Fatima Salahdine,Qiang Liu,Tao Han

DOI: https://doi.org/10.1109/ojcs.2022.3161933

2022-01-01

IEEE Open Journal of the Computer Society

Abstract:Network slicing is one of the emerging technologies allowing resource sharing among different network entities in 5G networks. It enables delivering smart, critical, and multi-services with distinctive requirements transiting from network as an infrastructure to network as a service setup. Although its advantages, it is facing several challenges raised from isolation and resource sharing among services leading to security issues. Security is a critical problem for network slicing as slices serving customized services with different requirements may also have different security levels and policies. Thus, considering the impact of these security issues on network slices is required when defining and designing security protocols. Addressing these challenges is necessary to protect users security and privacy while maintaining the required performance and QoS. Most of the existing works covered only one or more aspects of the network slicing including, architecture, taxonomy, challenges, security issues, attacks classification, possible solutions, and future scope. In this paper, we extensively investigated all these aspects and others, we analyzed how the security can be ensured inside and outside of the network slices with resource isolation, machine learning, and cryptography with an E2E security. We presented a deep review of the security issues threatening the network slicing and how to mitigate them over a multi-domain infrastructure in 5G networks. we evaluated the performance of some of these solutions in preventing malicious attacks through experiments using Open Air Interface.

Virendra Pratap Singh,Mahendra Pratap Singh,Saumya Hegde,Maanak Gupta

DOI: https://doi.org/10.1109/access.2024.3386632

IF: 3.9

2024-04-20

IEEE Access

Abstract:Network slicing has emerged as a cornerstone technology within the 5G ecosystem, enabling efficient resource allocation, service customization, and support for various applications. Its ability to deliver Network-as-a-Service (NaaS) brings a new paradigm of adaptable and efficient network provisioning. However, with the diversification of services and the increasing complexity of network infrastructures, a simultaneous rise in security vulnerabilities becomes evident. These flaws go beyond the limitations of conventional network security and affect various aspects of network slice (NS) implementation and management. The limitations of traditional security, such as static policies, single point of failure, and challenges in effectively securing network slicing deployments, underscore the need to explore security measures tailored to the dynamic nature of 5G networks. To ensure the robust security of 5G networks, it is essential to consider various security concerns such as isolation, authentication, and authorization. Furthermore, dynamic orchestration and inter-slice communication security challenges must be proactively tackled. The security concerns related to 5G networks must be addressed comprehensively to ensure the safe and secure operation of the network. Our survey paper goes into these complex security issues, providing an in-depth and systematic review of the various contexts in which they emerge. We have identified the five most vulnerable areas in Network Slicing: Slice-Lifecycle, Communication type slice uses, Technologies used to provide service, Management threats, and End Devices utilized in service. Apart from threats in these vulnerable areas, we also discussed a few generous attacks that can be launched to disrupt network-slicing services. Furthermore, this study is a valuable resource for evaluating the current state of research efforts in this domain, contributing to the ongoing enhancement of security measures and the overall robustness of network-slicing technology. In doing so, we aim to ensure the secure and sustainable evolution of 5G networks as they become increasingly integral to our digital infrastructure.

computer science, information systems,telecommunications,engineering, electrical & electronic

Wu Qiang,Wu Chun-Ming,Chen Lin

DOI: https://doi.org/10.1049/iet-com.2018.5584

IF: 1.345

2019-01-01

IET Communications

Abstract:With a traditional static model of telecommunications service, it is difficult to deal with the uncertain factors and differentiation of massive mobile Internet services. Cloud computing, software-defined networking (SDN), and network function virtualisation (NFV) drive telecom networks to a new round of network reconstruction. The IaaS platform can partially solve the 'production tool' problem of operators; however, the 'production relationship' problem persists. After infrastructure reconstruction is completed, due to the 5G service vision of networks on demand and sliced networks, a PaaS environment is introduced to implement a new-generation of virtual network functions (VNFs). Based on the analysis of the necessity and feasibility of an Information and Communications Technology PaaS (ICT-PaaS) Platform, following the technical trend of 5G, the ICT-PaaS platform is proposed to construct a future network featuring elasticity, automation, flexibility, and openness. The adoption of lightweight VNF design ideas based on componentisation, containerisation, and microservice can better satisfy the requirements of flexible 'network slicing' than the traditional heavy monolith VNF-based on VMs. The measured results show that the optimisation implementations can significantly improve network forwarding performance. From the evaluation result of the cost benefits of it is possible to highlight potentials of the platform introduction.

