Balancing Data Privacy and 5G VNFs Security Monitoring: Federated Learning with CNN + BiLSTM + LSTM Model

The cloudification of telecommunication network functions with 5G is a novelty that offers higher performance than that of previous generations. However, these virtual network functions (VNFs) are exposed to internet threats when hosted in the cloud, resulting in new security challenges. Another fact is that many VNFs vendors with different security policies will be implied in 5G deployment, creating a heterogeneous 5G network. The authorities also require data privacy enhancement in 5G deployment and there is the fact that mobile operators need to inspect data for malicious traffic detection. In this situation, how can network traffic inspections be conducted effectively without infringing on data privacy? This study addresses this gap by proposing a novel state-of-the-art hybrid deep neural network that combines a convolutional neural network (CNN) stacked to bidirectional long short-term memory (BiLSTM) and unidirectional long short-term memory (LSTM) for the deep inspection of network flow for malicious traffic detection. The approach utilizes federated learning (FL) to facilitate multiple VNFs vendors to collaboratively train the proposed model without sharing VNFs’ raw data, which can mitigate the risk of data privacy violation. The proposed framework incorporates transport layer security (TLS) encryption to prevent data tempering or man-in-the-middle attacks between VNFs. The framework was validated through simulation using open-access benchmark datasets (InSDN and CICIDS2017). They achieved 99.99% and 99.58% accuracy and 0.048% and 0.617% false-positive rates for the InSDN and CICIDS2017 datasets, respectively, for FL. This study demonstrates the potential of hybrid deep learning-based FL for heterogeneous 5G network VNFs security monitoring.