MERLINS – Moving Target Defense Enhanced with Deep-RL for NFV In-Depth Security

Moving to a multi-cloud environment and service-based architecture, 5G and future 6G networks require additional defensive mechanisms to protect virtualized network resources. This paper presents MERLINS, a novel architecture generating optimal Moving Target Defense (MTD) policies for proactive and reactive security of network slices. By formally modeling telecommunication networks compliant with Network Function Virtualization (NFV) into a multi-objective Markov Decision Process (MOMDP), MERLINS uses deep Reinforcement Learning (deep-RL) to optimize the MTD strategy that considers security, network performance, and service level requirements. Practical experiments on a 5G testbed showcase the feasibility as well as restrictions of MTD operations and the effectiveness in mitigating malware infections. It is observed that multi-objective RL (MORL) algorithms outperform state-of-the-art deep-RL algorithms that scalarize the reward vector of the MOMDP. This improvement by a factor of two leads to a better MTD policy than the baseline static counterpart used for the evaluation

Federated Reinforcement Learning for Private and Collaborative Selection of Moving Target Defense Mechanisms for IoT Device Security

The Internet of Things (IoT) has grown exponentially in recent years and it is predicted that the number of devices will double again to 30 billion by 2030 [24]. At the same time, the number of unpatched, vulnerable and infected devices connected to the Internet is increasing exponentially as well. Famous malware incidents from the past like Mirai have painfully illustrated how vulnerable IoT devices are on a broad scale. This work examines how Moving Target Defense (MTD) can be used in a collaborative framework for defense in depth and to thwart cyberattacks. For this purpose, a system prototype has been implemented that is capable of autonomously learning to defend a set of IoT devices (more specifically Radio Frequency Spectrum Sensors belonging to ElectroSense) from a specific set of malware by selecting and deploying MTDs. In scientific literature, usually individual MTDs optimized against specific attacks are presented, but no collaborative framework that combines and orchestrates a set of MTDs. In the prototypical implementation, an individual local agent is deployed on a set of simulated devices, monitoring the behavior of its host, according to 100 system parameters. In case an attack is detected, the local agent is invoked in order to select from a set of MTDs to ward off the attack. If the post-MTD device behavior can be considered normal again, the local agent receives a reward, which is used to update the local policy. Thanks to the use of FL, all local agents contribute to learning one global defense policy together. The project shows that a good attack mitigation probability can be achieved in nonfederated as well as federated learning setting. Furthermore, the system also proves to be somewhat robust against locally and globally skewed sample distributions. Under certain assumptions it can also be assumed that collaborative learning of an MTD selection policy is faster and more robust than centralized learning. The findings on how FRL can be used in IT security to collaboratively learn an MTD selection policy contribute to the state of the art on MTD

Edge AI Empowered Physical Layer Security for 6G NTN: Potential Threats and Future Opportunities

Due to the enormous potential for economic profit offered by artificial intelligence (AI) servers, the field of cybersecurity has the potential to emerge as a prominent arena for competition among corporations and governments on a global scale. One of the prospective applications that stands to gain from the utilization of AI technology is the advancement in the field of cybersecurity. To this end, this paper provides an overview of the possible risks that the physical layer may encounter in the context of 6G Non-Terrestrial Networks (NTN). With the objective of showcasing the effectiveness of cutting-edge AI technologies in bolstering physical layer security, this study reviews the most foreseeable design strategies associated with the integration of edge AI in the realm of 6G NTN. The findings of this paper provide some insights and serve as a foundation for future investigations aimed at enhancing the physical layer security of edge servers/devices in the next generation of trustworthy 6G telecommunication networks.Comment: 7 pages, 6 figures, magazin

Resource Allocation in Networking and Computing Systems: A Security and Dependability Perspective

In recent years, there has been a trend to integrate networking and computing systems, whose management is getting increasingly complex. Resource allocation is one of the crucial aspects of managing such systems and is affected by this increased complexity. Resource allocation strategies aim to effectively maximize performance, system utilization, and profit by considering virtualization technologies, heterogeneous resources, context awareness, and other features. In such complex scenario, security and dependability are vital concerns that need to be considered in future computing and networking systems in order to provide the future advanced services, such as mission-critical applications. This paper provides a comprehensive survey of existing literature that considers security and dependability for resource allocation in computing and networking systems. The current research works are categorized by considering the allocated type of resources for different technologies, scenarios, issues, attributes, and solutions. The paper presents the research works on resource allocation that includes security and dependability, both singularly and jointly. The future research directions on resource allocation are also discussed. The paper shows how there are only a few works that, even singularly, consider security and dependability in resource allocation in the future computing and networking systems and highlights the importance of jointly considering security and dependability and the need for intelligent, adaptive and robust solutions. This paper aims to help the researchers effectively consider security and dependability in future networking and computing systems.publishedVersio

