Xiaohu Ge,Zipeng Li,Shikuan Li

DOI: https://doi.org/10.48550/arXiv.1702.03675

2017-02-13

Abstract:With the emerging of the fifth generation (5G) mobile communication systems and software defined networks, not only the performance of vehicular networks could be improved but also new applications of vehicular networks are required by future vehicles, e.g., pilotless vehicles. To meet requirements from intelligent transportation systems, a new vehicular network architecture integrated with 5G mobile communication technologies and software defined network is proposed in this paper. Moreover, fog cells have been proposed to flexibly cover vehicles and avoid frequently handover between vehicles and road side units (RSUs). Based on the proposed 5G software defined vehicular networks, the transmission delay and throughput are analyzed and compared. Simulation results indicate that there exist a minimum transmission delay of 5G software defined vehicular networks considering different vehicle densities. Moreover, the throughput of fog cells in 5G software defined vehicular networks is better than the throughput of traditional transportation management systems.

Networking and Internet Architecture

Lijun Wang,Tao Han,Qiang Li,Jia Yan,Xiong Liu,Dexiang Deng

DOI: https://doi.org/10.1109/MWC.2017.1600401

2018-01-29

Abstract:The development of intelligent transportation systems raises many requirements to the current vehicular networks. For instance, to ensure secure communications between vehicles, low latency, high connectivity and high data rate are required for vehicular networks. To meet such requirements, the 5G communication systems for vehicular networks should be improved accordingly. This article proposes a communication scheme for 5G vehicular networks, in which moving access points are deployed on vehicles to facilitate the access of vehicle users. Moreover, the adjacent vehicle-installed moving access points may cooperatively communicate with the vehicle users by joint transmissions and receptions. In this way, the vehicle users communicate with one or more unspecified cooperative access points in a cell-less manner instead of being associated to a single access point. To manage such cell-less networks, local moving software-defined cloudlets are adopted to perform transmission and scheduling management. Simulation results show that the proposed scheme significantly reduces the latency, while improving the connectivity of the vehicular networks, and can be considered as a research direction for the solution to 5G vehicular networks.

Networking and Internet Architecture

Jiaqi Li,Zhifeng Zhao,Rongpeng Li

DOI: https://doi.org/10.48550/arxiv.1708.04571

2017-01-01

Abstract:As an inevitable trend of future 5G networks, Software Defined architecture has many advantages in providing central- ized control and flexible resource management. But it is also confronted with various security challenges and potential threats with emerging services and technologies. As the focus of network security, Intrusion Detection Systems (IDS) are usually deployed separately without collaboration. They are also unable to detect novel attacks with limited intelligent abilities, which are hard to meet the needs of software defined 5G. In this paper, we propose an intelligent intrusion system taking the advances of software defined technology and artificial intelligence based on Software Defined 5G architecture. It flexibly combines security function mod- ules which are adaptively invoked under centralized management and control with a globle view. It can also deal with unknown intrusions by using machine learning algorithms. Evaluation results prove that the intelligent intrusion detection system achieves a better performance.

Shanghua Zhang,Qiang Li,Jun Wu,Jianhua Li,Gaolei Li

DOI: https://doi.org/10.1109/sege.2016.7589557

2016-01-01

Abstract:As a kind of new technologies in smart grid, vehicleto- grid (V2G) constructs a flexible and extensible inter-operation platform between electric vehicles and grids, in which the bidirectional charging can be performed between vehicles and grid based on the demands. In V2G, there are numerous challenges among which cyber security is a major one that needs to be addressed with priority. The software-defined networking is an advanced architecture for next generation networks, which provide flexible control by separating control plane from data plane. The flexible configuration for the communications and security can enable more scalable, secure, and collaborative system, these make the SDN as a potential communication architecture for V2G. This paper aims to apply the SDN technology on V2G system, which we termed as software-definedV2G (SD-V2G). To the best of our knowledge, this is the first work to deal with the high dynamics of communications and security for V2G by using SDN. Moreover, we propose a novel security communication mechanism (SCM) for dynamic V2G system to ensure confidentiality, integrality, non-repudiation, authentication, etc. To evaluate the scheme, the security analysis, performances, and comparisons are done to demonstrate that the proposed software-defined SCM (SD-SCM) is possible and a promising solution for SD-V2G system. The proposed SD-SCM is significant to enhance the security for V2G.

