隨著電信網路和IIoT(工業物聯網)技術的快速發展，不僅人們的電話通訊將受到重大影響，工廠的設備連線也將面臨轉變。面對這些變化，台灣四大電信業者正積極部署基地台以應對這些挑戰，同時推出了VoWiFi通話服務來確保客戶的訊號品質及覆蓋範圍。然而，當用戶連接至不受信任的Wi-Fi網路時，他們可能面臨安全風險，例如中間人攻擊或是封包分析攻擊等。因此為了評估VoWiFi服務的安全性，我們採用了ARP攻擊方法來揭示其漏洞，並提出了兩種防範策略：一是針對應用程式和裝置製造商的防攻擊演算法；二是建議電信業者實施符合3GPP標準的檢測機制。此外，隨著工業控制系統智慧化和IIoT技術的演進，網路安全顯得尤為重要。本研究使用Arduino和Raspberry Pi模擬工業控制系統以設置蜜罐來吸引駭客攻擊。通過模擬真實感測器的信號，我們能有效地欺騙駭客，同時記錄其攻擊模式，以防止未來類似得威脅發生。這項研究不僅強調在B5G/6G和IIoT環境下維護網路安全的重要性，也提供了實用的解決方案來應對這些新興的安全挑戰。

With the rapid development of telecom networks and IIoT (Industrial Internet of Things) technology, people's phone communications will be significantly affected. Factory equipment connections will also face changes, and with these changes, Taiwan's four major telecom operators are actively deploying base stations to meet these challenges and have also launched VoWiFi calling services to ensure customer signal quality and coverage. However, users may face security risks when they connect to untrusted Wi-Fi networks. In order to evaluate the security of VoWiFi services, this research used ARP attack methods to reveal its vulnerabilities and proposed two prevention strategies: one is an anti-attack algorithm for application and device manufacturers; the other is to recommend that telecom operators implement more advanced detection mechanisms. In addition, as industrial control systems become more brilliant and IIoT technology evolves, network security becomes paramount. This study uses Arduino and Raspberry Pi to simulate an industrial control system and set up fake honeypots to attract hacker attacks. By simulating signals from actual sensors, we can effectively deceive hackers while recording their attack patterns to prevent similar threats in the future. This study highlights the importance of maintaining network security in B5G/6G and IIoT environments and provides practical solutions to address these emerging security challenges.

[1] K. Q. VU., A. Chehri, N. M. Quy, N. D. Han, & N. T. Ban, “Innovative Trends in the 6G Era: A Comprehensive Survey of Architecture, Applications, Technologies, and Challenges”, IEEE Access, Vol. 11, pp. 39824-39844, 2023.
[2] K. Q. VU, V. H. Nguyen, Q. N. Minh, A. D. Van, N. L. Anh, & A. Chehri, “An efficient edge computing management mechanism for sustainable smart cities”, Sustainable Computing: Informatics and Systems, Vol. 38, pp.100867, 2023.
[3] R. Keyvan, J. Jagannath, & A. Jagannath, “Security and privacy vulnerabilities of 5G/6G and WiFi 6: Survey and research directions from a coexistence perspective”, Computer Networks, Vol. 221, pp.109515, 2023.
[4] L. Qiao, Y. Li, D. Chen, S. Serikawa, M. Guizani, & Z. Lv, “A survey on 5G/6G, AI, and Robotics”, Computers and Electrical Engineering, Vol. 95, pp. 107372, 2021.
[5] A. Nicholson, S. Webber, S. Dyer, T. Patel, & H. Janicke, “SCADA security in the light of Cyber-Warfare”, Computers & Security, Vol. 31, Iss. 4, pp. 418-436, 2012.
[6] E. Sisinni, A. Saifullah, S. Han, U. Jennehag, & M. Gidlund, “Industrial internet of things: Challenges, opportunities, and directions”, IEEE Transactions on Industrial Informatics, Vol. 14, Iss. 11, 4724-4734, 2018.
[7] D. X. Li, W. He, & S. Li, “Internet of things in industries: A survey”, IEEE Transactions on industrial informatics, Vol. 10, Iss. 4, pp. 2233-2243, 2014.
[8] P. Cerwall, Ericsson Mobility Report. Stockholm, Sweden: Ericsson, 2018.
