From 5G to 6G: A Survey on Security, Privacy, and Standardization Pathways (2410.21986v1)
Abstract: The vision for 6G aims to enhance network capabilities with faster data rates, near-zero latency, and higher capacity, supporting more connected devices and seamless experiences within an intelligent digital ecosystem where AI plays a crucial role in network management and data analysis. This advancement seeks to enable immersive mixed-reality experiences, holographic communications, and smart city infrastructures. However, the expansion of 6G raises critical security and privacy concerns, such as unauthorized access and data breaches. This is due to the increased integration of IoT devices, edge computing, and AI-driven analytics. This paper provides a comprehensive overview of 6G protocols, focusing on security and privacy, identifying risks, and presenting mitigation strategies. The survey examines current risk assessment frameworks and advocates for tailored 6G solutions. We further discuss industry visions, government projects, and standardization efforts to balance technological innovation with robust security and privacy measures.
- 2017. Annual activity report. (2017). https://www.enisa.europa.eu/publications/corporate-documents/enisa-annual-activity-report-2017
- 2021. Fact Sheet: U.S.-Japan Competitiveness and Resilience (CoRe) Partnership. (2021). https://www.whitehouse.gov/briefing-room/statements-releases/2021/04/16/fact-sheet-u-s-japan-competitiveness-and-resilience-core-partnership/
- 2021. O-RAN: Disrupting the virtualized RAN ecosystem. IEEE Communications Standards Magazine 5, 4 (December 2021), 96–103. https://ieeexplore.ieee.org/document/9579445
- 2022. Ericsson in multi-million GBP 6G research program investment in the UK. (2022). https://www.ericsson.com/en/press-releases/3/2022/ericsson-in-multi-million-gbp-6g-research-program-investment-in-the-uk
- 2022. Executive Summary. (2022). https://www.itu.int/en/ITU-T/studygroups/2022-2024/17/Pages/Sep22-summary.aspx
- 2022. Industry safety. https://securityintelligence.com/news/us-congress-approves-american-cybersecurity-act/
- 2022. InterDigital Awarded Five Horizon Europe 6G Flagship Projects Targeting Revolutionary Technology Advancement and Experimental Infrastructures. (2022). InterDigitalAwardedFiveHorizonEurope6GFlagshipProjectsTargetingRevolutionaryTechnologyAdvancementandExperimentalInfrastructures
- 2022a. Nokia to lead German 6G lighthouse project. (2022). https://www.nokia.com/about-us/news/releases/2022/07/11/nokia-to-lead-german-6g-lighthouse-project/
- 2022b. Nokia to lead the next phase of Europe’s 6G flagship project. (2022). https://www.nokia.com/about-us/news/releases/2022/10/07/nokia-to-lead-the-next-phase-of-europes-6g-flagship-project/
- 2022. Nokia to open new 5G and 6G research and development center in Portugal. (2022). https://www.nokia.com/about-us/news/releases/2022/11/28/nokia-to-open-new-5g-and-6g-research-and-development-center-in-portugal/
- 2022. Statement on 5G/Open RAN Information Sharing and Telecommunications Resilience and Security. (2022). https://minister.homeaffairs.gov.au/ClareONeil/Pages/joint-statement-5gopen-ran-between-us-australia.aspx
- 2022. UK/Republic of Korea Open RAN R&D collaboration. (2022). https://www.gov.uk/guidance/ukrepublic-of-korea-open-ran-rd-collaboration
- 2023. 3GPP Releases. https://www.3gpp.org/specifications-technologies/releases Accessed: 2023-01-02.