Gengshen Lin,Mianxiong Dong,Kaoru Ota,Jianhua Li,Wu Yang,Jun Wu

DOI: https://doi.org/10.1109/icc.2019.8761217

2019-01-01

Abstract:Software-defined networking (SDN) allows the smart grid to be centrally controlled and managed by decoupling the control plane from the data plane, but it also expands attack surface for attackers. Existing studies about the security of SDN-enabled smart grid (SDSG) mainly focused on static methods such as access control and identity authentication, which is vulnerable to attackers that carefully probe the system. As the attacks become more variable and complex, there is an urgent need for dynamic defense methods. In this paper, we propose a security function virtualization (SFV) based moving target defense of SDSG which makes the attack surface constantly changing. First, we design a dynamic defense mechanism by migrating virtual security function (VSF) instances as the traffic state changes. The centralized SDN controller is re-designed for global status monitoring and migration management. Moreover, we formalize the VSF instances migration problem as an integer nonlinear programming problem with multiple constraints and design a pre-migration algorithm to prevent VSF instances' resources from being exhausted. Simulation results indicate the feasibility of the proposed scheme.

Vijay Varadharajan,Uday Tupakula,Kallol Karmakar

DOI: https://doi.org/10.48550/arXiv.2006.15270

2020-06-27

Abstract:The 5G network systems are evolving and have complex network infrastructures. There is a great deal of work in this area focused on meeting the stringent service requirements for the 5G networks. Within this context, security requirements play a critical role as 5G networks can support a range of services such as healthcare services, financial and critical infrastructures. 3GPP and ETSI have been developing security frameworks for 5G networks. Our work in 5G security has been focusing on the design of security architecture and mechanisms enabling dynamic establishment of secure and trusted end to end services as well as development of mechanisms to proactively detect and mitigate security attacks in virtualised network infrastructures. The focus of this paper is on the latter, namely the facilities and mechanisms, and the design of a security architecture providing facilities and mechanisms to detect and mitigate specific security attacks. We have developed and implemented a simplified version of the security architecture using Software Defined Networks (SDN) and Network Function Virtualisation (NFV) technologies. The specific security functions developed in this architecture can be directly integrated into the 5G core network facilities enhancing its security. We describe the design and implementation of the security architecture and demonstrate how it can efficiently mitigate specific types of attacks.

Cryptography and Security,Networking and Internet Architecture

Rong Geng,Xiaojie Wang,Jun Liu

DOI: https://doi.org/10.1109/access.2018.2875104

IF: 3.9

2018-01-01

IEEE Access

Abstract:In the intelligent transportation system (ITS), vehicle networks (VNs) can well solve the network related problems. However, as VNs are expected to have a wide range of applications in future services, security challenges are widely recognized. Consequently, security solutions for VNs are urgently needed. In this paper, we propose a new security strategy for VNs. We first construct the network architecture for VNs through the software defined networking. The security schemes are then embedded in the protocol to defend the common security attacks in the network. Moreover, in order to meet the security requirements of different data and computation overhead, several security schemes are studied for anti-replay, anti-eavesdropping, anti-tamper, anti-wormhole, and anti-forger, through the selection of packets to choose different modules. In particular, we focus on the anti-replay security scheme and use sequence number algorithm and MAC complete sequence number method in master and multi-service modules, respectively. The security schemes are simulated and analyzed by NS-2, which shows that the performance of the proposed security schemes is superior in terms of packet delivery ratio, average end-to-end delay, and control overhead.

computer science, information systems,telecommunications,engineering, electrical & electronic

