5Ghoul Defensive Detection: Inverted Exploit Signatures for 5G NR Pre-Authentication Attack Monitoring

Thomas Perry Jr.

doi:10.5281/zenodo.18707254

5Ghoul Defensive Detection: Inverted Exploit Signatures for 5G NR Pre-Authentication Attack Monitoring

Thomas Perry Jr. Pastoral Tech 2026-02-20 Preprint

A complete defensive detection framework for the 5Ghoul family of 5G NR pre-authentication vulnerabilities, comprising an IDS script with inverted exploit signatures for all 12 published CVEs (V5-V16) and the DA1 NAS flooding downgrade attack, Wireshark forensic filters, and constitutional detection constraints following a refuse-rather-than-miss philosophy.

5G NR5Ghoulbaseband securityintrusion detectionconstitutional constraintspre-authentication attacks

Zenodo Record Download PDF Google Scholar Semantic Scholar

Cite

Thomas Perry Jr.. "5Ghoul Defensive Detection: Inverted Exploit Signatures for 5G NR Pre-Authentication Attack Monitoring." Pastoral Tech, 2026-02-20. DOI: 10.5281/zenodo.18707254. Available at: https://doi.org/10.5281/zenodo.18707254

BibTeX

@article{perry20265ghoul, author = {Perry, Thomas Jr.}, title = {5Ghoul Defensive Detection: Inverted Exploit Signatures for 5G NR Pre-Authentication Attack Monitoring}, year = {2026}, month = {02}, doi = {10.5281/zenodo.18707254}, url = {https://doi.org/10.5281/zenodo.18707254}, publisher = {Zenodo}, license = {CC-BY-4.0} }