A Robust Security Architecture for SDN-Based 5G Networks

IF 2.8 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Future Internet Pub Date : 2019-03-28 DOI:10.3390/FI11040085

Jiaying Yao, Zhigeng Han, Muhammad Sohail, Liangmin Wang

{"title":"A Robust Security Architecture for SDN-Based 5G Networks","authors":"Jiaying Yao, Zhigeng Han, Muhammad Sohail, Liangmin Wang","doi":"10.3390/FI11040085","DOIUrl":null,"url":null,"abstract":"5G is the latest generation of cellular mobile communications. Due to its significant advantage in high data rate, reduced latency and massive device connectivity, the 5G network plays a vital role in today’s commercial telecommunications networks. However, the 5G network also faces some challenges when used in practice. This is because it consists of various diverse ingredients, termed heterogeneity. The heterogeneity of the 5G network has two consequences: first, it prevents us to use this technology in a uniform way, preventing the wide use of 5G technology; second, it complicates the structure of the 5G network, making it hard to monitor what is going on in a 5G network. To break through this limitation, researchers have worked in this field and design their own protocol, in which software-defined networking (SDN) is one key design concept. By separating control and data plane, SDN can make the 5G network functional and programmable, such that we can handle the heterogeneity in traditional 5G networks. In light of this, we say that SDN-5G network is attractive, but its advantages are not free. The intelligence centralization used in SDN has its own drawbacks when it comes to security. To break through this limitation, we propose a robust security architecture for SDN-based 5G Networks. To find the illegal request from malicious attackers, we add extra cryptographic authentication, termed synchronize secret. The basic idea of our scheme is leveraging preload secrets to differ attacks from regular network communications. The simulation results indicate that our work can completely handle the security problem from SDN with a low disconnect rate of 0.01%, which is much better than that from state of the art.","PeriodicalId":37982,"journal":{"name":"Future Internet","volume":"11 1","pages":"85"},"PeriodicalIF":2.8000,"publicationDate":"2019-03-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.3390/FI11040085","citationCount":"31","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Future Internet","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.3390/FI11040085","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 31

Abstract

5G is the latest generation of cellular mobile communications. Due to its significant advantage in high data rate, reduced latency and massive device connectivity, the 5G network plays a vital role in today’s commercial telecommunications networks. However, the 5G network also faces some challenges when used in practice. This is because it consists of various diverse ingredients, termed heterogeneity. The heterogeneity of the 5G network has two consequences: first, it prevents us to use this technology in a uniform way, preventing the wide use of 5G technology; second, it complicates the structure of the 5G network, making it hard to monitor what is going on in a 5G network. To break through this limitation, researchers have worked in this field and design their own protocol, in which software-defined networking (SDN) is one key design concept. By separating control and data plane, SDN can make the 5G network functional and programmable, such that we can handle the heterogeneity in traditional 5G networks. In light of this, we say that SDN-5G network is attractive, but its advantages are not free. The intelligence centralization used in SDN has its own drawbacks when it comes to security. To break through this limitation, we propose a robust security architecture for SDN-based 5G Networks. To find the illegal request from malicious attackers, we add extra cryptographic authentication, termed synchronize secret. The basic idea of our scheme is leveraging preload secrets to differ attacks from regular network communications. The simulation results indicate that our work can completely handle the security problem from SDN with a low disconnect rate of 0.01%, which is much better than that from state of the art.

查看原文本刊更多论文

基于sdn的5G网络健壮的安全架构

5G是最新一代的蜂窝移动通信技术。由于其在高数据速率、低延迟和大量设备连接方面的显著优势，5G网络在当今的商业电信网络中发挥着至关重要的作用。然而，5G网络在实际应用中也面临着一些挑战。这是因为它由各种不同的成分组成，称为异质性。5G网络的异构性有两个后果:第一，它使我们无法统一地使用这项技术，阻碍了5G技术的广泛使用;其次，它使5G网络的结构复杂化，使得很难监控5G网络中正在发生的事情。为了突破这一限制，研究人员在这一领域进行了研究，并设计了自己的协议，其中软件定义网络(SDN)是一个关键的设计概念。通过分离控制平面和数据平面，SDN可以使5G网络具有功能性和可编程性，从而可以解决传统5G网络的异构性。因此，我们说SDN-5G网络很有吸引力，但它的优势不是免费的。当涉及到安全性时，SDN中使用的智能集中化有其自身的缺点。为了突破这一限制，我们提出了基于sdn的5G网络健壮的安全架构。为了发现来自恶意攻击者的非法请求，我们增加了额外的加密身份验证，称为同步秘密。我们方案的基本思想是利用预加载秘密来区别于常规网络通信的攻击。仿真结果表明，我们的工作完全可以解决来自SDN的安全问题，断开率低至0.01%，远远优于目前的技术水平。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Future Internet Computer Science-Computer Networks and Communications

CiteScore

7.10

自引率

5.90%

发文量

303

审稿时长

11 weeks

期刊介绍： Future Internet is a scholarly open access journal which provides an advanced forum for science and research concerned with evolution of Internet technologies and related smart systems for “Net-Living” development. The general reference subject is therefore the evolution towards the future internet ecosystem, which is feeding a continuous, intensive, artificial transformation of the lived environment, for a widespread and significant improvement of well-being in all spheres of human life (private, public, professional). Included topics are: • advanced communications network infrastructures • evolution of internet basic services • internet of things • netted peripheral sensors • industrial internet • centralized and distributed data centers • embedded computing • cloud computing • software defined network functions and network virtualization • cloud-let and fog-computing • big data, open data and analytical tools • cyber-physical systems • network and distributed operating systems • web services • semantic structures and related software tools • artificial and augmented intelligence • augmented reality • system interoperability and flexible service composition • smart mission-critical system architectures • smart terminals and applications • pro-sumer tools for application design and development • cyber security compliance • privacy compliance • reliability compliance • dependability compliance • accountability compliance • trust compliance • technical quality of basic services.