Xumin Huang,Rong Yu,Jiawen Kang,Yejun He,Yan Zhang

DOI: https://doi.org/10.1109/mwc.2017.1600387

IF: 12.777

2017-01-01

IEEE Wireless Communications

Abstract:To meet the ever increasing demand of mobile data traffic, 5G enabling technologies are proposed in vehicular networks. Network densification is one of the key 5G technologies for large user throughput and traffic capacity, but there is a great challenge to serve numerous vehicular neighbors. According to observations from a real dataset of vehicles, we discover vehicular neighbor groups (VNGs) consisting of groups of vehicular neighbors. VNGs are crucial to enrich and enhance various services in 5G networks through efficient management. Therefore, we propose 5G-enabled software defined vehicular networks (5G-SDVNs), where software defined networking is exploited to dynamically manage VNGs in 5G and vehicular environment. Furthermore, we leverage mobile edge computing to strengthen network control of 5G-SDVN. By combining software defined networking with mobile edge computing, a programmable, flexible, and controllable network architecture is introduced for 5G-SDVN. The architecture simplifies network management, improves resource utilization, and achieves sustainable network development. We use the universal plug-andplay standard to enable scalable VNG networking. A case study of vehicular cloud computing highlights the advantages of 5G-SDVN. Finally, we also identify and discuss open issues in 5G-SDVN.

Jiaqi Li,Zhifeng Zhao,Rongpeng Li

DOI: https://doi.org/10.1049/iet-net.2017.0212

2018-01-01

IET Networks

Abstract:As an inevitable trend of future fifth generation (5G) networks, software-defined architecture has many advantages in providing centralised control and flexible resource management. However, it is also confronted with various security challenges and potential threats with emerging services and technologies. As the focus of network security, intrusion detection systems (IDSs) are usually deployed separately without collaboration. They are also unable to detect novel attacks with limited intelligent abilities, which are hard to meet the needs of software-defined 5G. In this study, the authors propose an intelligent IDS taking the advances in software-defined technology and artificial intelligence based on software-defined 5G architecture. It flexibly integrates security function modules which are adaptively invoked under centralised management and control with a global view. It can also deal with unknown intrusions by using machine learning algorithms. Evaluation results prove that the intelligent IDS achieves better performance with lower overhead. It is also verified that the selected machine learning algorithms show better accuracy and reduced false alarm rate in flow-based classification.

Min Chen,Yongfeng Qian,Shiwen Mao,Wan Tang,Ximin Yang

DOI: https://doi.org/10.1007/s11036-015-0665-5

2016-01-09

Mobile Networks and Applications

Abstract:The future 5G wireless is triggered by the higher demand on wireless capacity. With Software Defined Network (SDN), the data layer can be separated from the control layer. The development of relevant studies about Network Function Virtualization (NFV) and cloud computing has the potential of offering a quicker and more reliable network access for growing data traffic. Under such circumstances, Software Defined Mobile Network (SDMN) is presented as a promising solution for meeting the wireless data demands. This paper provides a survey of SDMN and its related security problems. As SDMN integrates cloud computing, SDN, and NFV, and works on improving network functions, performance, flexibility, energy efficiency, and scalability, it is an important component of the next generation telecommunication networks. However, the SDMN concept also raises new security concerns. We explore relevant security threats and their corresponding countermeasures with respect to the data layer, control layer, application layer, and communication protocols. We also adopt the STRIDE method to classify various security threats to better reveal them in the context of SDMN. This survey is concluded with a list of open security challenges in SDMN.

computer science, information systems,telecommunications, hardware & architecture

