[en] As part of the 5G, Connected and Automated Vehicles (CAVs) will benefit from Network Slicing (NS) in several tailored 5G-Vehicle-to-Everything (V2X) services running on the same physical infrastructure. However, the use of 5G-NS may also increase the risk of cyber-attacks that could compromise 5G-V2X network slices (5G-V2X-NSs) and cause significant harm to CAV's passengers. This risk is particularly high at cross-borders, where CAVs move from their Home Mobile Network Operator (H-MNO) to a Visited MNO (V-MNO), with similar 5G-V2X-NSs in place. Therefore, deploying security services to neutralize 5G-V2X NS threats in this scenario is mandatory. However, if H-MNO and V-MNO act independently, deploying these security services could be inefficient and may result in increased memory, processing, and network resource consumption. Thus, MNOs should collaborate to orchestrate their security services to neutralize 5G-V2X NS attacks and optimize their costs efficiently. In this context, this paper proposes a novel approach to enhance the security of 5G-V2X NS at cross-borders using Reinforcement Learning (RL) based security orchestration. Specifically, we trained and deployed an RL agent interacting with both H-MNO and V-MNO. The RL agent efficiently deploys security services to effectively remove threats, optimize resource utilization, and minimize the impact on 5G-V2X-NSs. The performance results show that the RL-based security orchestration neutralizes threats with an average success rate of almost 100%. Additionally, resource consumption is minimal at less than 8%, and the acceptable impact on 5G-V2X-NSs is negligible, averaging less than 12%.
Disciplines :
Sciences informatiques
Auteur, co-auteur :
BOUALOUACHE, Abdelwahab ; University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCS)
Amara Korba, Abdelaziz; University of La Rochelle, France
Senouci, Sidi-Mohammed; University of Borgogne, France
Ghamri-Doudane, Yacine; University of La Rochelle, France
ENGEL, Thomas ; University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCS)
Co-auteurs externes :
yes
Langue du document :
Anglais
Titre :
Reinforcement Learning-based Security Orchestration for 5G-V2X Network Slicing at Cross-borders
Date de publication/diffusion :
décembre 2023
Nom de la manifestation :
IEEE Global Communications Conference
Organisateur de la manifestation :
IEEE
Lieu de la manifestation :
Kuala Lumpur, Malaisie
Date de la manifestation :
4–8 December 2023
Manifestation à portée :
International
Titre de l'ouvrage principal :
Reinforcement Learning-based Security Orchestration for 5G-V2X Network Slicing at Cross-borders
Maison d'édition :
IEEE
Peer reviewed :
Peer reviewed
Projet FnR :
FNR14891397 - Intelligent Orchestrated Security And Privacy-aware Slicing For 5g And Beyond Vehicular Networks, 2020 (01/04/2021-31/03/2024) - Thomas Engel
I. Afolabi, T. Taleb, K. Samdanis, A. Ksentini, and H. Flinck, "Network Slicing and Softwarization: A Survey on Principles, Enabling Technologies & Solutions, " IEEE Communications Surveys & Tutorials, vol. 20, no. 3, pp. 2429-2453, 2018.
C. Campolo, A. Molinaro, A. Iera, and F. Menichella, "5G network Slicing for Vehicle-to-Everything Services, " IEEE Wireless Communications, vol. 24, no. 6, pp. 38-45, 2017.
GSMA Association, "An Introduction to Network Slicing, " 2017. [Online]. Available: Https: //www. gsma. com/futurenetworks/wpcontent/ uploads/2017/11/GSMA-An-Introduction-to-Network-Slicing. pdf
A. Boualouache, B. Brik, Q. Tang, A. A. Korba, S. Cherrier, S.-M. Senouci, E. Pardo, Y. Ghamri-Doudane, R. Langar, and T. Engel, "5G Vehicle-to-Everything at the Cross-Borders: Security Challenges and Opportunities, " IEEE Internet of Things Magazine, vol. 6, no. 1, pp. 114-119, 2023.
