Securing 5G virtual networks: a critical analysis of SDN, NFV, and network slicing security

IF 2.4 4区 计算机科学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS
Abdulrahman K. Alnaim
{"title":"Securing 5G virtual networks: a critical analysis of SDN, NFV, and network slicing security","authors":"Abdulrahman K. Alnaim","doi":"10.1007/s10207-024-00900-5","DOIUrl":null,"url":null,"abstract":"<p>5G, the current generation of communication networks is based on the standards defined by 3GPP and other organizations (ETSI, ENISA, NGMN). These standards define virtual networks supported by three basic technologies, SDN, NFV, and Network Slicing. Virtual networks are primarily built using software and have clear advantages that appear to be reduced because of the corresponding loss in security due to the larger attack surface of this type of network. On the other hand, virtual networks can be made even more secure than hardware-based networks by leveraging the flexibility and adaptability of virtual functions and numerous articles have studied different aspects of their security. Current work goes from proposals for specific mechanisms to general studies of threats and defenses. Some of these are systematic literature reviews considering everything published on a specific theme. We prefer to analyze carefully selected papers considered significant and produce from them an overview of the status of the security of the network technologies used by 5G. After this analysis, we have found that although there are many studies of threats, they are not systematic and have confusions about concepts that may mislead implementers; we also found that the large variety of defenses can be confusing to designers. We have therefore conducted a critical analysis of threats and defenses to provide a clear perspective of how to secure these networks. Based on this perspective, we propose directions for research to improve or extend current defenses. We note that although virtual networks have special characteristics, they are examples of systems and much of the theory of systems security applies to them.</p>","PeriodicalId":50316,"journal":{"name":"International Journal of Information Security","volume":"7 1","pages":""},"PeriodicalIF":2.4000,"publicationDate":"2024-08-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Information Security","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1007/s10207-024-00900-5","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

Abstract

5G, the current generation of communication networks is based on the standards defined by 3GPP and other organizations (ETSI, ENISA, NGMN). These standards define virtual networks supported by three basic technologies, SDN, NFV, and Network Slicing. Virtual networks are primarily built using software and have clear advantages that appear to be reduced because of the corresponding loss in security due to the larger attack surface of this type of network. On the other hand, virtual networks can be made even more secure than hardware-based networks by leveraging the flexibility and adaptability of virtual functions and numerous articles have studied different aspects of their security. Current work goes from proposals for specific mechanisms to general studies of threats and defenses. Some of these are systematic literature reviews considering everything published on a specific theme. We prefer to analyze carefully selected papers considered significant and produce from them an overview of the status of the security of the network technologies used by 5G. After this analysis, we have found that although there are many studies of threats, they are not systematic and have confusions about concepts that may mislead implementers; we also found that the large variety of defenses can be confusing to designers. We have therefore conducted a critical analysis of threats and defenses to provide a clear perspective of how to secure these networks. Based on this perspective, we propose directions for research to improve or extend current defenses. We note that although virtual networks have special characteristics, they are examples of systems and much of the theory of systems security applies to them.

Abstract Image

确保 5G 虚拟网络安全:对 SDN、NFV 和网络切片安全性的批判性分析
5G 是新一代通信网络,以 3GPP 和其他组织(ETSI、ENISA、NGMN)定义的标准为基础。这些标准定义了由三种基本技术(SDN、NFV 和网络切片)支持的虚拟网络。虚拟网络主要使用软件构建,具有明显的优势,但由于这类网络的攻击面较大,相应的安全性也会降低。另一方面,通过利用虚拟功能的灵活性和适应性,虚拟网络甚至可以比基于硬件的网络更加安全。目前的工作包括从具体机制建议到威胁和防御的一般性研究。其中一些是系统性的文献综述,考虑了就特定主题发表的所有文章。我们更倾向于分析精心挑选的重要文献,并从中总结出 5G 所用网络技术的安全现状。经过分析,我们发现虽然有很多关于威胁的研究,但它们并不系统,而且概念混淆,可能会误导实施者;我们还发现,防御措施种类繁多,可能会让设计者感到困惑。因此,我们对威胁和防御进行了批判性分析,为如何确保这些网络的安全提供了一个清晰的视角。基于这一观点,我们提出了改进或扩展现有防御措施的研究方向。我们注意到,虽然虚拟网络有其特殊性,但它们也是系统的例子,系统安全的许多理论也适用于它们。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
International Journal of Information Security
International Journal of Information Security 工程技术-计算机:理论方法
CiteScore
6.30
自引率
3.10%
发文量
52
审稿时长
12 months
期刊介绍: The International Journal of Information Security is an English language periodical on research in information security which offers prompt publication of important technical work, whether theoretical, applicable, or related to implementation. Coverage includes system security: intrusion detection, secure end systems, secure operating systems, database security, security infrastructures, security evaluation; network security: Internet security, firewalls, mobile security, security agents, protocols, anti-virus and anti-hacker measures; content protection: watermarking, software protection, tamper resistant software; applications: electronic commerce, government, health, telecommunications, mobility.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信