Stan Wong,Bin Han,Hans D. Schotten

DOI: https://doi.org/10.3390/network2010011

2022-03-08

Network

Abstract:This article reveals an adequate comprehension of basic defense, security challenges, and attack vectors in deploying multi-network slicing. Network slicing is a revolutionary concept of providing mobile network on-demand and expanding mobile networking business and services to a new era. The new business paradigm and service opportunities are encouraging vertical industries to join and develop their own mobile network capabilities for enhanced performances that are coherent with their applications. However, a number of security concerns are also raised in this new era. In this article, we focus on the deployment of multi-network slicing with multi-tenancy. We identify the security concerns and discuss the defense approaches such as network slice isolation and insulation in a multi-layer network slicing security model. Furthermore, we identify the importance to appropriately select the network slice isolation points and propose a generic framework to optimize the isolation policy regarding the implementation cost while guaranteeing the security and performance requirements.

Danish Sattar,Ashraf Matrawy

DOI: https://doi.org/10.48550/arXiv.1901.01443

2019-04-26

Abstract:In this paper, we propose a solution to proactively mitigate Distributed Denial-of-Service attacks in 5G core network slicing using slice isolation. Network slicing is one of the key technologies that allow 5G networks to offer dedicated resources to different industries (services). However, a Distributed Denial-of-Service attack could severely impact the performance and availability of the slices as they could share the same physical resources in a multi-tenant virtualized networking infrastructure. Slice isolation is an essential requirement for 5G network slicing. In this paper, we use network isolation to tackle the challenging problem of Distributed Denial-of-Service attacks in 5G network slicing. We propose the use of a mathematical model that can provide on-demand slice isolation as well as guarantee end-to-end delay for 5G core network slices. We evaluate the proposed work with a mix of simulation and experimental work. Our results show that the proposed isolation could mitigate Distributed Denial-of-Service attacks as well as increase the availability of the slices. We believe this work will encourage further research in securing 5G network slicing.

Networking and Internet Architecture

Qian Li,Geng Wu,Apostolos Papathanassiou,Udayan Mukherjee

DOI: https://doi.org/10.48550/arXiv.1608.00572

2016-08-01

Abstract:Wireless industry nowadays is facing two major challenges: 1) how to support the vertical industry applications so that to expand the wireless industry market and 2) how to further enhance device capability and user experience. In this paper, we propose a technology framework to address these challenges. The proposed technology framework is based on end-to-end vertical and horizontal slicing, where vertical slicing enables vertical industry and services and horizontal slicing improves system capacity and user experience. The technology development on vertical slicing has already started in late 4G and early 5G and is mostly focused on slicing the core network. We envision this trend to continue with the development of vertical slicing in the radio access network and the air interface. Moving beyond vertical slicing, we propose to horizontally slice the computation and communication resources to form virtual computation platforms for solving the network capacity scaling problem and enhancing device capability and user experience. In this paper, we explain the concept of vertical and horizontal slicing and illustrate the slicing techniques in the air interface, the radio access network, the core network and the computation platform. This paper aims to initiate the discussion on the long-range technology roadmap and spur development on the solutions for E2E network slicing in 5G and beyond.