- 2023. Directive on measures for a high common level of cybersecurity across the Union (NIS2 Directive). (2023). https://digital-strategy.ec.europa.eu/en/policies/nis2-directive
- 2023. Interoperable EU Risk Management Toolbox. (2023). https://www.enisa.europa.eu/publications/interoperable-eu-risk-management-toolbox
- 2023. New EU project DETERMINISTIC6G to develop critical parts of next generation 6G networks. (2023). https://www.ericsson.com/en/press-releases/3/2023/new-eu-project-deterministic6g-to-develop-critical-parts-of-next-generation-6g-networks
- 2023. The Smart Networks and Services Joint Undertaking. (2023). https://digital-strategy.ec.europa.eu/en/policies/smart-networks-and-services-joint-undertaking
- 2023. TISRIM. (2023). https://www.list.lu/en/technology-porfolio/technology/tisrim/
- 2024. GSMA Intelligence. (2024). https://www.gsmaintelligence.com/
- 2024. GSMA Network Equipment Security Assurance Scheme (NESAS). (2024). https://www.gsma.com/security/network-equipment-security-assurance-scheme/
- 2024. International Telecommunication Union (ITU). (2024). https://en.wikipedia.org/wiki/International_Telecommunication_Union
- 2024. Mobile World Live. (2024). https://www.mobileworldlive.com/
- 2024. Thanks for making MWC Barcelona 2024 a huge success! (2024). https://www.mwcbarcelona.com/
- 2024. Unifying the mobile ecosystem and related industries. (2024). https://www.gsma.com/aboutus/
- 2024. The United Nations. (2024). https://en.wikipedia.org/wiki/United_Nations
- ]germany6g-report 6G.Next. [n. d.]. 6G Native Extensions for XR Technologies. https://6gnext.de/
- Security requirements and challenges of 6G technologies and applications. Sensors 22, 5 (2022), 1969.
- Ako Muhamad Abdullah et al. 2017. Advanced encryption standard (AES) algorithm to encrypt and decrypt data. Cryptography and Network Security 16, 1 (2017), 11.
- Security and resilience in 5G: Current challenges and future directions. In 2017 IEEE Trustcom/BigDataSE/ICESS. IEEE, 1010–1015.
- Crystals-kyber. NIST, Tech. Rep (2017).
- Security risk assessment for 5G networks: National perspective. IEEE Wireless communications 27, 4 (2020), 16–22.
- Daniel J Bernstein. 2020. A discretization attack. Cryptology ePrint Archive (2020).
- The SPHINCS+ signature framework. In Proceedings of the 2019 ACM SIGSAC conference on computer and communications security. 2129–2146.
- Deep packet inspection as a service. In Proceedings of the 10th ACM International on Conference on emerging Networking Experiments and Technologies. 271–282.
- DeepAttest: An End-to-End Attestation Framework for Deep Neural Networks. In 2019 ACM/IEEE 46th Annual International Symposium on Computer Architecture (ISCA). 487–498.
- POTENTIAL THREAT VECTORS TO 5G INFRASTRUCTURE’. CISA. https://www.cisa.gov/sites/default/files/publications/potential-threat-vectors-5G-infrastructure_508_v2_0%20%281%29.pdf
- European Commission. 2023. INtelligent Security and PervasIve tRust for 5G and Beyond (INSPIRE-5Gplus). https://cordis.europa.eu/project/id/871808. Accessed: 2024-09-17.
- European Commission. 2024. EU Toolbox on 5G Security. https://digital-strategy.ec.europa.eu/en/library/eu-toolbox-5g-security. Accessed: 2024-09-17.
- EU toolbox for 5G security – A set of robust and comprehensive measures for an EU coordinated approach to secure 5G networks. Publications Office of the European Union. https://doi.org/doi/10.2759/048142
- UK to accelerate research on 5G and 6G technology as part of £110 million telecoms R and D package. https://www.gov.uk/government/news/uk-to-accelerate-research-on-5g-and-6g-technology-as-part-of-110-million-telecoms-r-and-d-package
- NTT DOCOMO, Fujitsu and NEC. 2024. DOCOMO, NTT, NEC and Fujitsu Develop Top-level Sub-terahertz 6G Device Capable of Ultra-high-speed 100 Gbps Transmission. https://www.fujitsu.com/global/about/resources/news/press-releases/2024/0411.html. Accessed: 2024-09-17.