[9] Kaspersky ICS CERT, “Threat landscape for industrial automation systems”, Retrieved 2023/12/09. from https://ics-cert.kaspersky.com/publications/reports/2022/09/08/threat- landscape- forindustrial-automation- systems- statistics- for- h1- 2022/.
[10] Dragos, “ICS/OT CYBERSECURITY – YEAR IN REVIEW 2022”, Retrieved 2023/12/09. from https://hub.dragos.com/ics- cybersecurity- year- inreview-2022.
[11] L. Allodi, & S. Etalle, “Workshop on Automated Decision Making for Active Cyber Defense”, ACM SIGSAC Conference on Computer and Communications Security,USA, 23-26, Nov, 3, 2017.
[12] J. Townsend, M. A. Badar, & J. Szekerces, “Updating temperature monitoring on reciprocating compressor connecting rods to improve reliability”, Engineering Science and Technology, an International Journal, Vol. 19, Iss. 1, pp. 566-573, 2016.
[13] Trend Micro, “Why Do Attackers Target Industrial Control Systems?”, Retrieved 2023/12/09from https://www.trendmicro.com/vinfo/us/security/news/cyberattacks/why-do-attackers-target-industrial-control-systems.
[14] M. Uzair, “Communication methods (protocols, format & language) for the substation automation & control”, Retrieved 2023/12/09 from https://www.eng.uwo.ca/people/tsidhu/Documents/ project%20report%20Uzair.pdf.
[15] T. Sheldon, McGraw-Hill’s Encyclopedia of Networking and Telecommunica-tions, McGraw-Hill Professional, 2001.
[16] A. Shahzad, S. Musa, A. Aborujilah, & M. Irfan, “The SCADA review: system components, architecture, protocols and future security trends”, American Journal of Applied Sciences, Vol. 11, Iss. 8, pp.1418-1425, 2014.
[17] D. Upadhyay, S. Sampalli, “SCADA (supervisory control and data acquisition) systems: Vulnerability assessment and security recommendations”, Computer Networks, Vol. 89, pp.101666, 2020.
[18] B. Chen, N. Pattanaik, A. Goulart, K. L. Butler-Purry, & D. Kundur, “Implementing attacks for modbus/TCP protocol in a real- time cyber physical system test bed”, In 2015 IEEE International Workshop Technical Committee on Communications Quality and Reliability, USA, May,11-14, 2015.
[19] K. C. Mahapatra, & S. Magesh, “Analysis of vulnerabilities in the protocols used in SCADA systems”, International Journal of Advanced Research in Computer Engineering & Technology, Vol. 4, Iss. 3, 2015.
[20] Y. Lu, & T. Feng, “Cryptography Security Designs and Enhancements of DNP3-SA Protocol Based on Trusted Computing”, International Journal of Network Security, Vol. 21, Iss. 1, pp.130-136, 2019.
[21] SMAR, “What is PROFIBUS?”, Retrieved 2023/12/08 from https://www.smar.com/en/profibus.
[22] VECTOR application note & Motorola note, “CAN-BUS Introduction”, Retrieved 2023/12/08 from http://kurser.iha.dk/eit/tidrts/powerpoint/canbus-introduction.pdf.
[23] REAL TIME AUTOMATION, “DeviceNet Unplugged”, Retrieved 2023/12/08 from https://www.rtaautomation.com/technologies/devicenet/.
[24] ETSI, “Open Smart Grid Protocol (OSGP)”, Retrieved 2023/12/09 from http://www.etsi.org/deliver/etsi_gs/OSG/001_099/001/01.01.01_60/gs_osg001v010101p.pdf.
[25] D. S. K. Tiruvakadu, & V. Pallapa, “Confirmation of wormhole attack in MANETs using honeypot”, Computers & Security, Vol. 76, pp. 32-49, 2018.
[26] S. Campbell, “Supporting digital signatures in mobile environments”, Twelfth IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, 238-242, Austria, June, 11-11, 2003.
[27] A. Jicha, , M. Patton, & H. Chen, “SCADA honeypots: An in-depth analysis of Conpot”, IEEE conference on intelligence and security informatics, 196-198, USA, September, 28-30, 2016.
[28] M. Nikooghadam, & H. Amintoosi, “A secure and robust elliptic curve cryptography‐based mutual authentication scheme for session initiation protocol”, Security and privacy, Vol.3, Iss. 1, pp. 1-20, 2019.
