TLS Performance Evaluation in the Control Plane of a 5G Core Network Slice

Vasoukolaei, Alireza Hosseini; Sattar, Danish; Matrawy, Ashraf

doi:10.1109/cscn53733.2021.9686094

Cited by 3 publications

(2 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The study most similar to ours has been done by Vasoukolaei et al [25], focusing specifically on the registration message between a NF and the NRF. They identified different metrics by capturing the traffic and extracting the required information from the dump.…”

Section: Related Workmentioning

confidence: 71%

Performance Evaluation of Transport Layer Security in the 5G Core Control Plane

Zeidler,

Sturm,

Fraunholz

et al. 2024

Proceedings of the 17th ACM Conference on Security and Privacy in Wireless and Mobile Networks

View full text Add to dashboard Cite

As 5G is currently being rolled out, security considerations for this critical infrastructure are getting more into focus. Hereby, the security investigation of the 5G core as the central element plays a pivotal role. The structure of the core is based on a Service-Based Architecture (SBA) consisting of Network Functions (NFs). These NFs communicate via REST/HTTP2 interfaces, that can be secured using Transport Layer Security (TLS) for encryption. However, this enhanced security is not enforced by standardization, but up to the system operator to decide. Therefore, in this work we derive recommendations on when to use TLS. For that, we investigate the overhead of TLS in a simulation, based on the open-source frameworks Open5GS and UERANSIM. To measure a user-relevant overhead, we look into 5G's UE registration and Packet Data Unit (PDU) session establishment procedures. By testing 14 of the most relevant cipher suites, our results show, that TLS adds no more than 1 % of time overhead in a running system. Further, we show cipher suites using ECDSA keys to be faster than the ones using RSA keys. Surprisingly, TLS 1.3 shows a larger performance overhead than its predecessor TLS 1.2. We demonstrate CPU and memory overhead of TLS to be insignificant in the context of the 5G core. CCS CONCEPTS• Networks → Network measurement; Mobile and wireless security; • Security and privacy → Security protocols; Distributed systems security; Domain-specific security and privacy architectures.

show abstract

Section: Related Workmentioning

confidence: 71%

Performance Evaluation of Transport Layer Security in the 5G Core Control Plane

Zeidler,

Sturm,

Fraunholz

et al. 2024

Proceedings of the 17th ACM Conference on Security and Privacy in Wireless and Mobile Networks

View full text Add to dashboard Cite

show abstract

“…Although federated learning protects clients' local data privacy, the training parameters exchanged between the clients and server can be vulnerable to numerous attacks and compromised. Te TLS protocol, recommended by 3GPP [46] for communication security between 5G VNFs, can guarantee the integrity of the data between VNFs during the training process. Te current TLS version (version 1.3) was used in the simulation to encrypt the proposed model parameters sent between the VNFs and the server.…”

Section: Tls Version 13 For More Securitymentioning

confidence: 99%

Balancing Data Privacy and 5G VNFs Security Monitoring: Federated Learning with CNN + BiLSTM + LSTM Model

Maiga,

Ataro,

Githinji

2024

Journal of Electrical and Computer Engineering

View full text Add to dashboard Cite

The cloudification of telecommunication network functions with 5G is a novelty that offers higher performance than that of previous generations. However, these virtual network functions (VNFs) are exposed to internet threats when hosted in the cloud, resulting in new security challenges. Another fact is that many VNFs vendors with different security policies will be implied in 5G deployment, creating a heterogeneous 5G network. The authorities also require data privacy enhancement in 5G deployment and there is the fact that mobile operators need to inspect data for malicious traffic detection. In this situation, how can network traffic inspections be conducted effectively without infringing on data privacy? This study addresses this gap by proposing a novel state-of-the-art hybrid deep neural network that combines a convolutional neural network (CNN) stacked to bidirectional long short-term memory (BiLSTM) and unidirectional long short-term memory (LSTM) for the deep inspection of network flow for malicious traffic detection. The approach utilizes federated learning (FL) to facilitate multiple VNFs vendors to collaboratively train the proposed model without sharing VNFs’ raw data, which can mitigate the risk of data privacy violation. The proposed framework incorporates transport layer security (TLS) encryption to prevent data tempering or man-in-the-middle attacks between VNFs. The framework was validated through simulation using open-access benchmark datasets (InSDN and CICIDS2017). They achieved 99.99% and 99.58% accuracy and 0.048% and 0.617% false-positive rates for the InSDN and CICIDS2017 datasets, respectively, for FL. This study demonstrates the potential of hybrid deep learning-based FL for heterogeneous 5G network VNFs security monitoring.

show abstract

Towards adoption of secure communication protocol in Software Defined Networks

Kancherla

Kulkarni

2023

2023 15th International Conference on COMmunication Systems &Amp; NETworkS (COMSNETS)

View full text Add to dashboard Cite

TLS Performance Evaluation in the Control Plane of a 5G Core Network Slice

Cited by 3 publications

References 16 publications

Performance Evaluation of Transport Layer Security in the 5G Core Control Plane

Performance Evaluation of Transport Layer Security in the 5G Core Control Plane

Balancing Data Privacy and 5G VNFs Security Monitoring: Federated Learning with CNN + BiLSTM + LSTM Model

Towards adoption of secure communication protocol in Software Defined Networks

Contact Info

Product

Resources

About