Morteza Sheibani,Savas Konur,Irfan Awan,Amna Qureshi

DOI: https://doi.org/10.3390/electronics13081515

IF: 2.9

2024-04-18

Electronics

Abstract:Software-defined networking (SDN) and network functions virtualisation (NFV) are crucial technologies for integration in the fifth generation of cellular networks (5G). However, they also pose new security challenges, and a timely research subject is working on intrusion detection systems (IDSs) for 5G networks. Current IDSs suffer from several limitations, resulting in a waste of resources and some security threats. This work proposes a new three-layered solution that includes forwarding and data transport, management and control, and virtualisation layers, emphasising distributed controllers in the management and control layer. The proposed solution uses entropy detection to classify arriving packets as normal or suspicious and then forwards the suspicious packets to a centralised controller for further processing using a self-organising map (SOM). A dynamic OpenFlow switch relocation method is introduced based on deep reinforcement learning to address the unbalanced burden among controllers and the static allocation of OpenFlow switches. The proposed system is analysed using the Markov decision process, and a Double Deep Q-Network (DDQN) is used to train the system. The experimental results demonstrate the effectiveness of the proposed approach in mitigating DDoS attacks, efficiently balancing controller workloads, and reducing the duration of the balancing process in 5G networks.

engineering, electrical & electronic,computer science, information systems,physics, applied

Zhaowen Lin,Dan Tao,Zhenji Wang

DOI: https://doi.org/10.3390/s17040920

2017-04-21

Abstract:For a Software Defined Network (SDN), security is an important factor affecting its large-scale deployment. The existing security solutions for SDN mainly focus on the controller itself, which has to handle all the security protection tasks by using the programmability of the network. This will undoubtedly involve a heavy burden for the controller. More devastatingly, once the controller itself is attacked, the entire network will be paralyzed. Motivated by this, this paper proposes a novel security protection architecture for SDN. We design a security service orchestration center in the control plane of SDN, and this center physically decouples from the SDN controller and constructs SDN security services. We adopt virtualization technology to construct a security meta-function library, and propose a dynamic security service composition construction algorithm based on web service composition technology. The rule-combining method is used to combine security meta-functions to construct security services which meet the requirements of users. Moreover, the RETE algorithm is introduced to improve the efficiency of the rule-combining method. We evaluate our solutions in a realistic scenario based on OpenStack. Substantial experimental results demonstrate the effectiveness of our solutions that contribute to achieve the effective security protection with a small burden of the SDN controller.

Zhihong Tian,Yanbin Sun,Shen Su,Mohan Li,Xiaojiang Du,Mohsen Guizani

DOI: https://doi.org/10.48550/arXiv.1902.04009

2019-02-12

Abstract:The 5th generation (5G) network adopts a great number of revolutionary technologies to fulfill continuously increasing requirements of a variety of applications, including ultra-high bandwidth, ultra-low latency, ultra-massive device access, ultra-reliability, and so on. Correspondingly, traditional security focuses on the core network, and the logical (non-physical) layer is no longer suitable for the 5G network. 5G security presents a tendency to extend from the network center to the network edge and from the logical layer to the physical layer. The physical layer security is also an essential part of 5G security. However, the security of each layer in 5G is mostly studied separately, which causes a lack of comprehensive analysis for security issues across layers. Meanwhile, potential security threats are lack of automated solutions. This article explores the 5G security by combining the physical layer and the logical layer from the perspective of automated attack and defense, and dedicate to provide automated solution framework for 5G security.

Networking and Internet Architecture

Tong Li,Hai Zhao,Shouyou Song,Chao Yang,Chunlai Du,Yang Liu

DOI: https://doi.org/10.3389/fenrg.2022.950611

IF: 3.4

2022-07-22

Frontiers in Energy Research

Abstract:The purpose is to guarantee the security of fifth generation mobile communication technology (5G) network in power Internet of Things environment and improve the ability of wireless network communication to resist attacks. First, in terms of attack prevention, the 5G network security structure is proposed to replace the plaintext information commonly used in the original system with Ciphertext based on software defined network (SDN), thereby alleviating the security risks of the data dimension. Second, concerning attack detection, the signal is identified by using the imperfections and differences of equipment manufacturing based on the above security structure, preventing the attacker from further harming the sensitive data leaked. Researchers found that the SDN-based 5G network attack prevention scheme avoids the centralized exposure of sensitive data, improves security, reduces computational overhead, and simplifies encryption logic. Without affecting the bandwidth, the existing 5G network system is greatly prevented from attacks. The detection mechanism is not limited by the low-dimensional feature space, and it demonstrates strong robustness and stability. It can effectively detect the attacks on 5G network system in power Internet of Things (IoT). This study provides an important reference for the protection of 5G communication network attacks under IoT.