Security and risk analysis in the cloud with software defined networking architecture

Cloud computing has emerged as the actual trend in business information technology service models, since it provides processing that is both cost-effective and scalable. Enterprise networks are adopting software-defined networking (SDN) for network management flexibility and lower operating costs. Information technology (IT) services for enterprises tend to use both technologies. Yet, the effects of cloud computing and software defined networking on business network security are unclear. This study addresses this crucial issue. In a business network that uses both technologies, we start by looking at security, namely distributed denial-of-service (DDoS) attack defensive methods. SDN technology may help organizations protect against DDoS assaults provided the defensive architecture is structured appropriately. To mitigate DDoS attacks, we offer a highly configurable network monitoring and flexible control framework. We present a dataset shift-resistant graphic model-based attack detection system for the new architecture. The simulation findings demonstrate that our architecture can efficiently meet the security concerns of the new network paradigm and that our attack detection system can report numerous threats using real-world network data

Adversarial Attacks and Defenses in 6G Network-Assisted IoT Systems

The Internet of Things (IoT) and massive IoT systems are key to sixth-generation (6G) networks due to dense connectivity, ultra-reliability, low latency, and high throughput. Artificial intelligence, including deep learning and machine learning, offers solutions for optimizing and deploying cutting-edge technologies for future radio communications. However, these techniques are vulnerable to adversarial attacks, leading to degraded performance and erroneous predictions, outcomes unacceptable for ubiquitous networks. This survey extensively addresses adversarial attacks and defense methods in 6G network-assisted IoT systems. The theoretical background and up-to-date research on adversarial attacks and defenses are discussed. Furthermore, we provide Monte Carlo simulations to validate the effectiveness of adversarial attacks compared to jamming attacks. Additionally, we examine the vulnerability of 6G IoT systems by demonstrating attack strategies applicable to key technologies, including reconfigurable intelligent surfaces, massive multiple-input multiple-output (MIMO)/cell-free massive MIMO, satellites, the metaverse, and semantic communications. Finally, we outline the challenges and future developments associated with adversarial attacks and defenses in 6G IoT systems.Comment: 17 pages, 5 figures, and 4 tables. Submitted for publication

Failure Analysis in Next-Generation Critical Cellular Communication Infrastructures

The advent of communication technologies marks a transformative phase in critical infrastructure construction, where the meticulous analysis of failures becomes paramount in achieving the fundamental objectives of continuity, security, and availability. This survey enriches the discourse on failures, failure analysis, and countermeasures in the context of the next-generation critical communication infrastructures. Through an exhaustive examination of existing literature, we discern and categorize prominent research orientations with focuses on, namely resource depletion, security vulnerabilities, and system availability concerns. We also analyze constructive countermeasures tailored to address identified failure scenarios and their prevention. Furthermore, the survey emphasizes the imperative for standardization in addressing failures related to Artificial Intelligence (AI) within the ambit of the sixth-generation (6G) networks, accounting for the forward-looking perspective for the envisioned intelligence of 6G network architecture. By identifying new challenges and delineating future research directions, this survey can help guide stakeholders toward unexplored territories, fostering innovation and resilience in critical communication infrastructure development and failure prevention

Unraveling Attacks in Machine Learning-based IoT Ecosystems: A Survey and the Open Libraries Behind Them

The advent of the Internet of Things (IoT) has brought forth an era of unprecedented connectivity, with an estimated 80 billion smart devices expected to be in operation by the end of 2025. These devices facilitate a multitude of smart applications, enhancing the quality of life and efficiency across various domains. Machine Learning (ML) serves as a crucial technology, not only for analyzing IoT-generated data but also for diverse applications within the IoT ecosystem. For instance, ML finds utility in IoT device recognition, anomaly detection, and even in uncovering malicious activities. This paper embarks on a comprehensive exploration of the security threats arising from ML's integration into various facets of IoT, spanning various attack types including membership inference, adversarial evasion, reconstruction, property inference, model extraction, and poisoning attacks. Unlike previous studies, our work offers a holistic perspective, categorizing threats based on criteria such as adversary models, attack targets, and key security attributes (confidentiality, availability, and integrity). We delve into the underlying techniques of ML attacks in IoT environment, providing a critical evaluation of their mechanisms and impacts. Furthermore, our research thoroughly assesses 65 libraries, both author-contributed and third-party, evaluating their role in safeguarding model and data privacy. We emphasize the availability and usability of these libraries, aiming to arm the community with the necessary tools to bolster their defenses against the evolving threat landscape. Through our comprehensive review and analysis, this paper seeks to contribute to the ongoing discourse on ML-based IoT security, offering valuable insights and practical solutions to secure ML models and data in the rapidly expanding field of artificial intelligence in IoT