5G Network Security Practices: An Overview and Survey
Fatema Bannat Wala, Mariam Kiran
TL;DR
The paper surveys 5G security architecture, functions, and protective measures, detailing mutual authentication, encryption/integrity, service-based interface protection, roaming safeguards, and subscriber identity protection. It then collates ENISA-inspired best-practice guidance across policy, organizational, and technical dimensions, highlighting Zero Trust, vulnerability management, testing, physical security, trust models, SLAs, monitoring, privacy, and logging. A discussion of security risks contrasts non-standalone NSA deployments with planned standalone SA-NR, noting new attack surfaces as 5G expands to IoT and supply-chain use cases. The work underscores the practical need for secure deployment, ongoing risk assessment, and alignment with future protocols (e.g., QUIC/HTTP3) and Zero-Trust architectures to maximize 5G security in real-world networks.
Abstract
This document provides an overview of 5G network security, describing various components of the 5G core network architecture and what kind of security services are offered by these 5G components. It also explores the potential security risks and vulnerabilities presented by the security architecture in 5G and recommends some of the best practices for the 5G network admins to consider while deploying a secure 5G network, based on the surveyed documents from the European government's efforts in commercializing the IoT devices and securing supply chain over 5G networks.