Hyunwoo Lee (Ohio State University), Haohuang Wen (Ohio State University), Phillip Porras (SRI), Vinod Yegneswaran (SRI), Ashish Gehani (SRI), Prakhar Sharma (SRI), Zhiqiang Lin (Ohio State University)

The fifth-generation (5G) cellular network has advanced significantly, becoming a crucial component of modern communication. However, there are still many inherent security vulnerabilities in the 5G network standard, which advocates continuous research and development efforts. To this end, there are various open-source 5G software and public testbeds for 5G network testing and research. While those tools are valuable, users with limited expertise often struggle to deploy a 5G network and conduct sophisticated security testing with these platforms. To fill this gap, we introduce MOBIDOJO, the first virtual 5G security testing platform that supports one-click 5G deployment and security testing with web-based graphical user interfaces. MOBIDOJO is built on entirely virtual (i.e., no radio hardware required) open-source software - the OpenAirInterface’s 5G stack deployed as Docker containers, making it compatible with any commodity servers. Another critical capability of MOBIDOJO is its attack simulation plugins that allow users to execute existing attacks or create custom Packet Capture (PCAP)-based 5G attack payloads and test them within an isolated 5G test network. We anticipate MOBIDOJO could drive many valuable applications, including education, Capture-the-Flag (CTF) competitions, 5G security research, defense evaluation, etc., ultimately helping to improve the transparency and security of 5G networks.

View More Papers

Ghidra: Is Newer Always Better?

Jonathan Crussell (Sandia National Laboratories)

Read More

SafeSplit: A Novel Defense Against Client-Side Backdoor Attacks in...

Phillip Rieger (Technical University of Darmstadt), Alessandro Pegoraro (Technical University of Darmstadt), Kavita Kumari (Technical University of Darmstadt), Tigist Abera (Technical University of Darmstadt), Jonathan Knauer (Technical University of Darmstadt), Ahmad-Reza Sadeghi (Technical University of Darmstadt)

Read More

Automatic Insecurity: Exploring Email Auto-configuration in the Wild

Shushang Wen (School of Cyber Science and Technology, University of Science and Technology of China), Yiming Zhang (Tsinghua University), Yuxiang Shen (School of Cyber Science and Technology, University of Science and Technology of China), Bingyu Li (School of Cyber Science and Technology, Beihang University), Haixin Duan (Tsinghua University; Zhongguancun Laboratory), Jingqiang Lin (School of Cyber…

Read More

Decoupling Permission Management from Cryptography for Privacy-Preserving Systems

Ruben De Smet (Department of Engineering Technology (INDI), Department of Electronics and Informatics (ETRO), Vrije Universiteit Brussel), Tom Godden (Department of Engineering Technology (INDI), Vrije Universiteit Brussel), Kris Steenhaut (Department of Engineering Technology (INDI), Department of Electronics and Informatics (ETRO), Vrije Universiteit Brussel), An Braeken (Department of Engineering Technology (INDI), Vrije Universiteit Brussel)

Read More