Jingyi Wang,Xinyue Zhang,Wenjun Xu,Qixun Zhang,Zhiyong Feng,Miao Pan

DOI: https://doi.org/10.1109/ICDCS.2019.00156

2019-01-01

Abstract:In the coming fifth generation (5G) or beyond 5G next generation networks (NGNs), the small cell deployment is a promising solution to meet the ever increasing demands of mobile devices, and the proliferation of wireless services. The low power base station (BS), such as femtocell BS, is a cost-effective and environmental friendly substitution for the power-hungry macrocell BS. One potentially effective way to deploy those small cells is to use two-tier NGN architecture, where the first-tier carrier can authorize the second-tier carrier's access to users' transmission information database (e.g., uplink/downlink service demands), and thereafter the second-tier carrier can decide how to place small cell BSs according to the mobile users' requirements locally. However, the second-tier carriers/operators for small cell placement may not be trustworthy, and the NGN users' data privacy might be compromised. To address this issue, we integrate differential privacy (DP) preserving techniques into data-driven optimization, and propose a novel scheme that not only preserves the privacy of NGN users' transmission information, but also maximizes the revenue of small cell deployment. Briefly, differential private noises are intentionally added into the users' transmission information database. Based on queries, the second-tier carrier can aggregate a given set of users' differentially private historical data, estimate the users demands, and formulate the data-driven revenue maximization problem. Given the stochastic programming optimization formulation, we develop feasible solutions and conduct extensive simulations with real-world transmission datasets (i.e., transmission data collected hourly from 3072 4G eNBs deployed in several southern cities of China in 2015) to verify the effectiveness of the proposed scheme.

Fatima Salahdine,Qiang Liu,Tao Han

DOI: https://doi.org/10.1109/ojcs.2022.3161933

2022-01-01

IEEE Open Journal of the Computer Society

Abstract:Network slicing is one of the emerging technologies allowing resource sharing among different network entities in 5G networks. It enables delivering smart, critical, and multi-services with distinctive requirements transiting from network as an infrastructure to network as a service setup. Although its advantages, it is facing several challenges raised from isolation and resource sharing among services leading to security issues. Security is a critical problem for network slicing as slices serving customized services with different requirements may also have different security levels and policies. Thus, considering the impact of these security issues on network slices is required when defining and designing security protocols. Addressing these challenges is necessary to protect users security and privacy while maintaining the required performance and QoS. Most of the existing works covered only one or more aspects of the network slicing including, architecture, taxonomy, challenges, security issues, attacks classification, possible solutions, and future scope. In this paper, we extensively investigated all these aspects and others, we analyzed how the security can be ensured inside and outside of the network slices with resource isolation, machine learning, and cryptography with an E2E security. We presented a deep review of the security issues threatening the network slicing and how to mitigate them over a multi-domain infrastructure in 5G networks. we evaluated the performance of some of these solutions in preventing malicious attacks through experiments using Open Air Interface.

Nan Ma,Xiaofeng Zhong,Peng Liu,Shidong Zhou

DOI: https://doi.org/10.1109/vtc2020-spring48590.2020.9128924

2020-01-01

Abstract:With the continuous advancement of 5G, the system architecture of the network needs to be highly adaptable to serve new and legal cases while meeting the requirements of users for higher security of communications. This paper proposes a SDN/NFV-based core network slicing for secure mobile communication. This slicing provides a solution to the problem of unencrypted user data with strong connectivity, security and scalability. On the one hand, it is compatible with the existing network architecture and suitable for 5G networks. In addition, it uses symmetric keys corresponding to the user and the network to encrypt user data, which is different from VPN. Moreover, core network slicing based on SDN/NFV is the key to satisfying the complex and diverse scenarios of 5G, with future-oriented scalability and flexibility.

Wu Qiang,Wu Chun-Ming,Chen Lin

DOI: https://doi.org/10.1049/iet-com.2018.5584

IF: 1.345

2019-01-01

IET Communications

Abstract:With a traditional static model of telecommunications service, it is difficult to deal with the uncertain factors and differentiation of massive mobile Internet services. Cloud computing, software-defined networking (SDN), and network function virtualisation (NFV) drive telecom networks to a new round of network reconstruction. The IaaS platform can partially solve the 'production tool' problem of operators; however, the 'production relationship' problem persists. After infrastructure reconstruction is completed, due to the 5G service vision of networks on demand and sliced networks, a PaaS environment is introduced to implement a new-generation of virtual network functions (VNFs). Based on the analysis of the necessity and feasibility of an Information and Communications Technology PaaS (ICT-PaaS) Platform, following the technical trend of 5G, the ICT-PaaS platform is proposed to construct a future network featuring elasticity, automation, flexibility, and openness. The adoption of lightweight VNF design ideas based on componentisation, containerisation, and microservice can better satisfy the requirements of flexible 'network slicing' than the traditional heavy monolith VNF-based on VMs. The measured results show that the optimisation implementations can significantly improve network forwarding performance. From the evaluation result of the cost benefits of it is possible to highlight potentials of the platform introduction.

