A Study on a New Type of DDoS Attack against 5G Ultra-Reliable and Low-Latency Communications

5G New Radio (NR) allows enhanced Mobile Broadband (eMBB) and Ultra-Reliable Low-Latency Communications (URLLC) to coexist in the physical layer for better resource utilization. To enable the coexistence while satisfying the QoS requirement of URLLC, 3GPP introduces the cancellation mechanism that allows a URLLC UE to preempt the transmission of eMBB UEs. In this paper, we show that the 3GPP design to provide stringent QoS guarantee for URLLC may become a threat to interfere both eMBB and URLLC via highly synchronized low-volume DDoS. We dissect potential vulnerability for both eMBB and URLLC UEs in the uplink from the 3GPP standards. An attack model is investigated and evaluated through system-level simulations. We find that synchronization among compromised URLLC UEs could be leveraged by the attacker to amplify the overall impact on both eMBB throughput and URLLC latency, even when the number of compromised UEs is small.