5G Core and NFVI Network Function Virtualization Infrastructure Penetration Testing: Simulating an Inside Cloud Attack

Altariqi, Bandar Ibrahim M

4. term

Networks and Distributed Systems, Master

2020

2020-06-15

This project is a master thesis in collaboration with Keysight Technologies in Denmark. It aims to test 5G core (NFVI) components by penetration from inside the cloud with the goal of discovering the worst-case scenario (the cloud out of service). It also studies the topic from an attacker's point of view, where the attacker might have infected some components, or vulnerability might be present, allowing an attacker to get in. To simplify, I basically donate it as an attacker and assume that the attacker is in place. The testing, as assumed, starts from an infected VM, and then identifies the target component with a scan tool like "nmap". And finally, it uses different attack tools to launch the attacks. Also, this project utilizes a variety of attack tools to test cloud security by examining firewalls and intrusion detection systems if they can identify malicious traffic from legitimate traffic. These tests were performed in two different clouds, a local cloud that is more development and sandbox oriented, and a remote cloud that's focused on deploying a 5G core that is close to production and with more robust security. Using smart attack tools, I was successfully able to attack some critical components that make the cloud in a denial of service state, even though a firewall/IDS was in place during the tests. As a solution, middleware is needed to separate the infrastructure's components from the rest of the cloud by deploying a firewall/IDS with load-balancer to prevent attacks from reaching any critical entity.

Download
View record in AAU Student Projects