Yinghui Zhang,Axin Wu,Zhenwei Chen,Dong Zheng,Jin Cao,Xiaohong Jiang

DOI: https://doi.org/10.1016/j.comcom.2020.12.014

IF: 5.047

2021-01-01

Computer Communications

Abstract:<p>The fifth generation (5G) mobile communication technologies significantly promote the development of attractive applications such as automatic driving and telemedicine due to its lower latency, higher data rate and massive connectivities. In addition, 5G network slices can be used to realize tailored transmission network according to users' different requirements. Nevertheless, 5G still suffers from security, privacy and performance issues exemplified by authenticated key agreement, identity and network slice privacy, and the flexibility and efficiency of network slice selection. In this paper, we tackle these challenges by proposing FANS, a Flexible and Anonymous Network Slicing method for cloud radio access network enabled authentication of emerging 5G service. FANS achieves users' identity privacy protection by hiding the public key associated with the actual identity in transmitted messages. The privacy, flexibility and efficiency of network slice selection are realized by adopting the idea of privacy-aware one-to-many matching which has been used in anonymous attribute-based encryption. Based on comprehensive security and performance analysis, FANS is shown to be secure and efficient.</p>

computer science, information systems,telecommunications,engineering, electrical & electronic

Qian Li,Geng Wu,Apostolos Papathanassiou,Udayan Mukherjee

DOI: https://doi.org/10.48550/arXiv.1608.00572

2016-08-01

Abstract:Wireless industry nowadays is facing two major challenges: 1) how to support the vertical industry applications so that to expand the wireless industry market and 2) how to further enhance device capability and user experience. In this paper, we propose a technology framework to address these challenges. The proposed technology framework is based on end-to-end vertical and horizontal slicing, where vertical slicing enables vertical industry and services and horizontal slicing improves system capacity and user experience. The technology development on vertical slicing has already started in late 4G and early 5G and is mostly focused on slicing the core network. We envision this trend to continue with the development of vertical slicing in the radio access network and the air interface. Moving beyond vertical slicing, we propose to horizontally slice the computation and communication resources to form virtual computation platforms for solving the network capacity scaling problem and enhancing device capability and user experience. In this paper, we explain the concept of vertical and horizontal slicing and illustrate the slicing techniques in the air interface, the radio access network, the core network and the computation platform. This paper aims to initiate the discussion on the long-range technology roadmap and spur development on the solutions for E2E network slicing in 5G and beyond.

Networking and Internet Architecture,Information Theory

Jinjin Gong,Lu Ge,Xin Su,Jie Zeng

DOI: https://doi.org/10.1007/978-3-319-56538-5_22

2017-01-01

Abstract:Network slicing is one of the key technologies for 5th-Generation (5G). It enables operators to construct network slices with similar qualities as dedicated stand-alone networks, but to realize them on a common physical platform. Meanwhile, the isolation among logical network slices can keep them from the negative impacts of other network slices. In this paper, we give an overview of the radio access network (RAN) slicing, and present some viewpoints on three categories of network slices. Moreover, an approach, which dynamically creates RAN slice to meet specific business and service requirements, is proposed. It does not only optimize performance and maximize resources utilization, but also shorten the creating time of slices.

Ali Esmaeily,Katina Kralevska

DOI: https://doi.org/10.3390/electronics13081548

IF: 2.9

2024-04-19

Electronics

Abstract:Sharing resources through network slicing in a physical infrastructure facilitates service delivery to various sectors and industries. Nevertheless, ensuring security of the slices remains a significant hurdle. In this paper, we investigate the utilization of State-of-the-Art (SoA) Virtual Private Network (VPN) solutions in 5G networks to enhance security and performance when isolating slices. We deploy and orchestrate cloud-native network functions to create multiple scenarios that emulate real-life cellular networks. We evaluate the performance of the WireGuard, IPSec, and OpenVPN solutions while ensuring confidentiality and data protection within 5G network slices. The proposed architecture provides secure communication tunnels and performance isolation. Evaluation results demonstrate that WireGuard provides slice isolation in the control and data planes with higher throughput for enhanced Mobile Broadband (eMBB) and lower latency for Ultra-Reliable Low-Latency Communications (URLLC) slices compared to IPSec and OpenVPN. Our developments show the potential of implementing WireGuard isolation, as a promising solution, for providing secure and efficient network slicing, which fulfills the 5G key performance indicator values.