- ENISA. 2021a. ENISA Interoperable EU Risk Management Framework. ENISA. https://www.enisa.europa.eu/publications/interoperable-eu-risk-management-framework
- ENISA. 2021b. IT SECURITY RISK MANAGEMENT METHODOLOGY V1.2. ENISA. https://ec.europa.eu/info/publications/security-standards-applying-all-european-commission-information-systems_en
- Karsten Friis and Olav Lysne. 2021. Huawei, 5G and security: Technological limitations and political responses. Development and change 52, 5 (2021), 1174–1195.
- Jonaki Ghosh. 2012. The birthday paradox. At Right Angles 1, 1 (2012), 39–42.
- Raiful Hasan and Ragib Hasan. 2021. Towards a threat model and security analysis of video conferencing systems. In 2021 IEEE 18th Annual Consumer Communications & Networking Conference (CCNC). IEEE, 1–4.
- The European Union general data protection regulation: what it is and what it means. Information & Communications Technology Law 28, 1 (2019), 65–98.
- Luxembourg Regulatory Institute (ILR). 2020. SERIMA: A NEW RISK ANALYSIS PLATFORM FOR TELECOMMUNICATIONS OPERATORS. ILR. https://www.list.lu/en/news/a-new-risk-analysis-platform-for-telecommunications-operators/
- IMT-2030 (6G) Promotion Group. 2021. White Paper on 6G Vision and Candidate Technologies. http://www.caict.ac.cn/kxyj/qwfb/ztbg/202106/P020210604552573543918.pdf
- Infocomm Media Development Authority, Singapore. 2022. Advancing Singapore’s 6G future and talent, IMDA partners SUTD to launch the first 6G R&D lab in Southeast Asia. https://www.imda.gov.sg/Content-and-News/Press-Releases-and-Speeches/Press-Releases/2022/Advancing-Singapores-6G-future-and-talent---IMDA-partners-SUTD-to-launch-the-first-6G-Research-and-Development-lab-in-Southeast-Asia
- Joint Task Force Transformation Initiative. 2012. Guide for Conducting Risk Assessments (NIST SP 800-30r1). Technical Report. NIST.
- Toward 6G Security: Technology Trends, Threats, and Solutions. IEEE Communications Standards Magazine 5, 3 (2021), 64–71.
- STRIDE-based threat modeling for cyber-physical systems. In 2017 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe). IEEE, 1–6.
- Hwankuk Kim. 2020. 5G core network security issues and attack classification from network protocol perspective. J. Internet Serv. Inf. Secur. 10, 2 (2020), 1–15.
- Markku Kylänpää and Aarne Rantala. 2016. Remote attestation for embedded systems. In Security of Industrial Control Systems and Cyber Physical Systems: First Workshop, CyberICS 2015 and First Workshop, WOS-CPS 2015 Vienna, Austria, September 21–22, 2015 Revised Selected Papers 1. Springer, 79–92.
- Open RAN Risk Analysis. Technical Report. 5GRANR.
- On the security of 6G use cases: Threat Analysis of’All-Senses Meeting’. In 2022 IEEE 19th Annual Consumer Communications & Networking Conference (CCNC). IEEE, 1–6.
- Leverage Variational Graph Representation for Model Poisoning on Federated Learning. IEEE Transactions on Neural Networks and Learning Systems (2024), 1–13. https://doi.org/10.1109/TNNLS.2024.3394252
- Data-Agnostic Model Poisoning Against Federated Learning: A Graph Autoencoder Approach. IEEE Transactions on Information Forensics and Security 19 (2024), 3465–3480. https://doi.org/10.1109/TIFS.2024.3362147
- MC Liberatori and Juan Carlos Bonadero. 2007. AES-128 cipher: Minimum area, low cost FPGA implementation. Latin American applied research 37, 1 (2007), 71–77.
- Reinforcement learning-based physical cross-layer security and privacy in 6G. IEEE Communications Surveys & Tutorials 25, 1 (2022), 425–466.
- Crystals-dilithium. Algorithm Specifications and Supporting Documentation (2020).
- Security and privacy on 6g network edge: A survey. IEEE communications surveys & tutorials (2023).
