5G-Enabled Defence-in-Depth for Multi-domain Operations

Kukliński, Sławomir; Szczypiorski, Krzysztof; Wrona, Konrad; Bieniasz, Jędrzej

doi:10.1109/milcom55135.2022.10017753

Cited by 2 publications

(4 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the second phase, attacks can exploit misconfigurations and information gained from system infiltration, such as the maximum number of sessions supported by V-UPF and the activation of security controls to launch the attacks. To this end, our adversary model includes attacks targeting the data plane, such as attacks that aim to break V-UPF, H-UPF, and GTP-U data traffic passing through the N9 reference point (between H-UPF and V-UPF) [23], or GTP-C passing through the N4 reference point (between H-SMF and H-UPF) [24] or even the N6 reference point between 6G-V2X application and H-UPF [25]. These can critically impact 6G-V2X services such as MEC-assisted services and applications.…”

Section: Adversary Modelmentioning

confidence: 99%

Multi-Process Federated Learning With Stacking for Securing 6G-V2X Network Slicing at Cross-Borders

Boualouache,

Jolfaei,

Engel

2024

IEEE Trans. Intell. Transport. Syst.

View full text Add to dashboard Cite

Being part of the 6G ecosystem vision, Connected and Automated Vehicles (CAVs) will enjoy sophisticated tailored services offering road safety and entertainment for users. As one of the 6G cornerstones, Network Slicing (NS) allows the creation of various customized 6G-V2X (Vehicle-to-Everything) use cases on the same physical infrastructure. However, 6G-NS advances can open up breaches to cyber-attacks aiming to break 6G-V2X Network slices to inflict maximum damage on CAVs and their users. Crossing borders, where CAVs leave their V2X-NS (V2X Network Slice) in the Home Mobile Network Operator (H-MNO) toward a similar V2X-NS in the Visited MNO (V-MNO), is an attractive opportunity to exploit by attackers. Detecting and mitigating attacks, in this case, becomes a priority, confronted by NS requirements and MNOs not ready to share their private data. To this end, this paper proposes a 3GPP-compliant privacy preservation collaborative learning scheme for 6G-NS security, focusing on V2X-NS cross-border areas. Our scheme leverages multi-process Federated Learning (FL) architecture to build efficient V2X-NS security-related models while preserving 6G V2X-NS isolation. In addition, it uses differential privacy-enabled stacking to build up attack detection knowledge at the V2X-NSs and MNOs levels while ensuring privacy preservation. We conducted an experimental study on the 5G-NIDD dataset, which is one of the most realistic publicly available 5G datasets. Our results demonstrate that multi-process FL with stacking can deliver high accuracy while ensuring isolation between 6G-V2X-NSs and privacy preservation between H-MNO and V-MNO.

show abstract

Section: Adversary Modelmentioning

confidence: 99%

Multi-Process Federated Learning With Stacking for Securing 6G-V2X Network Slicing at Cross-Borders

Boualouache,

Jolfaei,

Engel

2024

IEEE Trans. Intell. Transport. Syst.

View full text Add to dashboard Cite

show abstract

“…Consequently, V-MNO should promptly allocate for CAVs a 5G-V2X-NS with features similar to that the H-MNO uses. However, this may result in several vulnerabilities, such as non-timely synchronization of security policies and misconfigurations on both the H-MNO and V-MNO sides, which could be exploited to launch attacks on the data plane [5][6][7]. In addition to 5G security solutions, other security services should be deployed to prevent, detect, and mitigate 5G-V2X NS attacks at cross borders.…”

Section: Architecturementioning

confidence: 99%

“…According to Equation (6), the total sum of selected security services' resources for a given 5G-V2X-NS i should not exceed the maximum available resources Γ max in i. Also, Equation (7) indicates that the total sum of tolerable impact of selected security services for 5G-V2X-NS i should not exceed the maximum tolerable impact Λ max on i. m j=1 (x j * Γ(sr j )) ≤ Γmax, x j = 0, 1, 2, 3, ..l;…”

Section: Actionsmentioning

confidence: 99%

“…However, 5G-V2X NS at cross-border is facing several security issues, leading to road hazards and threatening users' lives [4]. Specifically, attackers can exploit the lack of synchronization between the security policies of the H-MNO and the V-MNO, misconfigurations, and information obtained from system infiltration to target the data plane related to CAVs [5][6][7]. Several intelligent security services have recently been proposed to detect and mitigate attacks in 5G-V2X network slicing [8,9].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Reinforcement Learning-Based Security Orchestration for 5G-V2X Network Slicing at Cross-Borders

Boualouache,

Korba,

Senouci

et al. 2023

GLOBECOM 2023 - 2023 IEEE Global Communications Conference

View full text Add to dashboard Cite

As part of the 5G, Connected and Automated Vehicles (CAVs) will benefit from Network Slicing (NS) in several tailored 5G-Vehicle-to-Everything (V2X) services running on the same physical infrastructure. However, the use of 5G-NS may also increase the risk of cyber-attacks that could compromise 5G-V2X network slices (5G-V2X-NSs) and cause significant harm to CAV's passengers. This risk is particularly high at cross-borders, where CAVs move from their Home Mobile Network Operator (H-MNO) to a Visited MNO (V-MNO), with similar 5G-V2X-NSs in place. Therefore, deploying security services to neutralize 5G-V2X NS threats in this scenario is mandatory. However, if H-MNO and V-MNO act independently, deploying these security services could be inefficient and may result in increased memory, processing, and network resource consumption. Thus, MNOs should collaborate to orchestrate their security services to neutralize 5G-V2X NS attacks and optimize their costs efficiently. In this context, this paper proposes a novel approach to enhance the security of 5G-V2X NS at cross-borders using Reinforcement Learning (RL) based security orchestration. Specifically, we trained and deployed an RL agent interacting with both H-MNO and V-MNO. The RL agent efficiently deploys security services to effectively remove threats, optimize resource utilization, and minimize the impact on 5G-V2X-NSs. The performance results show that the RL-based security orchestration neutralizes threats with an average success rate of almost 100%. Additionally, resource consumption is minimal at less than 8%, and the acceptable impact on 5G-V2X-NSs is negligible, averaging less than 12%.

show abstract

5G-Enabled Defence-in-Depth for Multi-domain Operations

Cited by 2 publications

References 6 publications

Multi-Process Federated Learning With Stacking for Securing 6G-V2X Network Slicing at Cross-Borders

Multi-Process Federated Learning With Stacking for Securing 6G-V2X Network Slicing at Cross-Borders

Reinforcement Learning-Based Security Orchestration for 5G-V2X Network Slicing at Cross-Borders

Contact Info

Product

Resources

About