Statistical slice-level analysis for online detection of distributed denial-of-service (DDoS) attacks in network slicing environments

Abstract

Network slicing (NS) is a technique that enables network operators to create multiple virtual networks, each customized for specific clients, services, or applications, while still utilizing a shared physical network infrastructure. Although this approach provides benefits in terms of resource usage and flexibility, it also introduces new security risks, particularly in the form of DDoS attacks. These attacks can be targeted at specific slices, causing disruptions to the services provided by those slices, which may impact multiple clients or applications that rely on those services. To mitigate the security risks posed by NS, the paper proposes an intrusion detection system that is designed to safeguard network slices from DDoS attacks. The proposed system relies on statistical methods that use joint entropy and dynamic thresholds to analyze network traffic in real time. Based on the findings of the testbed conducted for network slices, the proposed system exhibited a remarkable level of effectiveness in identifying DDoS attacks directed targeting a specific slice. The detection rate was recorded at 99%, and the delay rate was extremely low at 0.32 s. These results imply that the system can recognize and respond to attacks swiftly, which can aid in swiftly mitigating potential threats.

Keywords

network slice network security statistical analysis DDoS attack SDN-based network

Get full access to this article

View all access options for this article.

References

Leonardi

Ashjaei

Fotouhi

, et al. A proposal towards software-defined management of heterogeneous virtualized industrial networks. In: Proceedings of the IEEE 17th international conference on industrial informatics (INDIN), Helsinki, Finland, 22–25 July 2019.

Hamdi

Ksouri

Bulut

, et al. Network slicing-based learning techniques for IOV in 5G and beyond networks. IEEE Commun Surv Tutor 2024; 26: 1989–2047.

Rafique

Barai

Fapojuwo

, et al. A survey on beyond 5G network slicing for smart cities applications. IEEE Commun Surv Tutor 2024; 99: 1.

Elmosilhy

Elmesalawy

Ibrahim

, et al. Joint Q-learning based resource allocation and multi-numerology B5G network slicing exploiting LWA technology. IEEE Access 2024; 12: 22043–22058.

Guo

Wen

, et al. Customized 5G and beyond private networks with integrated URLLC, eMBB, mMTC, and positioning for industrial verticals. IEEE Commun Stand Mag 2022; 6: 52–57.

Mahdi

Abdullah

. Survey on enabling network slicing based on SDN/NFV. In: International conference on information systems and intelligent applications: ICISIA 2022, Kuala Lumpur, Malaysia, 1–2 July 2022. Cham: Springer International Publishing, pp.733–758.

Sadkhan

Abbas

Mahdi

, et al. Software-defined network security-status, challenges, and future trends. In: 2022 IEEE muthanna international conference on engineering science and technology (MICEST), Samawah, Iraq, 16–17 March 2022.

Amaizu

Nwakanma

Bhardwaj

, et al. Composite and efficient DDoS attack detection framework for B5G networks. Comput Netw 2021; 188: 107871.

De Alwis

Porambage

Dev

, et al. A survey on network slicing security: attacks, challenges, solutions and research directions. IEEE Commun Surv Tutor 2023; 26: 534–570.

10.

Kareem

Jasim

. Entropy-based distributed denial of service attack detection in software-defined networking. Indones J Electr Eng Comput Sci 2022; 27: 1542–1549.

11.

Kareem

Jasim

. Fast and accurate classifying model for denial-of-service attacks by using machine learning. Bull Electr Eng Inform 2022; 11: 1742–1751.

12.

D’Angelo

Farsimadan

Palmieri

. Recurrence plots-based network attack classification using CNN-autoencoders. In: 2023 international conference on computational science and its applications, Athens, Greece, 3–6 July 2023. Cham: Springer Nature Switzerland, pp.191–209.

13.

D’Angelo

Farsimadan

Ficco

, et al. Privacy-preserving malware detection in Android-based IoT devices through federated Markov chains. Future Gener Comput Syst 2023; 148: 93–105.

14.

Sattar

Matrawy

. Towards secure slicing: using slice isolation to mitigate DDoS attacks on 5G core network slices. In: 2019 IEEE conference on communications and network security (CNS), Washington, DC, 10–12 June 2019, pp.82–90.

15.

Bonfim

Santos

Dias

, et al. A real-time attack defense framework for 5G network slicing. Softw Pract Exper 2020; 50: 1228–1257.

16.

Thantharate

Paropkari

Walunj

, et al. Secure5G: a deep learning framework towards a secure network slicing in 5G and beyond. In: 2020 IEEE 10th annual computing and communication workshop and conference (CCWC), Las Vegas, NV, USA, 6–8 January 2020, pp.0852–0857.

17.

Wang

Liang

Chen

, et al. Distributed online anomaly detection for virtualized network slicing environment. IEEE Trans Veh Technol 2020; 71: 12235–12249.

18.

Kuadey

NAE

Maale

Kwantwi

, et al. DeepSecure: detection of distributed denial of service attacks on 5G network slicing–deep learning approach. IEEE Wirel Commun Lett 2022; 11: 488–492.

19.

Bousalem

Silva

Langar

, et al. Deep learning-based approach for DDoS attacks detection and mitigation in 5G and beyond mobile networks. In: 2022 IEEE 8th international conference on network softwarization (NetSoft), Milan, Italy, 27 June–1 July 2022, pp.228–230.

20.

Sherwood

Gibb

Yap

, et al. FlowVisor: a network virtualization layer. OpenFlow Switch Consortium, Technical Report 2019-1-132. http://OpenFlowSwitch.org/downloads/technicalreports/openflow-tr-2009-1-flowvisor.pdf

21.

Mahdi

Abdullah

. Implementation of network slicing for multi-controller environment based on FlowVisor. In: International conference on new trends in information and communications technology applications, Baghdad, Iraq, 16–17 November 2022. Cham: Springer Nature Switzerland, pp.173–188.

22.

Nakashima

Sueyoshi

Oshima

. Early DoS/DDoS detection method using short-term statistics. In: International conference on complex, intelligent and software intensive systems, Krakow, Poland, 15–18 February 2010, pp.168–173.

23.

Bavaud

Chappelier

Kohlas

. An introduction to information theory and applications. Version 2.04-20050309-UniFr course. https://www.fon.hum.uva.nl/rob/Courses/InformationInSpeech/CDROM/Literature/LOTwinterschool2006/diuf.unifr.ch/tcs/courses/it04-05/script/information-theory.pdf

24.

“IDS 2017 | Datasets | Research | Canadian Institute for Cybersecurity |UNB.” https://www.unb.ca/cic/datasets/ids-2017.html (accessed 6 September 2022).