engineering, electrical & electronic,computer science, information systems,physics, applied

Virendra Pratap Singh,Mahendra Pratap Singh,Saumya Hegde,Maanak Gupta

DOI: https://doi.org/10.1109/access.2024.3386632

IF: 3.9

2024-04-20

IEEE Access

Abstract:Network slicing has emerged as a cornerstone technology within the 5G ecosystem, enabling efficient resource allocation, service customization, and support for various applications. Its ability to deliver Network-as-a-Service (NaaS) brings a new paradigm of adaptable and efficient network provisioning. However, with the diversification of services and the increasing complexity of network infrastructures, a simultaneous rise in security vulnerabilities becomes evident. These flaws go beyond the limitations of conventional network security and affect various aspects of network slice (NS) implementation and management. The limitations of traditional security, such as static policies, single point of failure, and challenges in effectively securing network slicing deployments, underscore the need to explore security measures tailored to the dynamic nature of 5G networks. To ensure the robust security of 5G networks, it is essential to consider various security concerns such as isolation, authentication, and authorization. Furthermore, dynamic orchestration and inter-slice communication security challenges must be proactively tackled. The security concerns related to 5G networks must be addressed comprehensively to ensure the safe and secure operation of the network. Our survey paper goes into these complex security issues, providing an in-depth and systematic review of the various contexts in which they emerge. We have identified the five most vulnerable areas in Network Slicing: Slice-Lifecycle, Communication type slice uses, Technologies used to provide service, Management threats, and End Devices utilized in service. Apart from threats in these vulnerable areas, we also discussed a few generous attacks that can be launched to disrupt network-slicing services. Furthermore, this study is a valuable resource for evaluating the current state of research efforts in this domain, contributing to the ongoing enhancement of security measures and the overall robustness of network-slicing technology. In doing so, we aim to ensure the secure and sustainable evolution of 5G networks as they become increasingly integral to our digital infrastructure.

computer science, information systems,telecommunications,engineering, electrical & electronic

Zhao Jihong,Feng Qing,Wang Zhi,He Xiaoyuan

DOI: https://doi.org/10.11999/JEIT210195

2022-01-01

Abstract:In 5G mobile communication, the introduction of Network Slice (NS) solves successfully the problem of uneven network resource allocation in different business scenarios. In view of the problem that traditional algorithms can not meet the security deployment of 5G network multi business scenario slicing, an end-to-end Network Slicing security Requirement (NSR) deployment algorithm for multi business scenario is proposed. Firstly, the security of nodes in slice deployment process is defined; Secondly, the nodes are sorted and mapped according to their security. On this basis, in order to minimize the cost of network resource deployment and improve the security benefits of deployment, a mathematical model of slice deployment is constructed; Finally, considering the different resource requirements of each type of slicing, a targeted deployment algorithm is proposed to realize the secure deployment of end-to-end network slicing. Simulation results show that the proposed algorithm can satisfy the security deployment of end-to-end network slices, reduce the deployment cost and obtain better deployment security benefits.

Yao Sun,Lei Zhang,Gang Feng,Muhammad Ali Imran

DOI: https://doi.org/10.1002/9781119652434.ch9

2020-01-01

Abstract:Network slicing (NS) has been identified as one of the most promising architectural technologies for future mobile network systems to meet the extremely diversified service requirements of users. In radio access networks (RAN) slicing, service provisioning for slice users becomes much more complicated than that in traditional mobile networks, as the constraints of both user physical association with base station (BS) and logical association with NS should be considered. In other words, the user-BS-NS three layer association relationship should be addressed in provisioning tailored service for diversified use cases with various quality of service (QoS) requirements. Therefore, user association (including handoff scheme) in RAN slicing becomes an essential yet challenging issue for 5G-and-beyond systems. In this chapter, we propose to solve two fundamental problems: user access control and mobile user handoff policy design for RAN slicing to achieve satisfactory QoS of users.