Networking and Internet Architecture,Information Theory

Ying Wang,Naling Li,Peng Yu,Wenjing Li,Xuesong Qiu,Shangguang Wang,Mohamed Cheriet

DOI: https://doi.org/10.1109/tsc.2022.3180831

IF: 11.019

2023-04-12

IEEE Transactions on Services Computing

Abstract:5G and beyond network will support vertical industry applications, and the resource requirements of each service vary widely. The introduction of network slices provides great flexibility to the network, which can realize the differentiated customization requirements of service. However, while determining how to intelligently orchestrate the network slices is an important challenge, current solutions rarely treat multiple customized requirements of delay, bandwidth, load balancing, and slice isolation. In this article, network slice orchestration is considered from the perspective of slice isolation and cloud-edge collaboration. First, differentiated isolation level requirements are restricted to constraints, the customized isolation is realized. Second, bandwidth is saved and network latency is reduced via the collaboration of cloud and edge data centers. In addition, exclusive orchestration optimization objectives that match various service needs are proposed to distinguish the specific requirements of different slices. Finally, two deep reinforcement learning-based algorithms are proposed. The experimental results demonstrate that the proposed algorithms can optimize the objectives while ensuring differentiated isolation levels. For typical slices, the proposed algorithms respectively reduce bandwidth consumption by about 29% and 64%, reduce slice delay by about 14% and 70%, and optimize load balancing by about 17% and 23%.

computer science, information systems, software engineering

Paul Wright,Catherine White,Ryan C. Parker,Jean-Sébastien Pegon,Marco Menchetti,Joseph Pearse,Arash Bahrami,Anastasia Moroz,Adrian Wonfor,Richard V. Penty,Timothy P. Spiller,Andrew Lord

DOI: https://doi.org/10.1364/JOCN.413918

2021-01-08

Abstract:We demonstrate how the 5G network slicing model can be extended to address data security requirements. In this work we demonstrate two different slice configurations, with different encryption requirements, representing two diverse use-cases for 5G networking: namely, an enterprise application hosted at a metro network site, and a content delivery network. We create a modified software-defined networking (SDN) orchestrator which calculates and provisions network slices according to the requirements, including encryption backed by quantum key distribution (QKD), or other methods. Slices are automatically provisioned by SDN orchestration of network resources, allowing selection of encrypted links as appropriate, including those which use standard Diffie-Hellman key exchange, QKD and quantum-resistant algorithms (QRAs), as well as no encryption at all. We show that the set-up and tear-down times of the network slices takes of the order of 1-2 minutes, which is an order of magnitude improvement over manually provisioning a link today.

Networking and Internet Architecture,Quantum Physics

Nan Ma,Xiaofeng Zhong,Peng Liu,Shidong Zhou

DOI: https://doi.org/10.1109/vtc2020-spring48590.2020.9128924

2020-01-01

Abstract:With the continuous advancement of 5G, the system architecture of the network needs to be highly adaptable to serve new and legal cases while meeting the requirements of users for higher security of communications. This paper proposes a SDN/NFV-based core network slicing for secure mobile communication. This slicing provides a solution to the problem of unencrypted user data with strong connectivity, security and scalability. On the one hand, it is compatible with the existing network architecture and suitable for 5G networks. In addition, it uses symmetric keys corresponding to the user and the network to encrypt user data, which is different from VPN. Moreover, core network slicing based on SDN/NFV is the key to satisfying the complex and diverse scenarios of 5G, with future-oriented scalability and flexibility.

V. Chamola,Vikas Hassija,G. Praveen,D. Niyato

DOI: https://doi.org/10.1109/MNET.011.2000489

IF: 10.294

2021-05-01

IEEE Network

Abstract:5G communications technologies are the backbone of future communications systems in satisfying different heterogeneous requirements of the industry and consumer applications. These systems rely on standardized protocols and heterogeneous architectures to engineer massive scaling of communication devices. Network Slicing (NS) can be incorporated into 5G to cater to the ever increasing needs of smart communications, ranging from Enhanced Mobile Broadband (eMBB) to Ultra-Reliable Low Latency Communications (URLLC). In this article, we present the performance analysis of such a network using real-world deployment and testing scenarios with state based network slice allocation. To account for transparency and security, a Blockchain-based model is integrated within the network operations. In particular, we carefully account for the latency aware operations of Network Slicing along with its UE state based allocation by telecom providers using Blockchain. Furthermore, provisioning the Blockchain in the Network Slice allocations increases the transparency and efficiency of resource handling operations within the network.