energy & fuels

Wafa Ben Jaballah,Mauro Conti,Chhagan Lal

DOI: https://doi.org/10.48550/arXiv.1904.04577

2019-05-21

Abstract:The evolving of Fifth Generation (5G) networks isbecoming more readily available as a major driver of the growthof new applications and business models. Vehicular Ad hocNetworks (VANETs) and Software Defined Networking (SDN)represent the key enablers of 5G technology with the developmentof next generation intelligent vehicular networks and applica-tions. In recent years, researchers have focused on the integrationof SDN and VANET, and look at different topics related to thearchitecture, the benefits of software-defined VANET servicesand the new functionalities to adapt them. However, securityand robustness of the complete architecture is still questionableand have been largely negleted. Moreover, the deployment andintegration of novel entities and several architectural componentsdrive new security threats and <a class="link-external link-http" href="http://vulnerabilities.In" rel="external noopener nofollow">this http URL</a> this paper, first we survey the state-of-the-art SDN basedVehicular ad-hoc Network (SDVN) architectures for their net-working infrastructure design, functionalities, benefits, and chal-lenges. Then we discuss these SDVN architectures against majorsecurity threats that violate the key security services such asavailability, confidentiality, authentication, and data <a class="link-external link-http" href="http://integrity.We" rel="external noopener nofollow">this http URL</a> also propose different countermeasures to these <a class="link-external link-http" href="http://threats.Finally" rel="external noopener nofollow">this http URL</a>, we discuss the lessons learned with the directions offuture research work towards provisioning stringent security andprivacy solutions in future SDVN architectures. To the best of ourknowledge, this is the first comprehensive work that presents sucha survey and analysis on SDVNs in the era of future generationnetworks (e.g., 5G, and Information centric networking) andapplications (e.g., intelligent transportation system, and IoT-enabled advertising in VANETs).

Networking and Internet Architecture

Yingmo Jie,Mingchu Li,Cheng Guo,Ling Chen

DOI: https://doi.org/10.1109/ACCESS.2018.2869399

IF: 3.9

2018-01-01

IEEE Access

Abstract:To fight against denial of services (DoS) attacks on vehicular ad hoc networks, which can cause congestion over networks and degrading the user's experience, a lot of detective techniques and schemes have been proposed. However, the complex ones cannot keep pace with the growth of vehicle networks. In this paper, we propose a simple but effective defense strategy scheme inspired by the port-hopping mechanism, which advantage is manifested in that the detection and filtering off of malicious packets launched by attackers can be achieved without any change in existing protocol. First, we design a dynamic defense strategy scheme to puzzle a DoS attacker, where the specific defense strategy will change according to a scheme of time. To mitigate the losses caused by an attacker whose goal is to probe the vulnerable services' ports contained in the UDP/TCP headers between vehicle-to-vehicle or vehicle-to-infrastructure, we add some security services' ports that are valueless to attackers. Second, we give the specific construction of such a defense strategy scheme reflected as a matrix and a security analysis with respect to detecting the probed ports. At last, in comparison with the non-strategy defense scheme, simulations considering some parameters are conducted, which can show that our scheme is an effective defense scheme used for protecting VANETs.

