Wild Networks: Exposure of 5G Network Infrastructures to Adversarial Examples

TL;DR

This paper introduces a novel adversarial ML threat model tailored for 5G networks, revealing vulnerabilities in ML applications that can compromise QoS without system compromise, and proposes a framework for realistic security assessment.

Contribution

The paper presents a new threat model for adversarial ML in 5G, applicable without system compromise, and offers a framework for assessing ML security using public data.

Findings

Attacks affect both training and inference stages.

Vulnerabilities impact state-of-the-art ML systems.

Attacks have a lower entry barrier than previous methods.

Abstract

Fifth Generation (5G) networks must support billions of heterogeneous devices while guaranteeing optimal Quality of Service (QoS). Such requirements are impossible to meet with human effort alone, and Machine Learning (ML) represents a core asset in 5G. ML, however, is known to be vulnerable to adversarial examples; moreover, as our paper will show, the 5G context is exposed to a yet another type of adversarial ML attacks that cannot be formalized with existing threat models. Proactive assessment of such risks is also challenging due to the lack of ML-powered 5G equipment available for adversarial ML research. To tackle these problems, we propose a novel adversarial ML threat model that is particularly suited to 5G scenarios, and is agnostic to the precise function solved by ML. In contrast to existing ML threat models, our attacks do not require any compromise of the target 5G system while still being viable due to the QoS guarantees and the open nature of 5G networks. Furthermore, we propose an original framework for realistic ML security assessments based on public data. We proactively evaluate our threat model on 6 applications of ML envisioned in 5G. Our attacks affect both the training and the inference stages, can degrade the performance of state-of-the-art ML systems, and have a lower entry barrier than previous attacks.