- Ministry of Internal Affairs and Communication, Japan. 2020. Beyond 5G Promotion Strategy Roundtable Recommendations. https://www.soumu.go.jp/main_sosiki/joho_tsusin/eng/presentation/pdf/Beyond_5G_Promotion_Strategy_Roundtable_Recommendations.pdf
- ]korea6g-report Ministry of Science and ICT, Korea. [n. d.]. 2021 Action Plan for Digital New Deal. https://english.msit.go.kr/eng/bbs/view.do?sCode=eng&mId=4&mPid=2&pageIndex=&bbsSeqNo=42&nttSeqNo=483&searchOpt=ALL&searchTxt=6g
- Preben Mogensen and Harish Viswanathan. 2020. Communications in the 6G era. https://www.bell-labs.com/institute/white-papers/communications-6g-era-white-paper/
- Security and privacy for reconfigurable intelligent surface in 6G: A review of prospective applications and challenges. IEEE Open Journal of the Communications Society (2023).
- Next G Alliance. 2022. 6G Market Development: A North American Perspective. https://www.nextgalliance.org/wp-content/uploads/dlm_uploads/2022/07/NGA-Perspective-Brochure-V6.pdf
- Security and privacy for 6G: A survey on prospective technologies and challenges. IEEE Communications Surveys & Tutorials 23, 4 (2021), 2384–2428.
- NTT DoCoMo. 2020. 5G Evolution and 6G. https://www.docomo.ne.jp/english/binary/pdf/corporate/technology/whitepaper_6g/DOCOMO_6G_White_PaperEN_20200124.pdf
- 5G-ENSURE Deliverable D2.1 “Use Cases”. Technical Report. European Commission (EU).
- Yen Ocampo. 2022. Singapore to Launch the First 6G R&D Lab in Southeast Asia. https://opengovasia.com/singapore-to-launch-the-first-6g-rd-lab-in-southeast-asia/
- U.S. Department of Defense. 2022. Three New Projects for DoD’s Innovate Beyond 5G Program. https://www.defense.gov/News/Releases/Release/Article/3114220/three-new-projects-for-dods-innovate-beyond-5g-program/. Accessed: 2024-09-17.
- Academy of Finland. 2024. 6G Flagship Programme. https://www.aka.fi/en/research-funding/programmes-and-other-funding-schemes/flagship-programme/6g-flagship/. Accessed: 2024-09-17.
- University of Texas at Austin. 2021. New 6G Research Center Unites Industry Leaders and UT Wireless Experts. https://news.utexas.edu/2021/07/07/new-6g-research-center-unites-industry-leaders-and-ut-wireless-experts/. Accessed: 2024-09-17.
- Towards 6G-enabled internet of vehicles: Security and privacy. IEEE Open Journal of the Communications Society 3 (2022), 82–105.
- Barry Pollard. 2019. HTTP/2 in Action. Simon and Schuster.
- 6G security challenges and potential solutions. In 2021 Joint European Conference on Networks and Communications & 6G Summit (EuCNC/6G Summit). IEEE, 622–627.
- The roadmap to 6G security and privacy. IEEE Open Journal of the Communications Society 2 (2021), 1094–1122. https://ieeexplore.ieee.org/document/9426946
- 6G security challenges and potential solutions. Joint European Conference on Networks and Communications & 6G Summit (June 2021). https://ieeexplore.ieee.org/document/9482609
- Falcon. Post-Quantum Cryptography Project of NIST (2020).
- Qualcomm. 2022. Why and what you need to know about 6G in 2022. https://www.qualcomm.com/content/dam/qcomm-martech/dm-assets/documents/web-why-and-what-you-need-to-know-about-6G-in-2022.pdf
- Security and privacy vulnerabilities of 5G/6G and WiFi 6: Survey and research directions from a coexistence perspective. Computer Networks 221 (2023), 109515.