[29] J. Rosenberg, & H. Schulzrinne, “SIP: Session Initiation Protocol，IETF RFC 3261,” Retrieved 2023/12/19 from https://tools.ietf.org/html/rfc3261.
[30] T. Chakraborty, I. S. Misra, R. Prasad, T. Chakraborty, I. S. Misra, & R. Prasad, VoIP Protocol Fundamentals, Springer, Cham, 2019.
[31] R. Frederick, V. Jacobson, & P. Design, RTP: A transport protocol for real-time applications, IETF RFC3550, 2003.
[32] I. Hussain, S. Djahel, Z. Zhang, & F. Naït‐Abdesselam, “A comprehensive study of flooding attack consequences and countermeasures in session initiation protocol”, Security and Communication Networks, Vol. 8, Iss. 18, pp. 4436-4451, 2015.
[33] M. M. Naeem, I. Hussain, & M. M. S. Missen, “A survey on registration hijacking attack consequences and protection for Session Initiation Protocol”, Computer Networks, Vol. 175, pp.107250, 2020.
[34] 3GPP, “Overview of 3GPP Release 10 V0.2.1”, Retrieved 2023/12/09 from https://www.3gpp.org/ftp/Information/WORK_PLAN/Description_Releases/.
[35] L. Al‐Sahan, N. Lasla, M. Abdallah, B. Wang, “BCSM: Blockchain‐based cooperative spectrum management system for 5G NR‐U and Wi-Fi coexistence in the unlicensed band”, IET Communications, Vol. 16, Iss. 9, pp. 977-87, 2022.
[36] Z. Ghadialy, “Voice over Wi-Fi (VoWiFi) technical details” Retrieved 2023/12/09 from https://blog.3g4g.co.uk/2015/01/voice-over-Wi-Fi-VoWiFi-technical-details.html.
[37] CISCO, “Ultra Cloud Core 5G Session Management Function, Release 2020.03 - Configuration and Administration Guide - VoWiFi Support”, Retrieved 2023/12/09 from https://www.cisco.com/c/en/us/td/docs/wireless/ucc/smf/2020-03-0/b_ucc-5g-smf-config-and-admin-guide_2020-03/b_SMF_chapter_0100000.html.
[38] A. M. Latva, & K. Leppanen, “Key drivers and research challenges for 6G ubiquitous wireless intelligence”, Retrieved 2023/12/18 from http://jultika.oulu.fi/files/isbn9789526223544.pdf.
[39] KDDI Corporation, “Beyond 5G/6G White Paper ver. 2.0.1”, Retrieved 2023/12/20 from https://www.kddi-research.jp/sites/default/files/kddi_whitepaper_en/pdf/KDDI_B5G6G_WhitePaperEN_2.0.1.pdf?fbclid=IwAR0LBOLpxQsTY9hG06cgf6ebaCyGtMmPEfLGoPY123U7Vvc7Z9aTedxYsqA [Access date: 20. 12. 2023]
[40] T. Xie, G. H. Tu, B. Yin, C. Y. Li, C. Peng, M. Zhang, X. Liu, “The untold secrets of Wi-Fi-calling services: Vulnerabilities, attacks, and countermeasures” IEEE Trans Mobile Computer, Vol. 20, Iss. 11, pp. 3131-47, 2021.
[41] Y. H. Lu, S. H. Y. Hsiao, C. Y. Li, Y. C. Hsieh, P. Y. Chou, Y. Y. Li, & G. H. Tu, “Insecurity of Operational IMS Call Systems: Vulnerabilities, Attacks, and Countermeasures,” IEEE/ACM Transactions on Networking, Vol. 31, Iss. 2, pp. 800-815, 2022.
[42] M. H. Chen, C. I. Wu, Y. C. Li, , C. Y. Li, & G. H. Tu, “Remote Detection of 4G/5G UEs Vulnerable to Stealthy Call DoS”, In IEEE INFOCOM 2023-IEEE Conference on Computer Communications Workshops, 1-2, USA, May, 20, 2023.
[43] M.A. Ferrag, L. Maglaras, A. Argyriou, D. Kosmanos, & H. Janicke, “Security for 4G and 5G cellular networks: A survey of existing authentication and privacy-preserving schemes”, Journal of Network and Computer Applications, Vol. 101, pp. 55-82, 2018.