Computer Science,Engineering

Xiangman Li,Miao He,Jianbing Ni

2023-05-28

Abstract:Network slicing in 3GPP 5G system architecture has introduced significant improvements in the flexibility and efficiency of mobile communication. However, this new functionality poses challenges in maintaining the privacy of mobile users, especially in multi-hop environments. In this paper, we propose a secure and privacy-preserving network slicing protocol (SPNS) that combines 5G network slicing and onion routing to address these challenges and provide secure and efficient communication. Our approach enables mobile users to select network slices while incorporating measures to prevent curious RAN nodes or external attackers from accessing full slice information. Additionally, we ensure that the 5G core network can authenticate all RANs, while avoiding reliance on a single RAN for service provision. Besides, SPNS implements end-to-end encryption for data transmission within the network slices, providing an extra layer of privacy and security. Finally, we conducted extensive experiments to evaluate the time cost of establishing network slice links under varying conditions. SPNS provides a promising solution for enhancing the privacy and security of communication in 5G networks.

Cryptography and Security

Jinjin Gong,Lu Ge,Xin Su,Jie Zeng

DOI: https://doi.org/10.1007/978-3-319-56538-5_22

2017-01-01

Abstract:Network slicing is one of the key technologies for 5th-Generation (5G). It enables operators to construct network slices with similar qualities as dedicated stand-alone networks, but to realize them on a common physical platform. Meanwhile, the isolation among logical network slices can keep them from the negative impacts of other network slices. In this paper, we give an overview of the radio access network (RAN) slicing, and present some viewpoints on three categories of network slices. Moreover, an approach, which dynamically creates RAN slice to meet specific business and service requirements, is proposed. It does not only optimize performance and maximize resources utilization, but also shorten the creating time of slices.

Ramraj Dangi,Akshay Jadhav,Gaurav Choudhary,Nicola Dragoni,Manas Kumar Mishra,Praveen Lalwani

DOI: https://doi.org/10.3390/fi14040116

2022-04-08

Future Internet

Abstract:Fifth-generation networks efficiently support and fulfill the demands of mobile broadband and communication services. There has been a continuing advancement from 4G to 5G networks, with 5G mainly providing the three services of enhanced mobile broadband (eMBB), massive machine type communication (eMTC), and ultra-reliable low-latency services (URLLC). Since it is difficult to provide all of these services on a physical network, the 5G network is partitioned into multiple virtual networks called “slices”. These slices customize these unique services and enable the network to be reliable and fulfill the needs of its users. This phenomenon is called network slicing. Security is a critical concern in network slicing as adversaries have evolved to become more competent and often employ new attack strategies. This study focused on the security issues that arise during the network slice lifecycle. Machine learning and deep learning algorithm solutions were applied in the planning and design, construction and deployment, monitoring, fault detection, and security phases of the slices. This paper outlines the 5G network slicing concept, its layers and architectural framework, and the prevention of attacks, threats, and issues that represent how network slicing influences the 5G network. This paper also provides a comparison of existing surveys and maps out taxonomies to illustrate various machine learning solutions for different application parameters and network functions, along with significant contributions to the field.

Sujitha Venkatapathy,Thiruvenkadam Srinivasan,Oh-Sung Lee,Raju Jayaraman,Han-Gue Jo,In-Ho Ra

DOI: https://doi.org/10.1038/s41598-024-68892-9

2024-08-11

Abstract:Network slicing is crucial to the 5G architecture because it enables the virtualization of network resources into a logical network. Network slices are created, isolated, and managed using software-defined networking (SDN) and network function virtualization (NFV). The virtual network function (VNF) manager must devise strategies for all stages of network slicing to ensure optimal allocation of physical infrastructure (PI) resources to high-acceptance virtual service requests (VSRs). This paper investigates two independent network slicing frameworks named as dual-slice isolation and management strategy (D-SIMS) and recommends the best of the two based on performance measurements. D-SIMS places VNFs for network slicing using self-sustained resource reservation (SSRR) and master-sliced resource reservation (MSRR), with some flexibility for the VNF manager to choose between them based on the degree to which the underlying physical infrastructure has been sliced. The present research work consists of two phases: the first deals with the creation of slices, and the second with determining the most efficient way to distribute resources among them. A deep neural network (DNN) technique is used in the first stage to generate slices for both PI and VSR. Then, in the second stage, we propose D-SIMS for resource allocation, which uses both the fuzzy-PROMETHEE method for node mapping and Dijkstra's algorithm for link mapping. During the slice creation phase, the proposed DNN training method's classification performance is evaluated using accuracy, precision, recall, and F1 score measures. To assess the success of resource allocation, metrics such as acceptance rate and resource effectiveness are used. The performance benefit is investigated under various network conditions and VSRs. Finally, to demonstrate the importance of the proposed work, we compare the simulation results to those in the academic literature.

