Archivio istituzionale della ricerca dell'Università degli Studi di Palermo

In this work, we present Silent Drain, a practical Denial-of-Energy attack against commercial 5G User Equipment (UE). Our approach combines extensive energy profiling across RRC states, DRX cycles, scheduling policies, MCS levels, and MIMO configurations with forged Downlink Control Information (DCI) messages that trigger high-consumption states. In a controlled testbed, we show that periodic DCI replays or forged uplink grants keep the UE in RRC Connected or induce persistent uplink transmissions, maintaining a +1 W power draw and continuous uplink activity for more than 30 minutes even after detachment. We discuss operational feasibility, testbed limitations, and propose potential countermeasures, including physical layer signaling authentication and energy-aware intrusion detection. Our findings reveal that energy efficiency mechanisms can become powerful and predictable attack vectors in 5G.

Dino, A., Giuliano, F., Mangione, S., Garlisi, D., Tinnirello, I. (2025). Silent Drain: From Energy Profiling to Practical Denial-of-Energy Attacks in 5G. In WiNTECH '25: ACM Workshop on Wireless Network Testbeds, Experimental evaluation & Characterization (pp. 113-120) [10.1145/3737895.3768308].

Silent Drain: From Energy Profiling to Practical Denial-of-Energy Attacks in 5G

Dino, Alessandra
;Giuliano, Fabrizio;Mangione, Stefano;Garlisi, Domenico;Tinnirello, Ilenia
2025-11-01

Abstract

In this work, we present Silent Drain, a practical Denial-of-Energy attack against commercial 5G User Equipment (UE). Our approach combines extensive energy profiling across RRC states, DRX cycles, scheduling policies, MCS levels, and MIMO configurations with forged Downlink Control Information (DCI) messages that trigger high-consumption states. In a controlled testbed, we show that periodic DCI replays or forged uplink grants keep the UE in RRC Connected or induce persistent uplink transmissions, maintaining a +1 W power draw and continuous uplink activity for more than 30 minutes even after detachment. We discuss operational feasibility, testbed limitations, and propose potential countermeasures, including physical layer signaling authentication and energy-aware intrusion detection. Our findings reveal that energy efficiency mechanisms can become powerful and predictable attack vectors in 5G.
nov-2025
https://dx.doi.org/10.1145/3737895.3768308
https://dl.acm.org/doi/pdf/10.1145/3737895.3768308
Dino, A., Giuliano, F., Mangione, S., Garlisi, D., Tinnirello, I. (2025). Silent Drain: From Energy Profiling to Practical Denial-of-Energy Attacks in 5G. In WiNTECH '25: ACM Workshop on Wireless Network Testbeds, Experimental evaluation & Characterization (pp. 113-120) [10.1145/3737895.3768308].
File in questo prodotto:
File Dimensione Formato  
ENERGY_ATTACK_5G_WINTECH-1.pdf

accesso aperto

Tipologia: Versione Editoriale
Dimensione 4.39 MB
Formato Adobe PDF
Visualizza/Apri
4.39 MB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/10447/701325
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
social impact