[44] S. Islam, O. O. Khalifa, A. H. A. Hashim, M. K. Hasan, M. A. Razzaque, & B. Pandey, “Design and evaluation of a multihoming-based mobility management scheme to support inter technology handoff in PNEMO”, Wireless Personal Communications, Vol. 114, pp. 1133-1153, 2020.
[45] G. M. Køien, “Privacy enhanced mobile authentication”, Wireless Personal Communications, Vol. 40, pp. 443-455, 2007.
[46] C. H. Lee, M. S. Hwang, & W. P. Yang. “Enhanced privacy and authentication for the global system for mobile communications”, Wireless Networks, Vol. 5, pp. 231-243, 1999.
[47] X. Wang, P. Hao, & L. Hanzo. “Physical-layer authentication for wireless security enhancement: Current challenges and future developments”, IEEE Communications Magazine, Vol. 54, Iss. 6, pp. 152-158, 2016.
[48] Y. Pu, J. Luo, Y. Wang, C. Hu, Y. Huo, & J. Zhang. “Privacy preserving scheme for location based services using cryptographic approach”, In 2018 IEEE Symposium on Privacy-Aware Computing, 125-126, USA, Sep, 26-28, 2018.
[49] M. Liyanage, J. Salo, A. Braeken, T. Kumar, S. Seneviratne, & M. Ylianttila “5G privacy: Scenarios and solutions”, In 2018 IEEE 5G World Forum, 197-203, USA, Jul, 9-11, 2018.
[50] M. Min, W. Wang, L. Xiao, Y. Xiao, & Z. Han. “Reinforcement learning-based sensitive semantic location privacy protection for VANETs”, China Commun, Vol. 18, Iss. 6, pp. 244-260, 2021.
[51] C. Sexton, N. J. Kaminski, J. M. Marquez-Barja, N. Marchetti, & L. A. DaSilva. “5G: Adaptable networks enabled by versatile radio access technologies”, IEEE Commun Surv Tutor, Vol. 19, Iss. 2, pp. 688-720, 2017.
[52] W. Boubakri, W. Abdallah, & N. Boudriga. “Access control in 5G communication networks using simple PKI certificates”, In 2017 13th International Wireless Communications and Mobile Computing Conference, 2092-2097, Spain, Jul, 20, 2017.
[53] I. K. Son, S. Mao, Y. Li, M. Chen, M. X. Gong, “Rappaport TS. Frame-based medium access control for 5G wireless networks”, Mobile Networks and Applications, Vol. 20, pp. 688-720, 2015.
[54] M. Alyami, M. Alkhowaiter, M. Ghanim, C. Zou, , & Y. Solihin, “MAC-layer traffic shaping defense against WiFi device fingerprinting attacks”, In 2022 IEEE Symposium on Computers and Communications, 1-7, Greece, Jun, 30, 2022.
[55] P. R. Siddharth, H. Silke, & T. Aura, “Threat modeling framework for mobile communication systems”, Computers & Security, Vol. 125, pp. 103047, 2023.
[56] A. Shaik, R. Borgaonkar, N. Asokan, V. Niemi, & J. P. Seifert. “Practical attacks against privacy and availability in 4G/LTE mobile communication systems”, Cryptography and Security, 1-16, 2015.
[57] P. Schneider, & G. Horn. “Towards 5G security”, In 2015 IEEE Trustcom/BigDataSE/ISPA, 1165-1170, Finland, Aug, 20-22, 2015.
[58] S. Keith, P. Michael, T. CheeYee, Z. Timothy, P. Victoria, L. Suzanne, H. Adam, S. Stephanie, S. Aslam, & T. Michael, “Guide to Operational Technology (OT) Security”, Retrieved 2023/12/09 from https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-82r3.pdf.
[59] R. Jeremy, “Cyberattack Damages SATCOM Terminals: How an Interruption in Satellite Communication Brought Down Internet, Communications and Power Generation”, Retrieved 2024/1/15 from https://wpsites.ucalgary.ca/isec-601-f21/2022/03/23/cyberattack-damages-satcom-terminals-how-an-interruption-in-satellite-communication-brought-down-internet-communications-and-power-generation/.
[60] CISA, “Cyber-Attack Against Ukrainian Critical Infrastructure”, Retrieved 2023/12/17 from https://www.cisa.gov/news-events/ics-alerts/ir-alert-h-16-056-01
[61] 3GPP. “3GPP System Architecture Evolution (SAE); Security architecture”, Retrieved 2023/12/07 from http://www.3gpp.org/DynaReport/33401.htm.
