Towards the transversal detection of DDoS network attacks in 5G multi-tenant overlay networks

© 2018 Elsevier Ltd Currently, there is no any effective security solution which can detect cyber-attacks against 5G networks where multitenancy and user mobility are some unique characteristics that impose significant challenges over such security solutions. This paper focuses on addressing a transversal detection system to be able to protect at the same time, infrastructures, tenants and 5G users in both edge and core network segments of the 5G multi-tenant infrastructures. A novel approach which significantly extends the capabilities of a commonly used IDS, to accurately identify attacking nodes in a 5G network, regardless of multiple network traffic encapsulations, has been proposed in this paper. The proposed approach is suitable to be deployed in almost all 5G network segments including the Mobile Edge Computing. Both architectural design and data models are described in this contribution. Empirical experiments have been carried out a realistic 5G multi-tenant infrastructures to intensively validate the design of the proposed approach regarding scalability and flexibility

Infrastructure-wide and intent-based networking dataset for 5G-and-beyond AI-driven autonomous networks

In the era of Autonomous Networks (ANs), artificial intelligence (AI) plays a crucial role for their development in cellular networks, especially in 5G-and-beyond networks. The availability of high-quality networking datasets is one of the essential aspects for creating data-driven algorithms in network management and optimisation tasks. These datasets serve as the foundation for empowering AI algorithms to make informed decisions and optimise network resources efficiently. In this research work, we propose the IW-IB-5GNET networking dataset: an infrastructure-wide and intent-based dataset that is intended to be of use in research and development of network management and optimisation solutions in 5G-and-beyond networks. It is infrastructure wide due to the fact that the dataset includes information from all layers of the 5G network. It is also intent based as it is initiated based on predefined user intents. The proposed dataset has been generated in an emulated 5G network, with a wide deployment of network sensors for its creation. The IW-IB-5GNET dataset is promising to facilitate the development of autonomous and intelligent network management solutions that enhance network performance and optimisation

The Neural Network Model of DDoS Attacks Identification for Information Management

The paper discusses the concept and problem of identifying DDoS attacks for information management. The main starting mechanisms and types of DDoS attacks are analyzed. To identify them, signature and behavioral methods of analyzing network traffic are used. Analysis of the advantages and disadvantages of these methods actualized the need for their combined use. To detect and classify DDoS attacks, the need to develop and use a neural network model has been updated. The training and testing of the model were made on the initial data from the NSL-KDD set. All lines in this set are represented as sequences of TCP packets, UDP packets, and ICMP packets of network traffic transmitted from the source of the attack to the attacked network node. The total sample size was 8067 lines. Of these, half of the data corresponded to DDoS attacks, and the rest of the data characterized clear connections. The Deductor modelling environment was used to build the neural network model. The constructed neural network model was a single-layer perceptron with 11 input neurons, 23 hidden neurons and 1 output neuron. The accuracy of the constructed model was calculated based on contingency tables. The accuracy of the initial data classification at the training stage was 97.94%. The classification accuracy at the testing stage was 97.87%. To assess the quality of the neural network model, the errors of the first (0.93%) and second (3.3%) type are calculated. Testing the model showed good results since almost all DDoS attacks were successfully classified. Thus, the neural network model for detecting DDoS attacks has successfully solved the task of identifying and classifying malicious network connections

NetFPGA-based firewall solution for 5G multi-tenant architectures

Future fifth-generation (5G) mobile networks entails architectural and network changes, mainly motivated by the idea of sharing resources between different network operators, which implies a reduction of the costs, thanks to the deployment of virtualised scenarios in shared infrastructures, and an improvement of the network usability. These architectural changes should guarantee that security and 5G Key Performance Indicators (KPIs) are achieved in 5G multi-tenant scenarios. The deployment of advanced architectures and network scenarios for the emerging 5G networks involves a renovation of the elements that compose them. Nowadays, there is no hardware solution which ensures the protection in 5G edge to core multi-tenant scenarios, therefore this paper proposes a fully functional 5G firewall based on a Field Programmable Gate Array (FPGA) that allows effective detention of cyber-attacks in 5G multi-tenant scenarios with user mobility support. The prototyped 5G firewall has been empirically evaluated to validate new capabilities in a 5G edge-to-core scenario. Moreover, an extensive performance and scalability test of the prototyped system has been carried out in a realistic testbed

Towards 5G Zero Trusted Air Interface Architecture

5G is destined to be supporting large deployment of Industrial IoT (IIoT) with the characteristics of ultra-high densification and low latency. 5G utilizes a more intelligent architecture, with Radio Access Networks (RANs) no longer constrained by base station proximity or proprietary infrastructure. The 3rd Generation Partnership Project (3GPP) covers telecommunication technologies including RAN, core transport networks and service capabilities. Open RAN Alliance (O-RAN) aims to define implementation and deployment architectures, focusing on open-source interfaces and functional units to further reduce the cost and complexity. O-RAN based 5G networks could use components from different hardware and software vendors, promoting vendor diversity, interchangeability and 5G supply chain resiliency. Both 3GPP and O-RAN 5G have to manage the security and privacy challenges that arose from the deployment. Many existing research studies have addressed the threats and vulnerabilities within each system. 5G also has the overwhelming challenges in compliance with privacy regulations and requirements which mandate the user identifiable information need to be protected. In this paper, we look into the 3GPP and O-RAN 5G security and privacy designs and the identified threats and vulnerabilities. We also discuss how to extend the Zero Trust Model to provide advanced protection over 5G air interfaces and network components