Muhammad Adnan,Jawaid Iqbal,Abdul Waheed,Noor Ul Amin,Mahdi Zareei,Asif Umer,Ehab Mahmoud Mohamed

DOI: https://doi.org/10.3390/s21113902

IF: 3.9

2021-06-05

Sensors

Abstract:Recently, by the rapid development of Vehicular Ad Hoc Networks (VANETs) and the advancement of Software Defined Networking (SDN) as an emerging technology, the Software-Defined Vehicular Network (SDVN) has a tremendous attraction in the academia and research community. SDN’s unique properties and features, such as its flexibility, programmability, and centralized control, make the network scalable and straightforward. In VANETs, traffic management and secure communication of vehicle information using the public network are the main research dimensions in the current era for the researchers to be considered while designing an efficient and secure VANETs architecture. This paper highlights the possible identified threat vectors and efficiently resolves the network vulnerabilities to design a novel and secure hierarchic architecture for SDVN. To solve the above problem, we proposed a Public Key Infrastructure-based digital signature model for efficient and secure communication from Vehicle to Vehicle. We also used the public key authority infrastructure for Vehicle to Infrastructure and the three-way handshake method for secure session creation and secure data communication in the SDN controller. The proposed security is validated through the well-known simulation tool AVISPA. Additionally, a formal security model is applied to validate the design hierarchic architecture’s fundamental security properties for SDVN in an efficient and desirable way. In a comparative analysis, we prove that our proposed scheme fulfills all the essential security properties compared to other states of the art schemes.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Lionel Nkenyereye,Lewis Nkenyereye,S M Riazul Islam,Yoon Ho Choi,Muhammad Bilal,Jong Wook Jan

DOI: https://doi.org/10.48550/arXiv.1909.00201

2019-08-31

Networking and Internet Architecture

Abstract:There is a strong devotion in the automotive industry to be part of a wider progression towards the Fifth Generation (5G) era. In-vehicle integration costs between cellular and vehicle-to-vehicle networks using Dedicated Short Range Communication could be avoided by adopting Cellular Vehicle-to-Everything (C-V2X) technology with the possibility to re-use the existing mobile network infrastructure. More and more, with the emergence of Software Defined Networks, the flexibility and the programmability of the network have not only impacted the design of new vehicular network architectures but also the implementation of V2X services in future intelligent transportation systems. In this paper, we define the concepts that help evaluate software-defined-based vehicular network systems in the literature based on their modeling and implementation schemes. We first overview the current studies available in the literature on C-V2X technology in support of V2X applications. We then present the different architectures and their underlying system models for LTE-V2X communications. We later describe the key ideas of software-defined networks and their concepts for V2X services. Lastly, we provide a comparative analysis of existing SDN-based vehicular network system grouped according to their modeling and simulation concepts. We provide a discussion and highlight vehicular ad-hoc networks' challenges handled by SDN-based vehicular networks.

Zongdian Li,Tao Yu,Ryuichi Fukatsu,Gia Khanh Tran,Kei Sakaguchi

DOI: https://doi.org/10.1109/ojvt.2021.3049783

2021-01-01

IEEE Open Journal of Vehicular Technology

Abstract:The technical exploration of safe automated driving has evolved from single vehicle intelligence to vehicular networking. Therefore, to a certain extent, the safety requirements have been translated into the requirements for network performance. Although Vehicle-to-Everything (V2X) communication technologies have developed decades of years, from the Dedicated Short-Range Communication (DSRC) to the Long Term Evolution V2X (LTE-V2X), the introduction of millimeter wave (mmWave) in the 5G era will achieve an unprecedented leap in V2X performance by empowering multi-gigabit data transmission with ultra-low latency. Meanwhile, the emergence of Software Defined Networking (SDN) enables centralized network management and allows flexible scheduling of communication resources to match V2X capacities. Their benefits for vehicular networks have been revealed by plenty of studies respectively. Nevertheless, no researchers investigate their combination to improve the safety of automated driving, especially lack of scalable prototype systems for proof-of-concepts (PoCs), not to mention the field test with real traffic. In this paper, we firstly propose a novel architecture, i.e. software-defined dynamic mmWave V2X network, to support cooperative perception. And then, necessary hardware and software platforms are introduced to compose prototype systems. Step by step, we conduct PoCs from the indoors to the outdoors, which demonstrate the network functions, the prototype scalability and most importantly, the significant enhancement to the vehicle perception for safe automated driving.

English Else