US-11792844-B2 - Random access channel security

Abstract

Various systems and methods for implementing random access channel security are described herein. An apparatus for a base station includes: receiver circuitry to receive at the base station, a signal from a user equipment (UE) transmitter to access resources of the base station; statistics circuitry to calculate high-order statistics on the signal to produce an identification indication; a memory device to store the high-order statistics and the identification indication; and processing circuitry to: associate the identification indication with the UE transmitter; use the identification indication to determine that multiple failures of a random access channel (RACH) process have occurred from the UE transmitter; and restrict later attempts by the UE transmitter to perform RACH processes with the base station.

Inventors

• VANNITHAMBY RATH
• SIVANESAN KATHIRAVETPILLAI
• YANG LIUYANG LILY
• MACIOCCO CHRISTIAN

Assignees

• INTEL CORP

Dates

Publication Date

20231017

Application Date

20210923

Priority Date

20210923

Claims (20)

1. 1. An apparatus for a base station, comprising: receiver circuitry to receive at the base station, a signal from a user equipment (UE) transmitter to access resources of the base station; statistics circuitry to calculate higher-order statistics on the signal to produce an identification indication, wherein to calculate the higher-order statistics, the statistics circuitry is to use estimates of the higher-order statistics of impairment of the signal; a memory device to store the higher-order statistics and the identification indication; and processing circuitry to: associate the identification indication with the UE transmitter; use the identification indication to determine that multiple failures of a random access channel (RACH) process have occurred from the UE transmitter; and restrict later attempts by the UE transmitter to perform RACH processes with the base station.
2. 2. The apparatus of claim 1 , wherein the base station is an eNodeB.
3. 3. The apparatus of claim 1 , wherein the base station is an gNodeB.
4. 4. The apparatus of claim 1 , wherein the signal is a part of a RACH preamble transmission.
5. 5. The apparatus of claim 1 , wherein to calculate the higher-order statistics on the signal, the statistics circuitry is to calculate a fourth-order moment of noise of the signal.
6. 6. The apparatus of claim 1 , wherein to calculate the higher-order statistics on the signal, the statistics circuitry is to calculate a frequency offset of the signal.
7. 7. The apparatus of claim 1 , wherein to calculate the higher-order statistics on the signal, the statistics circuitry is to calculate an amplitude offset of the signal.
8. 8. The apparatus of claim 1 , wherein to calculate the higher-order statistics on the signal, the statistics circuitry is to calculate two of: a fourth-order moment of noise of the signal, a frequency offset of the signal, or an amplitude offset of the signal.
9. 9. The apparatus of claim 1 , wherein to restrict later attempts to connect to the base station, the processing circuitry is to update a denylist to include the identification indication.
10. 10. The apparatus of claim 1 , wherein the processing circuity is to determine whether the identification indication is on a denylist.
11. 11. The apparatus of claim 10 , wherein in response to determining that the identification indication is on the denylist, wherein the processing circuity is to restrict the UE transmitter access to the resources of the base station.
12. 12. At least one non-transitory machine-readable medium including instructions, which when executed by a machine, cause the machine to perform operations comprising: receiving at a base station, a signal from a user equipment (UE) transmitter to access resources of the base station; calculating higher-order statistics on the signal to produce an identification indication, wherein calculating the higher-order statistics includes using estimates of the higher-order statistics of impairment of the signal; associating the identification indication with the UE transmitter; using the identification indication to determine that multiple failures of a random access channel (RACH) process have occurred from the UE transmitter; and restricting later attempts by the UE transmitter to perform RACH processes with the base station.
13. 13. The at least one machine-readable medium of claim 12 , wherein the base station is an eNodeB.
14. 14. The at least one machine-readable medium of claim 12 , wherein the base station is an gNodeB.
15. 15. The at least one machine-readable medium of claim 12 , wherein the signal is a part of a RACH preamble transmission.
16. 16. The at least one machine-readable medium of claim 12 , wherein calculating the higher-order statistics on the signal comprises calculating a fourth-order moment of noise of the signal.
17. 17. The at least one machine-readable medium of claim 12 , wherein calculating the higher-order statistics on the signal comprises calculating a frequency offset of the signal.
18. 18. The at least one machine-readable medium of claim 12 , wherein calculating the higher-order statistics on the signal comprises calculating an amplitude offset of the signal.
19. 19. The at least one machine-readable medium of claim 12 , wherein calculating the higher-order statistics on the signal comprises calculating two of: a fourth-order moment of noise of the signal, a frequency offset of the signal, or an amplitude offset of the signal.
20. 20. The at least one machine-readable medium of claim 12 , wherein restricting later attempts to connect to the base station comprises updating a denylist to include the identification indication.

