A research platform for collecting, analysing, and learning from operational data in a 5G core network.
Each scenario produces raw log files captured from Open5GS network functions:
| Log File |
Network Function |
What It Contains |
amf.log |
Access and Mobility Management |
Registration, authentication, mobility events |
smf.log |
Session Management |
PDU session lifecycle, IP allocation |
ausf.log |
Authentication Server |
Auth vectors, 5G-AKA/EAP-AKA' results |
udm.log |
Unified Data Management |
Subscriber lookups, location updates |
upf.log |
User Plane Function |
GTP-U tunnel events, PFCP sessions |
pcf.log |
Policy Control |
QoS rules, PCC policy decisions |
nrf.log |
Network Repository |
NF registration, service discovery |
5gCore-Inspector/
├── data/
│ └── raw/ # Raw log captures, one folder per scenario
│ ├── scenario_01/ # Initial Registration
│ ├── scenario_02/ # Authentication Failure
│ │ ...
│ └── scenario_38/ # Connect and Disconnect Loop
└── README.md
| # |
Scenario |
| 01 |
Registration (Data Off) |
| 02 |
Deregistration (Data Off) |
| 03 |
Registration (Data On) |
| 04 |
Deregistration (Data On) |
| 05 |
PDU Session Establishment |
| 06 |
PDU Session Release |
| # |
Scenario |
|
Idle Mode |
|
Paging |
|
Service Request |
|
UE Mobility (Handover) |
|
Tracking Area Update |
|
Network Slice Selection |
|
UE Detach During Active Session |
| # |
Scenario |
|
Authentication Failure |
|
Wrong DNN |
|
Subscriber Removed |
|
AMF Restart |
|
SMF Restart |
|
UPF Restart |
| # |
Scenario |
Attack Type |
|
Rogue UE |
Unauthorised device |
|
IMSI/SUCI Related Tests |
Identity protection |
|
Registration Flood |
Signalling DoS |
|
Invalid NAS Messages |
Protocol fuzzing |
|
Invalid GTP Messages |
User plane fuzzing |
|
DoS Against the Core |
Resource exhaustion |
| # |
Scenario |
Duration |
|
Multiple UEs |
24 hours |
|
Continuous Traffic |
4–8 hours |
|
Connect and Disconnect Loop |
1000 cycles |