With the advent of the fifth generation (5G) technology, a plethora of revolutionary applications can now be supported. This tremendous growth will be certainly accompanied by a wider and fast-evolving security threat landscape, especially when the potential of massive devices connectivity will be fully unleashed. In this paper, we outline the security challenges faced by the 5G radio access network (5G-RAN) control plane as a result of the functional and architectural enhancements made at the radio resource control (RRC) protocol layer. We correspondingly analyze the dynamics of the new 5G RRC three-states model for a machine-type traffic pattern under an attack-free situation. Afterwards, we introduce and describe two RRC-based denial of service (DoS) attacks threatening the 5G-RAN resources availability. In the first threat scenario, the attacker maliciously manipulates the timing of state transitions in an attempt to overload the control plane. The second attack can be carried out through faking huge on-demand system information requests to prevent legitimate consumers from access to the cell and cause failed and interrupted 5G mobile services. Through numerical simulations, we measure the potential impact of these attacks on both 5G devices using the collision probability along with the access delay metrics, and on the critical gNB-centralized unit using the signaling overhead and the resource occupancy time metrics. Our observations reveal that both attacks can have disastrous effects on network stability and resiliency. Finally, some promising solutions are listed, with a special emphasis on injecting randomness into system parameters to complicate the task of designing such DoS attacks.

随着第五代 (5G) 技术的出现，现在可以支持大量革命性的应用程序。这种巨大的增长肯定会伴随着更广泛和快速发展的安全威胁格局，尤其是当大规模设备连接的潜力将得到充分释放时。在本文中，我们概述了 5G 无线电接入网络 (5G-RAN) 控制平面由于在无线电资源控制 (RRC) 协议层进行的功能和架构增强而面临的安全挑战。我们相应地分析了新的 5G RRC 三态模型在无攻击情况下机器类流量模式的动态。之后，我们介绍并描述了威胁 5G-RAN 资源可用性的两种基于 RRC 的拒绝服务 (DoS) 攻击。在第一个威胁场景中，攻击者恶意操纵状态转换的时间以试图使控制平面过载。第二种攻击可以通过伪造庞大的按需系统信息请求来进行，以阻止合法消费者访问蜂窝并导致5G移动服务失败和中断。通过数值模拟，我们使用碰撞概率和接入延迟度量来衡量这些攻击对 5G 设备的潜在影响，并使用信令开销和资源占用时间度量来衡量这些攻击对关键 gNB 集中单元的潜在影响。我们的观察表明，这两种攻击都会对网络稳定性和弹性产生灾难性的影响。最后，列出了一些有前途的解决方案，