H. Zhang,N. Liu,X. Chu,K. Long,A. Aghvami,V. C. M. Leung

DOI: https://doi.org/10.48550/arXiv.1704.07038

2017-04-24

Abstract:The fifth-generation (5G) networks are expected to be able to satisfy users' different quality-of-service (QoS) requirements. Network slicing is a promising technology for 5G networks to provide services tailored for users' specific QoS demands. Driven by the increased massive wireless data traffic from different application scenarios, efficient resource allocation schemes should be exploited to improve the flexibility of network resource allocation and capacity of 5G networks based on network slicing. Due to the diversity of 5G application scenarios, new mobility management schemes are greatly needed to guarantee seamless handover in network slicing based 5G systems. In this article, we introduce a logical architecture for network slicing based 5G systems, and present a scheme for managing mobility between different access networks, as well as a joint power and subchannel allocation scheme in spectrum-sharing two-tier systems based on network slicing, where both the co-tier interference and cross-tier interference are taken into account. Simulation results demonstrate that the proposed resource allocation scheme can flexibly allocate network resources between different slices in 5G systems. Finally, several open issues and challenges in network slicing based 5G networks are discussed, including network reconstruction, network slicing management and cooperation with other 5G technologies.

Information Theory

Stan Wong,Bin Han,Hans D. Schotten

DOI: https://doi.org/10.3390/network2010011

2022-03-08

Network

Abstract:This article reveals an adequate comprehension of basic defense, security challenges, and attack vectors in deploying multi-network slicing. Network slicing is a revolutionary concept of providing mobile network on-demand and expanding mobile networking business and services to a new era. The new business paradigm and service opportunities are encouraging vertical industries to join and develop their own mobile network capabilities for enhanced performances that are coherent with their applications. However, a number of security concerns are also raised in this new era. In this article, we focus on the deployment of multi-network slicing with multi-tenancy. We identify the security concerns and discuss the defense approaches such as network slice isolation and insulation in a multi-layer network slicing security model. Furthermore, we identify the importance to appropriately select the network slice isolation points and propose a generic framework to optimize the isolation policy regarding the implementation cost while guaranteeing the security and performance requirements.

Ramraj Dangi,Akshay Jadhav,Gaurav Choudhary,Nicola Dragoni,Manas Kumar Mishra,Praveen Lalwani

DOI: https://doi.org/10.3390/fi14040116

2022-04-08

Future Internet

Abstract:Fifth-generation networks efficiently support and fulfill the demands of mobile broadband and communication services. There has been a continuing advancement from 4G to 5G networks, with 5G mainly providing the three services of enhanced mobile broadband (eMBB), massive machine type communication (eMTC), and ultra-reliable low-latency services (URLLC). Since it is difficult to provide all of these services on a physical network, the 5G network is partitioned into multiple virtual networks called “slices”. These slices customize these unique services and enable the network to be reliable and fulfill the needs of its users. This phenomenon is called network slicing. Security is a critical concern in network slicing as adversaries have evolved to become more competent and often employ new attack strategies. This study focused on the security issues that arise during the network slice lifecycle. Machine learning and deep learning algorithm solutions were applied in the planning and design, construction and deployment, monitoring, fault detection, and security phases of the slices. This paper outlines the 5G network slicing concept, its layers and architectural framework, and the prevention of attacks, threats, and issues that represent how network slicing influences the 5G network. This paper also provides a comparison of existing surveys and maps out taxonomies to illustrate various machine learning solutions for different application parameters and network functions, along with significant contributions to the field.

Nick Doty,Mallory Knodel

DOI: https://doi.org/10.48550/arXiv.2308.05829

2023-08-10

Networking and Internet Architecture

Abstract:The principles of net neutrality have been essential for maintaining the diversity of services built on top of the internet and for maintaining some competition between small and large providers of those online services. That diversity and competition, in turn, provide users with a broader array of choices for seeking online content and disseminating their own speech. Furthermore, in order for the internet to be used to its full potential and to protect the human rights of internet users, we need privacy from surveillance and unwarranted data collection by governments, network providers, and edge providers. The transition to 5G mobile networks enables network operators to engage in a technique called network slicing. The portion of a network that is sliced can be used to provide a suite of different service offerings, each tailored to specific purposes, instead of a single, general-purpose subscription for mobile voice and data. This requires a careful approach. Our report describes the technologies used for network slicing and outlines recommendations -- for both operators and regulators -- to enable network slicing while maintaining network neutrality, protecting privacy, and promoting competition.

