","volume-title":"Security architecture and procedures for 5G system; (Release 17)","year":"2021"},{"key":"ref11","volume-title":"NR and NR-RAN overall description, stage 2; (Release 17)","year":"2021"},{"key":"ref12","volume-title":"Group services and system aspects;procedures for the 5G system 5GS; stage 2; (Release 17)","year":"2021"},{"key":"ref13","volume-title":"NG-RAN; xn application protocol (XnAP); (Release 17)","year":"2023"},{"key":"ref14","volume-title":"3rd generation partnership project; technical specification group Radio Access Network; NG-RAN; F1 general aspects and principles; (Release 17)","year":"2022"},{"key":"ref15","volume-title":"Ng radio access network (NG-RAN); F1 interface user plane protocol (Release 15)","year":"2017"},{"key":"ref16","volume-title":"F1 application protocol (F1AP); (Release 17)","year":"2023"},{"key":"ref17","volume-title":"General packet radio system (GPRS) tunnelling protocol user plane (GTPv1-U); (Release 17)","year":"2023"},{"key":"ref18","volume-title":"NG-RAN ng application protocol (NGAP); (Release 17)","year":"2023"},{"key":"ref19","volume-title":"Digital cellular telecommunications system (phase 2) GSM UMTS LTE 5G; (Release 15)","year":"2019"},{"key":"ref20","volume-title":"5G system; technical realization of service based architecture; stage 3; (Release 17)","year":"2022"},{"key":"ref21","volume-title":"Digital cellular telecommunications system (phase 2+GSM; Universal Mobile Telecommunications System UTMS; LTE; Service accessibility; (Release 16)","year":"2020"},{"key":"ref22","volume-title":"An Introduction to Information Security, Revision 1","author":"Michael Nieles","year":"2017"},{"key":"ref23","volume-title":"Computer Security: Principles and Practice","volume":"2","author":"Stallings","year":"2012"},{"key":"ref24","doi-asserted-by":"crossref","DOI":"10.1002\/9781119293071","volume-title":"A Comprehensive Guide to 5G Security","author":"Liyanage","year":"2018"},{"key":"ref25","doi-asserted-by":"crossref","DOI":"10.1016\/j.comnet.2020.107345","article-title":"5G in the Internet of Things era: An overview on security and privacy challenges","volume":"179","author":"Sicari","year":"2020","journal-title":"Comput. Netw."},{"key":"ref26","doi-asserted-by":"crossref","first-page":"171","DOI":"10.1016\/B978-0-08-103009-7.00008-9","article-title":"Chapter 8-security","volume-title":"5G Core Networks","author":"Rommer","year":"2020"},{"key":"ref27","first-page":"29","article-title":"Strategies for threat modeling","volume-title":"Threat Modeling: Designing for Security","author":"Shostack","year":"2014"},{"key":"ref28","volume-title":"Cyber Threat Modeling: Survey, Assessment, and Representative Framework","author":"Bodeau","year":"2018"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1109\/5GWF52925.2021.00050"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2021.3109564"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2021.3108618"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1145\/3558482.3581776"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1145\/3507657.3528559"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1145\/3558482.3581777"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2019.2951818"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2019.2933899"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243846"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1007\/s11277-021-08200-0"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2022.3151000"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2021.3067807"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2019.2916180"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.2997702"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2018.2859449"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2018.2815638"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1007\/s11227-012-0831-5"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1109\/CSCN.2017.8088621"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1145\/3372938.3372967"},{"key":"ref48","doi-asserted-by":"publisher","DOI":"10.1109\/5GWF49715.2020.9221122"},{"issue":"12","key":"ref49","doi-asserted-by":"crossref","first-page":"1819","DOI":"10.3390\/electronics11121819","article-title":"A layered approach to threat modeling for 5G-based systems","volume":"11","author":"Farooqui","year":"2022","journal-title":"Electronics"},{"key":"ref50","volume-title":"5G; Security architecture and procedures for 5G system; (Release 16), Version 16.3.0","year":"2019"},{"key":"ref51","volume-title":"Itu-tx. 1811: Security Guidelines for Applying Quantum-Safe Algorithms in IMT-2020 Systems, Network security","year":"2021"},{"key":"ref52","volume-title":"Security Algorithm Implementation Roadmap Version 1.0","year":"2020"},{"key":"ref53","doi-asserted-by":"crossref","DOI":"10.17487\/rfc5448","volume-title":"Improved extensible authentication protocol method for 3rd generation authentication and key agreement (EAP-AKA\u2019)","author":"Arkko","year":"2009"},{"key":"ref54","volume-title":"Perfect-forward secrecy for the extensible authentication protocol method for authentication and key agreement (EAP-AKA\u2019 PFS)","author":"Arkko","year":"2019"},{"key":"ref55","doi-asserted-by":"crossref","DOI":"10.17487\/RFC9190","volume-title":"EAP-TLS 1.3: Using the extensible authentication protocol with TLS 1.3","author":"Mattsson","year":"2022"},{"key":"ref56","volume-title":"PEAA: