Hyunwoo Lee (Ohio State University), Haohuang Wen (Ohio State University), Phillip Porras (SRI), Vinod Yegneswaran (SRI), Ashish Gehani (SRI), Prakhar Sharma (SRI), Zhiqiang Lin (Ohio State University)
The fifth-generation (5G) cellular network has advanced significantly, becoming a crucial component of modern communication. However, there are still many inherent security vulnerabilities in the 5G network standard, which advocates continuous research and development efforts. To this end, there are various open-source 5G software and public testbeds for 5G network testing and research. While those tools are valuable, users with limited expertise often struggle to deploy a 5G network and conduct sophisticated security testing with these platforms. To fill this gap, we introduce MOBIDOJO, the first virtual 5G security testing platform that supports one-click 5G deployment and security testing with web-based graphical user interfaces. MOBIDOJO is built on entirely virtual (i.e., no radio hardware required) open-source software - the OpenAirInterface’s 5G stack deployed as Docker containers, making it compatible with any commodity servers. Another critical capability of MOBIDOJO is its attack simulation plugins that allow users to execute existing attacks or create custom Packet Capture (PCAP)-based 5G attack payloads and test them within an isolated 5G test network. We anticipate MOBIDOJO could drive many valuable applications, including education, Capture-the-Flag (CTF) competitions, 5G security research, defense evaluation, etc., ultimately helping to improve the transparency and security of 5G networks.