Evolution of Man-in-the-Middle attacks in 5G telecommunication systems

Abstract

The rapid deployment of fifth-generation (5G) networks has dramatically transformed telecommunications by enabling ultra-low latency, high bandwidth, and dynamic spectrum allocation. However, these innovations have also expanded the attack surface, introducing unprecedented security vulnerabilities. Among them, Man-in-the-Middle (MITM) attacks have evolved into complex, AI-driven, and persistent threats capable of exploiting 5G’s Service-Based Architecture (SBA), virtualized functions, and heterogeneous interoperability with LTE and Wi-Fi. A particularly critical evolution is the rise of Digital Twin attacks, where adversaries replicate devices or network elements with high fidelity, bypassing traditional authentication and maintaining long-term undetectable intrusions. This paper provides a comprehensive analysis of MITM evolution in 5G systems, including vulnerabilities across the OSI model layers, exploitation of NGAP, Diameter, and DSS signaling, and the persistent risks posed by distributed architectures. Special attention is given to quantum-era threats, such as store-now-decrypt-later scenarios and quantum-enhanced MITM at tacks undermining 5G-AKA protocols reliant on non-quantum-resistant cryptography. The study emphasizes the need for cryptographic agility, post-quantum authentication, and continuous behavioral validation mechanisms to mitigate persistent and quantum-enhanced MITM exploits. The findings highlight urgent requirements for international standardization and proactive implementation of post-quantum secure protocols in 5G infrastructures.