Privacy-enhanced access authentication scheme in 5G","author":"Lyu","year":"2021"},{"key":"ref57","volume-title":"Security assurance specification (SCAS) threats and critical assets in 3GPP network product classes; (Release 16), Version 16.5.0","year":"2022"},{"key":"ref58","volume-title":"Non-access-stratum (NAS) protocol for 5G system (5GS); (Release 17), Version 17.7.1","year":"2022"},{"key":"ref59","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00038"},{"key":"ref60","doi-asserted-by":"publisher","DOI":"10.22667\/JISIS.2020.05.31.001"},{"key":"ref61","volume-title":"Security assurance specification SCAS for the next generation NodeB (gNodeB) network product class; (Release 17)","year":"2021"},{"key":"ref62","volume-title":"5G security assurance specification (SCAS), access and mobility management function (AMF); (Release 17)","year":"2022"},{"key":"ref63","volume-title":"Security assurance specification (SCAS) for the next generation Node B (gNodeB) network product class; (Release 16)","year":"2021"},{"key":"ref64","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2019.00041"},{"key":"ref65","doi-asserted-by":"publisher","DOI":"10.1145\/3448300.3467826"},{"key":"ref66","doi-asserted-by":"crossref","DOI":"10.1016\/j.comnet.2021.108137","article-title":"IMSI catchers in the wild: A real world 4G\/5G assessment","volume":"194","author":"Palam\u00e0","year":"2021","journal-title":"Comput. Netw."},{"key":"ref67","volume-title":"IP-TFS: Aggregation and fragmentation mode for ESP and its use for IP traffic flow security","author":"Hopps","year":"2021"},{"key":"ref68","volume-title":"Wrapped encapsulating security payload (ESP) for traffic visibility","author":"Bhatia","year":"2010"},{"key":"ref69","doi-asserted-by":"crossref","DOI":"10.17487\/RFC8229","volume-title":"TCP encapsulation of IKE and IPsec packets","author":"Pauly","year":"2017"},{"key":"ref70","volume-title":"Group key management using IKEv2","author":"Smyslov","year":"2022"},{"key":"ref71","doi-asserted-by":"crossref","DOI":"10.17487\/RFC9242","volume-title":"Intermediate exchange in the Internet key exchange protocol version 2 (IKEv2)","author":"Smyslov","year":"2022"},{"key":"ref72","volume-title":"Multiple key exchanges in IKEv2","author":"Tjhai ET AL","year":"2022"},{"key":"ref73","doi-asserted-by":"crossref","DOI":"10.17487\/RFC9147","volume-title":"The datagram transport layer security (DTLS) protocol version 1.3","author":"Rescorla","year":"2022"},{"key":"ref74","volume-title":"Baseline Security Controls Version 2.0","year":"2020"},{"key":"ref75","doi-asserted-by":"publisher","DOI":"10.1002\/9781119560302.ch1"},{"key":"ref76","volume-title":"Study on security for next radio (nr) integrated access and backhaul (IAB) (Release 17)","year":"2022"},{"key":"ref77","doi-asserted-by":"publisher","DOI":"10.1109\/ICSCCC.2018.8703355"},{"key":"ref78","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2019.2899254"},{"key":"ref79","doi-asserted-by":"publisher","DOI":"10.1186\/s13638-022-02204-5"},{"key":"ref80","volume-title":"3rd generation partnership project; technical specification group services and system aspects; security aspects; study on security aspects of the 5G service based architecture SBA; (Release 16), Version 16.1.0","year":"2020"},{"key":"ref81","volume-title":"The transport layer security (TLS) protocol version 1.3","author":"Rescorla","year":"8446"},{"key":"ref82","volume-title":"NFV Security in 5G: Challenges and Best Practices","year":"2022"},{"key":"ref83","volume-title":"Catalogue of general security assurance requirements; (Release 16), Version 16.7.0","year":"2021"},{"key":"ref84","volume-title":"NFV Security in 5G-Challenges and Best Practices","year":"2022"},{"key":"ref85","volume-title":"Network domain security NDS; IP network layer security; (Release 17)","year":"2021"},{"key":"ref86","volume-title":"Report 5G Mobile Roaming Revisited (5gmrr) Phase 1 Version 2.0","year":"2022"},{"key":"ref87","volume-title":"Key Management for 4G and 5G Inter-PLMN Security Version 1.0","year":"2020"},{"key":"ref88","doi-asserted-by":"publisher","DOI":"10.17487\/RFC7516"},{"key":"ref89","doi-asserted-by":"publisher","DOI":"10.1145\/3558482.3581774"},{"key":"ref90","doi-asserted-by":"publisher","DOI":"10.1109\/TNSM.2023.3294568"},{"key":"ref91","doi-asserted-by":"publisher","DOI":"10.1109\/TNSM.2023.3254581"},{"key":"ref92","doi-asserted-by":"publisher","DOI":"10.1109\/TNSM.2020.3035342"},{"key":"ref93","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23236"},{"key":"ref94","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2020.2974520"},{"key":"ref95","doi-asserted-by":"publisher","DOI":"10.1109\/OJCOMS.2021.3078081"}],"container-title":["IEEE Communications Surveys &amp; Tutorials"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/9739\/10762797\/10472310.pdf?arnumber=10472310","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,11,26]],"date-time":"2024-11-26T19:08:23Z","timestamp":1732648103000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10472310\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"references-count":95,"journal-issue":{"issue":"4"},"URL":"https:\/\/doi.org\/10.1109\/comst.2024.3377161","relation":{"has-preprint":[{"id-type":"doi","id":"10.36227\/techrxiv.24069600.v1","asserted-by":"object"}]},"ISSN":["1553-877X","2373-745X"],"issn-type":[{"value":"1553-877X","type":"electronic"},{"value":"2373-745X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024]]}}}