Authors: Mirza Masfiqur Rahman, Imtiaz Karim, Elisa Bertino
Abstract: In recent years, there has been a growing focus on scrutinizing the security
of cellular networks, often attributing security vulnerabilities to issues in
the underlying protocol design descriptions. These protocol design
specifications, typically extensive documents that are thousands of pages long,
can harbor inaccuracies, underspecifications, implicit assumptions, and
internal inconsistencies. In light of the evolving landscape, we introduce
CellularLint–a semi-automatic framework for inconsistency detection within the
standards of 4G and 5G, capitalizing on a suite of natural language processing
techniques. Our proposed method uses a revamped few-shot learning mechanism on
domain-adapted large language models. Pre-trained on a vast corpus of cellular
network protocols, this method enables CellularLint to simultaneously detect
inconsistencies at various levels of semantics and practical use cases. In
doing so, CellularLint significantly advances the automated analysis of
protocol specifications in a scalable fashion. In our investigation, we focused
on the Non-Access Stratum (NAS) and the security specifications of 4G and 5G
networks, ultimately uncovering 157 inconsistencies with 82.67% accuracy. After
verification of these inconsistencies on open-source implementations and 17
commercial devices, we confirm that they indeed have a substantial impact on
design decisions, potentially leading to concerns related to privacy,
integrity, availability, and interoperability.
Source: http://arxiv.org/abs/2407.13742v1
