Development of a method for automated 5G and beyond network slices penetration testing

• Published in: Radìoelektronnì ì komp'ûternì sistemi (Online) Vol. 2025; no. 1; pp. 248 - 263
• Main Authors: Odarchenko, Roman, Iavich, Maksim, Pinchuk, Alla
• Format: Journal Article
• Language: English
• Published: National Aerospace University «Kharkiv Aviation Institute 20.02.2025
• Subjects: 5g and beyond; 5g security.s; automate penetration testing; automated testing framework; penetration testing
• ISSN: 1814-4225; 2663-2012; 2663-2012
• DOI: 10.32620/reks.2025.1.17

The subject of this article is penetration testing methodologies for 5G networks and beyond. The aim of this paper is to develop a methodology and software for automated penetration testing of the network infrastructure of next-generation cellular networks with a layered architecture. The tasks to be solved are as follows: 1) to analyze existing penetration testing methods of 5G and beyond networks and research in this area; 2) to develop a new method for automated 5G and beyond network slices penetration testing; 3) to design and implement the methodology in the form of software for virtualize environments; 4) to develop a 5G test network architecture based on open-source solutions and methodology of experiments conducting; 5) to test and validate the solution effectiveness in detecting vulnerabilities and simulating realistic attack scenarios in the 5G test network environment. The following results were obtained: 1) the new method for automated 5G and beyond network slices penetration testing was developed, leveraging Genetic Algorithms to optimize attack strategies; 2) a software tool for automating penetration testing was implemented, enabling efficient detection of critical and high-severity vulnerabilities and simulating attacks in a complex 5G network environment; 3) a test network architecture was created for experimentation, enabling a controlled evaluation of the methodology; 4) the experimental results demonstrated the effectiveness and operability of the proposed method. Conclusions. The primary contribution of this research is the development of a methodology, which is implemented in software, to enhance and automate the penetration testing process. The results prove the operability and effectiveness of the proposed solutions, demonstrating improved vulnerability detection, optimized attack strategy generation, and a higher success rate of penetration tests in a complex network environment.