Description

TECHNICAL FIELD Embodiments described herein generally relate to fifth generation (5G) wireless communications and in particular, random access channel (RACH) security in 5G systems. BACKGROUND The use and complexity of wireless systems, which include 4th generation (4G) and 5th generation (5G) networks among others, has increased due to both an increase in the types of user equipment (UEs) devices using network resources as well as the amount of data and bandwidth being used by various applications, such as video streaming, operating on these UEs. With the vast increase in number and diversity of communication devices, the corresponding network environment, including routers, switches, bridges, gateways, firewalls, and load balancers, has become increasingly complicated, especially with the advent of next generation (NG) or new radio (NR) systems. As expected, a number of issues abound with the advent of any new technology. The development of networks and wireless systems provides the infrastructure for edge computing. Edge computing, at a general level, refers to the transition of compute and storage resources closer to endpoint devices (e.g., consumer computing devices, user equipment, etc.) in order to optimize total cost of ownership, reduce application latency, improve service capabilities, and improve compliance with security or data privacy requirements. Edge computing may, in some scenarios, provide a cloud-like distributed service that offers orchestration and management for applications among many types of storage and compute resources. As a result, some implementations of edge computing have been referred to as the “edge cloud” or the “fog”, as powerful computing resources previously available only in large remote data centers are moved closer to endpoints and made available for use by consumers at the “edge” of the network. Edge computing use cases in mobile network settings have been developed for integration with multi-access edge computing (MEC) approaches, also known as “mobile edge computing.” MEC approaches are designed to allow application developers and content providers to access computing capabilities and an information technology (IT) service environment in dynamic mobile network settings at the edge of the network. Limited standards have been developed by the European Telecommunications Standards Institute (ETSI) industry specification group (ISG) in an attempt to define common interfaces for operation of MEC systems, platforms, hosts, services, and applications. Edge computing, MEC, and related technologies attempt to provide reduced latency, increased responsiveness, and more available computing power than offered in traditional cloud network services and wide area network connections. However, the integration of mobility and dynamically launched services to some mobile use and device processing use cases has led to limitations and concerns with orchestration, functional coordination, and resource management, especially in complex mobility settings where many participants (devices, hosts, tenants, service providers, operators) are involved. In a similar manner, Internet of Things (IoT) networks and devices are designed to offer a distributed compute arrangement, from a variety of endpoints. IoT devices are physical or virtualized objects that may communicate on a network, and may include sensors, actuators, and other input/output components, which may be used to collect data or perform actions in a real world environment. For example, IoT devices may include low-powered endpoint devices that are embedded or attached to everyday things, such as buildings, vehicles, packages, etc., to provide an additional level of artificial sensory perception of those things. Recently, IoT devices have become more popular and thus applications using these devices have proliferated. The deployment of various Edge, Fog, MEC, and IoT networks, devices, and services have introduced a number of advanced use cases and scenarios occurring at and towards the edge of the network. However, these advanced use cases have also introduced a number of corresponding technical challenges relating to security, processing and network resources, service availability and efficiency, among many other issues, especially as more types of computing systems and configurations are deployed. One such challenge is in relation to security and trust, and the operational states of software programs and data, as represented in memory (e.g., DRAM memory), cache memory (e.g., in a cache), or registers (e.g., CPU, or GPU). BRIEF DESCRIPTION OF THE DRAWINGS In the drawings, which are not necessarily drawn to scale, like numerals may describe similar components in different views. Like numerals having different letter suffixes may represent different instances of similar components. Some embodiments are illustrated by way of example, and not limitation, in the figures of the accompanying drawings in which: FIG. 1 illustrates an overvi