Shujuan Gao,Ruyan Lin,Yulong Fu,Hui Li,Jin Cao

DOI: https://doi.org/10.3390/electronics13101860

IF: 2.9

2024-05-10

Electronics

Abstract:Network slicing empowers 5G with enhanced network performance and efficiency, cost saving, and better QoS and customer satisfaction, and expands the commercial application scenarios of 5G networks. However, the introduction of new techniques usually raises new security threats. Most of the existing works on 5G security only focus on 5G itself and do not analyze 5G network slicing security in detail. We consider network slices as a virtual logical network that can unite the subnetwork parts of 5G. If a 5G network slice has security problems or has been attacked, the entire 5G network will have security risks. In this paper, after synthesizing the existing literature, we analyze the security threats step by step through the lifecycle of 5G network slices, analyzing and summarizing more than 70 security threats in three major categories. Based on the security issues investigated, from a viewpoint of building a secure 5G network slicing system, we compiled 24 security requirements and proposed the corresponding recommendations for different scenarios of 5G network slicing. Finally, we collated the future research trends of 5G network slicing security.

engineering, electrical & electronic,physics, applied,computer science, information systems

Stavros Eleftherakis,Timothy Otim,Giuseppe Santaromita,Almudena Diaz Zayas,Domenico Giustiniano,Nicolas Kourtellis

DOI: https://doi.org/10.1145/3636534.3690696

2024-09-26

Abstract:Ensuring user privacy remains critical in mobile networks, particularly with the rise of connected devices and denser 5G infrastructure. Privacy concerns have persisted across 2G, 3G, and 4G/LTE networks. Recognizing these concerns, the 3rd Generation Partnership Project (3GPP) has made privacy enhancements in 5G Release 15. However, the extent of operator adoption remains unclear, especially as most networks operate in 5G Non Stand Alone (NSA) mode, relying on 4G Core Networks. This study provides the first qualitative and experimental comparison between 5G NSA and Stand Alone (SA) in real operator networks, focusing on privacy enhancements addressing top eight pre-5G attacks based on recent academic literature. Additionally, it evaluates the privacy levels of OpenAirInterface (OAI), a leading open-source software for 5G, against real network deployments for the same attacks. The analysis reveals two new 5G privacy vulnerabilities, underscoring the need for further research and stricter standards.

Networking and Internet Architecture

Xin SU,Xiang-yu ZHANG,Jie ZENG

DOI: https://doi.org/10.3969/j.issn.1671-1815.2017.29.042

2017-01-01

Abstract:As the vision and concept of the 5G is becoming more and more transparent,network slicing has gradually become a potential solution to various scenarios.But in the case of coexistence of multiple network instances,network management and users' attachment to the network encounter many problems.Based on the development trend of 5 G and its key technology,a management scheme with network slice manager as the core is proposed.Network functionality virtualisation is used to realize the complete automation of the creation and modification of network slices.As for the coexistence of multiple network instances,the network slice selection module can assists the users to attach to network instances.This scheme divides the network into three layers,which are respectively infrastructure layer,network instance layer and services instance layer.Meanwhile it makes the telecommunications network an open platform,which allows each layer in it to be sold,tenanted and managed as a service.This changes the existing business model of the telecommunications field and brings more flexibility for its operation and maintenance.

WANG Yi,LUO Fengya,SUN Guolin

DOI: https://doi.org/10.11959/j.issn.1000-0801.2018093

2018-01-01

Abstract:As a core content in SDN(software defined networking) technical framework,network slice has become a key technology in 5G network evolving processing.In the meanwhile,radio resource management should be focused on virtulized resource and sliced design in the RAN(radio access network),which is being confronted with much more ubiquitous access in 5G evolution.Based on the technical demand and function scenario definition for network slicing in RAN management,the states of the art in radio resource management were discussed,and moreover,the challenges in RAN design were also proposed,which would perform references for the future research.

Paul Wright,Catherine White,Ryan C. Parker,Jean-Sébastien Pegon,Marco Menchetti,Joseph Pearse,Arash Bahrami,Anastasia Moroz,Adrian Wonfor,Richard V. Penty,Timothy P. Spiller,Andrew Lord

DOI: https://doi.org/10.1364/JOCN.413918

2021-01-08

Abstract:We demonstrate how the 5G network slicing model can be extended to address data security requirements. In this work we demonstrate two different slice configurations, with different encryption requirements, representing two diverse use-cases for 5G networking: namely, an enterprise application hosted at a metro network site, and a content delivery network. We create a modified software-defined networking (SDN) orchestrator which calculates and provisions network slices according to the requirements, including encryption backed by quantum key distribution (QKD), or other methods. Slices are automatically provisioned by SDN orchestration of network resources, allowing selection of encrypted links as appropriate, including those which use standard Diffie-Hellman key exchange, QKD and quantum-resistant algorithms (QRAs), as well as no encryption at all. We show that the set-up and tear-down times of the network slices takes of the order of 1-2 minutes, which is an order of magnitude improvement over manually provisioning a link today.

Networking and Internet Architecture,Quantum Physics