S. Park, S. Kwon, Y. Park, D. Kim, and I. You, "Session management for security systems in 5g standalone network, " IEEE Access, vol. 10, pp. 73 421-73 436, 2022.
G. Amponis, P. Radoglou-Grammatikis, T. Lagkas, W. Mallouli, A. Cavalli, D. Klonidis, E. Markakis, and P. Sarigiannidis, "Threatening the 5G core via PFCP DoS attacks: The case of blocking UAV communications, " EURASIP Journal on Wireless Communications and Networking, vol. 2022, no. 1, pp. 1-27, 2022.
S. Kuklínski, K. Szczypiorski, K. Wrona, and J. Bieniasz, "5G-Enabled Defence-in-Depth for Multi-domain Operations, " in MILCOM 2022-2022 IEEE Military Communications Conference (MILCOM). IEEE, 2022, pp. 1024-1029.
T. Wichary, J. Mongay Batalla, C. X. Mavromoustakis, J. ? Zurek, and G. Mastorakis, "Network Slicing Security Controls and Assurance for Verticals, " Electronics, vol. 11, no. 2, p. 222, 2022.
A. Boualouache and T. Engel, "A Survey on Machine Learning-based Misbehavior Detection Systems for 5G and Beyond Vehicular Networks, " IEEE Communications Surveys & Tutorials, 2023.
R. Doriguzzi-Corin, S. Scott-Hayward, D. Siracusa, and E. Salvadori, "Application-centric provisioning of virtual security network functions, " in 2017 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN). IEEE, 2017, pp. 276-279.
H. Wu, Y. Zhang, H. Yang, G. Yu, and J. Cao, "Virtualized Security Function Placement for Security Service Chaining in Cloud, " in 2018 IEEE 24th International Conference on Parallel and Distributed Systems (ICPADS). IEEE, 2018, pp. 628-637.
M. M. Iordache-Sica, C. Anagnostopoulos, and D. P. Pezaros, "Towards QoS-aware Provisioning of Chained Virtual Security Services in Edge Networks, " in 2021 IFIP/IEEE International Symposium on Integrated Network Management (IM). IEEE, 2021, pp. 178-186.
R. Doriguzzi-Corin, S. Scott-Hayward, D. Siracusa, M. Savi, and E. Salvadori, "Dynamic and Application-Aware Provisioning of Chained Virtual Security Network Functions, " IEEE Transactions on Network and Service Management, vol. 17, no. 1, pp. 294-307, 2019.
G. Li, H. Zhou, B. Feng, G. Li, and S. Yu, "Automatic Selection of Security Service Function Chaining Using Reinforcement Learning, " in 2018 IEEE Globecom Workshops (GC Wkshps). IEEE, 2018, pp. 1-6.
M. Zolotukhin, P. Kotilainen, and T. Hämäläinen, "Intelligent IDS Chaining for Network Attack Mitigation in SDN, " in 2021 17th International Conference on Mobility, Sensing and Networking (MSN). IEEE, 2021, pp. 786-791.
N. Toumi, M. Bagaa, and A. Ksentini, "Hierarchical multi-agent deep reinforcement learning for SFC placement on multiple domains, " in 2021 IEEE 46th Conference on Local Computer Networks (LCN). IEEE, 2021, pp. 299-304.
R. Sedar, C. Kalalas, F. Vázquez-Gallego, and J. Alonso-Zarate, "Reinforcement Learning-based Misbehaviour Detection in V2X Scenarios, " in 2021 IEEE International Mediterranean Conference on Communications and Networking (MeditCom). IEEE, 2021, pp. 109-111.
-, "Reinforcement Learning Based Misbehavior Detection in Vehicular Networks, " in ICC 2022-IEEE International Conference on Communications. IEEE, 2022, pp. 3550-3555.
3GPP TS 33. 501, "Security architecture and procedures for 5G system (Release 17), " Sep 2022.
R. S. Sutton and A. G. Barto, Reinforcement learning: An introduction. MIT press, 2018.
