SNI5GECT: A Practical Approach to Inject aNRchy into 5G NR
Shijie Luo
34th USENIX Security Symposium (USENIX Security '25) · Day 3 · Network Security 3: BLE and Cellular
The talk "SNI5GECT: A Practical Approach to Inject aNRchy into 5G NR" introduces a novel framework designed to passively sniff and actively inject messages into 5G New Radio (NR) communications. Presented by Shijie Luo at USENIX Security, this research challenges conventional assumptions about 5G security by demonstrating practical attacks against the unencrypted portions of the 5G initial access procedure. Unlike traditional rogue base station attacks, SNI5GECT operates covertly, making it difficult to detect while enabling potent exploits against user equipment (UE).
AI review
Solid, original work that actually advances the 5G attack surface conversation rather than just restating the known-bad rogue base station playbook. The overshadow technique combined with precise SSB synchronization is the real contribution here — it's a meaningful step toward stealthy, non-detectable cellular attacks that practitioners need to understand now, not after carriers finish their 5G buildouts.