Shujuan Gao,Ruyan Lin,Yulong Fu,Hui Li,Jin Cao

DOI: https://doi.org/10.3390/electronics13101860

IF: 2.9

2024-05-10

Electronics

Abstract:Network slicing empowers 5G with enhanced network performance and efficiency, cost saving, and better QoS and customer satisfaction, and expands the commercial application scenarios of 5G networks. However, the introduction of new techniques usually raises new security threats. Most of the existing works on 5G security only focus on 5G itself and do not analyze 5G network slicing security in detail. We consider network slices as a virtual logical network that can unite the subnetwork parts of 5G. If a 5G network slice has security problems or has been attacked, the entire 5G network will have security risks. In this paper, after synthesizing the existing literature, we analyze the security threats step by step through the lifecycle of 5G network slices, analyzing and summarizing more than 70 security threats in three major categories. Based on the security issues investigated, from a viewpoint of building a secure 5G network slicing system, we compiled 24 security requirements and proposed the corresponding recommendations for different scenarios of 5G network slicing. Finally, we collated the future research trends of 5G network slicing security.

engineering, electrical & electronic,physics, applied,computer science, information systems

Shanguo Huang,Bingli Guo,Yuanan Liu

DOI: https://doi.org/10.1109/mcom.001.1900583

IF: 9.03

2020-01-01

IEEE Communications Magazine

Abstract:As a type of virtual network architecture, network slicing is considered as one of the most innovative aspects of 5G networks, where dedicated slices are created for services to meet their diverse requirements in terms of bandwidth and E2E latency. In this article, the transport network slice provisioning requirements imposed by network operation and emerging services are investigated. Then we review the 5G E2E network slice control and orchestration architecture. As a component of this architecture, comparing with overlay virtualization, an optical underlay virtualization provisioning framework (including topology, bandwidth, and control function virtualization) is presented for the first time. Related optical underlay data plane slicing techniques are discussed, especially for two candidates recently proposed in ITU-T: M-OTN and SPN, with FlexO and FlexE as their key enablers. Finally, several significant challenges that need to be addressed to fully realize the vision of optical underlay network slicing and then E2E slicing are investigated.

H. Zhang,N. Liu,X. Chu,K. Long,A. Aghvami,V. C. M. Leung

DOI: https://doi.org/10.48550/arXiv.1704.07038

2017-04-24

Abstract:The fifth-generation (5G) networks are expected to be able to satisfy users' different quality-of-service (QoS) requirements. Network slicing is a promising technology for 5G networks to provide services tailored for users' specific QoS demands. Driven by the increased massive wireless data traffic from different application scenarios, efficient resource allocation schemes should be exploited to improve the flexibility of network resource allocation and capacity of 5G networks based on network slicing. Due to the diversity of 5G application scenarios, new mobility management schemes are greatly needed to guarantee seamless handover in network slicing based 5G systems. In this article, we introduce a logical architecture for network slicing based 5G systems, and present a scheme for managing mobility between different access networks, as well as a joint power and subchannel allocation scheme in spectrum-sharing two-tier systems based on network slicing, where both the co-tier interference and cross-tier interference are taken into account. Simulation results demonstrate that the proposed resource allocation scheme can flexibly allocate network resources between different slices in 5G systems. Finally, several open issues and challenges in network slicing based 5G networks are discussed, including network reconstruction, network slicing management and cooperation with other 5G technologies.