[62] 3GPP. “Access to the 3GPP Evolved Packet Core (EPC) via non-3GPP access networks”, Retrieved 2023/12/07 from http://www.3gpp.org/DynaReport/24302.htm.
[63] 3GPP. “3G Security; Wireless Local Area Network (WLAN) Interworking Security”,. Retrieved 2023/12/07 from http://www.3gpp.org/DynaReport/33234.htm.
[64] 3GPP. “Characteristics of the IP Multimedia Services Identity Module (ISIM) application”, Retrieved 2023/12/07 from https://portal.3gpp.org/desktopmodules/Specifications/SpecificationDetails.aspx?specificationId=1804.
[65] 3GPP. “Characteristics of the Universal Subscriber Identity Module (USIM) application”, Retrieved 2023/12/07 from http://www.3gpp.org/DynaReport/31102.htm.
[66] M. K. Hasan, T. M. Ghazal, R. A. Saeed, B. Pandey, H. Gohel, A. A. Eshmawi, & H. M. Alkhassawneh. “A review on security threats, vulnerabilities, and counter measures of 5G enabled Internet‐of‐Medical‐Things”, IET Commun, Vol. 16, Iss. 5, pp.421-432, 2022.
[67] A. Aljumah, & T. A. Ahanger, “Cyber security threats, challenges and defence mechanisms in cloud computing”, IET Commun, Vol. 14, Iss. 7, pp.1185-1191, 2020.
[68] M. M. Saeed, M. K. Hasan, A. J. Obaid, R. A. Saeed, R. A. Mokhtar, E. S. Ali, M. Akhtaruzzaman, S. Amanlou, & A. Z. Hossain. “A comprehensive review on the users’ identity privacy for 5G networks”, IET Commun, Vol. 16, Iss. 5, pp. 384-399, 2022.
[69] J. Schwenk, Guide to Internet Cryptography: Security Protocols and Real-world Attack Implications. Springer, 2022.
[70] Shishi. “Cryptographic Overview”, Retrieved 2023/12/07 from https://www.gnu.org/software/shishi/manual/html_node/Cryptographic-Overview.html?fbclid=IwAR1RAmx6bGTwNhAe6CnxB2g5WsHRl_G3-WuifzEXQspnjoE-EiWBMeATxeo#Cryptographic-Overview.
[71] SIEMENS, “Data sheet 6ES7314-1AG13-0AB0”, Retrieved 2024/1/12 from https://adegis.com/media/asset/b6ec4d5d5377fe0b95e3e59eadcff6b6503382288810d14948faa2c48df13e38.pdf.
[72] A. Nicholson, S. Webber, S. Dyer, T. Patel, & H. Janicke, “SCADA security in the light of Cyber-Warfare”, Computers & Security, Vol. 31, Iss. 4, pp. 418-436, 2012.
[73] V. Pothamsetty, & M. Franz, “Scada honeynet project: Building honeypots for industrial networks”, Retrieved 2023/12/07 from http://scadahoneynet.sourceforge.net/.
[74] M. Ray, “Voice Over Wi-Fi”, Retrieved 2024/01/09 from https://www.cisco.com/c/dam/m/en_us/service-provider/ciscoknowledgenetwork/files/593_05_24-16-Cisco_Voice_over_Wi-Fi_CKN_May_2016_FinalV1.pdf.
[75] J. Beekman, , & C. Thompson, “Man-in-the-middle attack on T-Mobile Wi-Fi Calling”, Retrieved 2024/01/09 from https://www2. eecs. berkeley. edu/Pubs/TechRpts/2013/EECS-2013-18. pdf.
[76] S. Chalakkal, , H. Schmidt, , & S. Park, “Practical attacks on volte and vowifi”, Retrieved 2024/01/09 from https://ernw.de/download/newsletter/ERNW_Whitepaper_60_Practical_Attacks_On_VoLTE_And_VoWiFi_v1.0.pdf.
[77] B. Jaejong, K. Sukwha, C. Haehyun, Z. Ziming, S. Yan, D. Adam, & J. A. Gail, “Wi Not Calling: Practical Privacy and Availability Attacks in Wi-Fi Calling”, 34th Annual Computer Security Applications Conference, USA, 278-288, Dec, 3, 2018.