- Jonathan Reed. 2024. US Congress approves Strengthening American Cybersecurity Act. https://environment.ec.europa.eu/topics/industrial-emissions-and-safety/industrial-accidents_en
- Samsung Research. 2019. Samsung Research Establishes Advanced Communications Research Center (ACRC). https://www.samsung.com/global/research/. Accessed: 2024-09-17.
- Samsung Research. 2022. Samsung Research Announces Creation of New 6G Research Group in the UK. https://www.samsung.com/global/research/. Accessed: 2024-09-17.
- Samsung Research. 2020. The Next Hyper-Connected Experience for All. https://cdn.codeground.org/nsr/downloads/researchareas/20201201_6G_Vision_web.pdf
- Martin Sauter. 2021. From GSM to LTE-Advanced Pro and 5G, Fourth Edition. Wiley.
- Adi Shamir and Eran Tromer. 2003. On the cost of factoring RSA-1024. RSA CryptoBytes 6, 2 (2003), 10–19.
- A review on Privacy and Security in 6G Networks. In 2021 International Conference on Forensics, Analytics, Big Data, Security (FABS), Vol. 1. IEEE, 1–6.
- Federated learning for 6G-enabled secure communication systems: a comprehensive survey. Artificial Intelligence Review (2023), 1–93.
- Sasha Sirotkin (Ed.). 2021. 5G Radio Access Network Architecture. Wiley.
- Can open and AI-enabled 6G RAN be secured? IEEE Consumer Electronics Magazine 11, 6 (November 2022), 11–12. https://ieeexplore.ieee.org/document/9881863
- Wireless environment as a service enabled by reconfigurable intelligent surfaces: The RISE-6G perspective. In 2021 Joint European Conference on Networks and Communications & 6G Summit (EuCNC/6G Summit). IEEE, 562–567. https://ieeexplore.ieee.org/document/9482474
- National Telecommunications and Information Administration (NTIA). 2021. National Strategy to Secure 5G Implementation Plan. https://www.ntia.gov/files/ntia/publications/2021-1-12_115445_national_strategy_to_secure_5g_implementation_plan_and_annexes_a_f_final.pdf. Accessed: 2024-09-17.
- ]india-report TSDSI. [n. d.]. Telecommunications Standards Development Society, India. https://tsdsi.in
- Mikko Uusitalo. 2022. European 6G Flagship Hexa-X update. https://hexa-x.eu/wp-content/uploads/2022/06/Mikko-Uusitalo-1570805677-final.pdf
- Security and privacy in 6G networks: New areas and new challenges. Digital Communications and Networks 6, 3 (2020), 281–291.
- Towards Intelligent and Adaptive Task Scheduling for 6G: An Intent-Driven Framework. IEEE Transactions on Cognitive Communications and Networking (2024), 1–1. https://doi.org/10.1109/TCCN.2024.3391318
- Gustav Wikström et al. 2022. 6G - Connecting a Cyber-Physical World. https://www.ericsson.com/en/reports-and-papers/white-papers/a-research-outlook-towards-6g
- 6G white paper: Research challenges for trust, security and privacy. arXiv preprint arXiv:2004.11665 (April 2020). https://arxiv.org/abs/2004.11665
- Takeuchi Yoshiaki. 2022. Roadmap for the Realization of Beyond 5G. https://www.soumu.go.jp/main_sosiki/joho_tsusin/eng/presentation/pdf/Roadmap_for_the_Realization_of_Beyond_5G.pdf
- Empowering Reconfigurable Intelligent Surfaces with Artificial Intelligence to Secure Air-To-Ground Internet-of-Things. IEEE Internet of Things Magazine 7, 2 (2024), 14–21. https://doi.org/10.1109/IOTM.001.2300129
- Detecting Poisoning Attacks on Federated Learning Using Gradient-Weighted Class Activation Mapping. In Companion Proceedings of the ACM on Web Conference 2024 (Singapore, Singapore) (WWW ’24). Association for Computing Machinery, New York, NY, USA, 714–717. https://doi.org/10.1145/3589335.3651490
- 6G architecture to connect the worlds. IEEE Access 8 (September 2020), 173508–173520. https://ieeexplore.ieee.org/document/9200631