Information Theory

Nashid Shahriar,Sepehr Taeb,Shihabur Rahman Chowdhury,Mubeen Zulfiqar,Massimo Tornatore,Raouf Boutaba,Jeebak Mitra,Mahdi Hemmati

DOI: https://doi.org/10.48550/arXiv.1906.10265

2019-06-25

Abstract:In 5G networks, slicing allows partitioning of network resources to meet stringent end-to-end service requirements across multiple network segments, from access to transport. These requirements are shaping technical evolution in each of these segments. In particular, the transport segment is currently evolving in the direction of the so-called elastic optical networks (EONs), a new generation of optical networks supporting a flexible optical-spectrum grid and novel elastic transponder capabilities. In this paper, we focus on the reliability of 5G transport-network slices in EON. Specifically, we consider the problem of slicing 5G transport networks, i.e., establishing virtual networks on 5G transport, while providing dedicated protection. As dedicated protection requires large amount of backup resources, our proposed solution incorporates two techniques to reduce backup resources: (i) bandwidth squeezing, i.e., providing a reduced protection bandwidth with respect to the original request; and (ii) survivable multi-path provisioning. We leverage the capability of EONs to fine tune spectrum allocation and adapt modulation format and Forward Error Correction (FEC) for allocating rightsize spectrum resources to network slices. Our numerical evaluation over realistic case-study network topologies quantifies the spectrum savings achieved by employing EON over traditional fixed-grid optical networks, and provides new insights on the impact of bandwidth squeezing and multi-path provisioning on spectrum utilization.

Networking and Internet Architecture

Nguyen Phuc Tran,Oscar Delgado,Brigitte Jaumard

2024-06-25

Abstract:The customization of services in Fifth-generation (5G) and Beyond 5G (B5G) networks relies heavily on network slicing, which creates multiple virtual networks on a shared physical infrastructure, tailored to meet specific requirements of distinct applications, using Software Defined Networking (SDN) and Network Function Virtualization (NFV). It is imperative to ensure that network services meet the performance and reliability requirements of various applications and users, thus, service assurance is one of the critical components in network slicing. One of the key functionalities of network slicing is the ability to scale Virtualized Network Functions (VNFs) in response to changing resource demand and to meet Customer Service Level agreements (SLAs). In this paper, we introduce a proactive closed-loop algorithm for end-to-end network orchestration, designed to provide service assurance in 5G and B5G networks. We focus on dynamically scaling resources to meet key performance indicators (KPIs) specific to each network slice and operate in parallel across multiple slices, making it scalable and capable of managing completely automatically real-time service assurance. Through our experiments, we demonstrate that the proposed algorithm effectively fulfills service assurance requirements for different network slice types, thereby minimizing network resource utilization and reducing the over-provisioning of spare resources.

Networking and Internet Architecture,Distributed, Parallel, and Cluster Computing,Performance,Systems and Control

Mikhail Liubogoshchev,Dmitry Zudin,Artem Krasilov,Alexander Krotov,Evgeny Khorov

DOI: https://doi.org/10.3390/s23094351

2023-04-28

Abstract:Network slicing is considered a key feature of 5G and beyond cellular systems. It opens the door for new business models of mobile operators, enables new services, reduces costs with advanced infrastructure-sharing techniques, and improves heterogeneous traffic service. With slicing, the operators can tailor the network resources to the requirements of specific verticals, applications, and corresponding traffic types. To satisfy the heterogeneous quality of service (QoS) requirements of various slices, efficient virtualization and resource allocation algorithms are required. Such algorithms are especially crucial for the radio access network (RAN) because of the spectrum scarcity. This article develops DeSlice, a novel architecture for RAN slicing. DeSlice enables efficient real-time slicing algorithms that satisfy heterogeneous QoS requirements of the slices and improve the quality of experience for their end users. The article illustrates the advantages of DeSlice by considering the problem of the joint service of cloud VR, video, and web traffic. It develops the algorithms using DeSlice architecture and application-to-network communication. With simulations, it shows that, together, the architecture and the algorithms allow greatly improving the QoE for these traffics significantly.