5G Multi-access Edge Computing: Security, Dependability, and Performance

The main innovation of the Fifth Generation (5G) of mobile networks is the ability to provide novel services with new and stricter requirements. One of the technologies that enable the new 5G services is the Multi-access Edge Computing (MEC). MEC is a system composed of multiple devices with computing and storage capabilities that are deployed at the edge of the network, i.e., close to the end users. MEC reduces latency and enables contextual information and real-time awareness of the local environment. MEC also allows cloud offloading and the reduction of traffic congestion. Performance is not the only requirement that the new 5G services have. New mission-critical applications also require high security and dependability. These three aspects (security, dependability, and performance) are rarely addressed together. This survey fills this gap and presents 5G MEC by addressing all these three aspects. First, we overview the background knowledge on MEC by referring to the current standardization efforts. Second, we individually present each aspect by introducing the related taxonomy (important for the not expert on the aspect), the state of the art, and the challenges on 5G MEC. Finally, we discuss the challenges of jointly addressing the three aspects.Comment: 33 pages, 11 figures, 15 tables. This paper is under review at IEEE Communications Surveys & Tutorials. Copyright IEEE 202

The Cloud-to-Thing Continuum

The Internet of Things offers massive societal and economic opportunities while at the same time significant challenges, not least the delivery and management of the technical infrastructure underpinning it, the deluge of data generated from it, ensuring privacy and security, and capturing value from it. This Open Access Pivot explores these challenges, presenting the state of the art and future directions for research but also frameworks for making sense of this complex area. This book provides a variety of perspectives on how technology innovations such as fog, edge and dew computing, 5G networks, and distributed intelligence are making us rethink conventional cloud computing to support the Internet of Things. Much of this book focuses on technical aspects of the Internet of Things, however, clear methodologies for mapping the business value of the Internet of Things are still missing. We provide a value mapping framework for the Internet of Things to address this gap. While there is much hype about the Internet of Things, we have yet to reach the tipping point. As such, this book provides a timely entrée for higher education educators, researchers and students, industry and policy makers on the technologies that promise to reshape how society interacts and operates

A situational awareness model for data analysis on 5G mobile networks : the SELFNET analyzer framework

Tesis inédita de la Universidad Complutense de Madrid, Facultad de Informática, Departamento de Ingeniería del Software e Inteligencia Artificial, leída el 14-07-2017Se espera que las redes 5G provean un entorno seguro, con able y de alto rendimiento con interrupciones m nimas en la provisi on de servicios avanzados de red, sin importar la localizaci on del dispositivo o cuando el servicio es requerido. Esta nueva generaci on de red ser a capaz de proporcionar altas velocidades, baja latencia y mejor Calidad de Servicio (QoS) comparado con las redes actuales Long Term Evolution (LTE). Para proveer estas capacidades, 5G propone la combinaci on de tecnolog as avanzadas tales como Redes De nidas por Software (SDN), Virtualizaci on de las Funciones de Red (NFV), Redes auto-organizadas (SON) e Inteligencia Arti cial. De manera especial, 5G ser a capaz de solucionar o mitigar cambios inesperados o problemas t picos de red a trav es de la identi caci on de situaciones espec cas, tomando en cuenta las necesidades del usuario y los Acuerdos de Nivel de Servicio (SLAs). Actualmente, los principales operadores de red y la comunidad cient ca se encuentran trabajando en estrategias para facilitar el an alisis de datos y el proceso de toma de decisiones cuando eventos espec cos comprometen la salud de las redes 5G. Al mismo tiempo, el concepto de Conciencia Situacional (SA) y los modelos de gesti on de incidencias aplicados a redes 5G est an en etapa temprana de desarrollo. La idea principal detr as de estos conceptos es prevenir o mitigar situaciones nocivas de manera reactiva y proactiva. En este contexto, el proyecto Self-Organized Network Management in Virtualized and Software De ned Networks (SELFNET) combina los conceptos de SDN, NFV and SON para proveer un marco de gesti on aut onomo e inteligente para redes 5G. SELFNET resuelve problemas comunes de red, mientras mejora la calidad de servicio (QoS) y la Calidad de Experiencia (QoE) de los usuarios nales...5G networks hope to provide a secure, reliable and high-performance environment with minimal disruptions in the provisioning of advanced network services, regardless the device location or when the service is required. This new network generation will be able to deliver ultra-high capacity, low latency and better Quality of Service (QoS) compared with current Long Term Evolution (LTE) networks. In order to provide these capabilities, 5G proposes the combination of advanced technologies such as Software De ned Networking (SDN), Network Function Virtualization (NFV), Self-organized Networks (SON) or Arti cial Intelligence. In particular, 5G will be able to face unexpected changes or network problems through the identi cation of speci c situations, taking into account the user needs and the Service Level Agreements (SLAs). Nowadays, the main telecommunication operators and community research are working in strategies to facilitate the data analysis and decision-making process when unexpected events compromise the health in 5G Networks. Meanwhile, the concept of Situational Awareness (SA) and incident management models applied to 5G Networks are also in an early stage. The key idea behind these concepts is to mitigate or prevent harmful situations in a reactive and proactive way. In this context, Self-Organized Network Management in Virtualized and Software De ned Networks Project (SELFNET) combines SDN, NFV and SON concepts to provide a smart autonomic management framework for 5G networks. SELFNET resolves common network problems, while improving the QoS and Quality of Experience (QoE) of end users...Depto. de Ingeniería de Software e Inteligencia Artificial (ISIA)Fac. de InformáticaTRUEunpu