Towards the autonomous provision of self-protection capabilities in 5G networks

  • Alberto Huertas Celdrán
  • Manuel Gil Pérez
  • Félix J. García Clemente
  • Gregorio Martínez Pérez
Original Research


5G mobile networks are pushing new dynamic and flexible scenarios that demand the automation and optimization of network management processes. In this sense, Self-Organizing Networks (SON) arose to evolve from traditional manual management towards fully autonomic and dynamic processes. Due to the large volumes of data generated in 5G networks, functionalities and capabilities of SON require efficient processes and resource optimization techniques. In particular, self-protection is a critical capability of SON focused on protecting the network resources in a flexible and autonomic way. To achieve self-protection, SON perform different processes ranging from the monitoring of network communications to the analysis, detection, and mitigation of cyber-attacks. In this article, we propose an architecture that combines the Software Defined Networking and Network Functions Virtualization technologies to optimize the usage of network resources for monitoring services. A use case based on botnet detection in 5G networks shows how our architecture ensures the provision of monitoring services in managing self-protection scenarios. Additionally, we describe a set of experiments that confirm the best time calculated by our solution to deploy or reconfigure monitoring and detection services. These experiments consider different aspects like the number of zombies shaping the botnet, their mobility, or network traffic.


Network monitoring Software Defined Networking Virtualization Botnets 5G mobile networks 



This work has been supported by a Séneca Foundation grant within the Human Resources Researching Postdoctoral Program 2018, an Irish Research Council Government Postdoctoral Fellowship Award 2018, a postdoctoral INCIBE grant within the “Ayudas para la Excelencia de los Equipos de Investigación Avanzada en Ciberseguridad” Program, with code INCIBEI-2015-27352, as well as European Commission FEDER funds, under grant TIN2015-66972-C5-3-R and the European Commission Horizon 2020 Programme under grant agreement number H2020-ICT-2014-2/671672 - SELFNET (Framework for Self-Organized Network Management in Virtualized and Software Defined Networks).


  1. 5G-PPP Consortium (2018) Key performance indicators. Accessed 20 Mar 2018
  2. Anagnostopoulos M, Kambourakis G, Gritzalis S (2016) New facets of mobile botnet: architecture and evaluation. Int J Inf Secur 15(5):455–473. CrossRefGoogle Scholar
  3. Bhattacherjee D (2016) Stepping stone detection for tracing attack sources in Software-Defined Networks. Master’s thesis, Aalto University, FinlandGoogle Scholar
  4. Chen J, Cheng X, Du R, Hu L, Wang C (2017) BotGuard: lightweight real-time botnet detection in software defined networks. Wuhan Univ J Nat Sci 22(2):103–113. MathSciNetCrossRefGoogle Scholar
  5. Chowdhury SR, Bari MF, Ahmed R, Boutaba R (2014) PayLess: a low cost network monitoring framework for software defined networks. In: 2014 IEEE network operations and management symposium, pp 1–9.
  6. Demarest J (2014) Taking down botnets: public and private efforts to disrupt and dismantle cybercriminal networks (Statement Before the Senate Judiciary Committee, Subcommittee on Crime and Terrorism). Accessed 20 Mar 2018
  7. Duan Q, Ansari N, Toy M (2016) Software-defined network virtualization: an architectural framework for integrating SDN and NFV for service provisioning in future networks. IEEE Netw 30(5):10–16. CrossRefGoogle Scholar
  8. ETSI NFV ISG (2017) Network functions virtualisation (NFV); network operator perspectives on NFV priorities for 5G. Accessed 20 Mar 2018
  9. Gil Pérez M, Huertas Celdrán A, Ippoliti F, Giardina PG, Bernini G, Marco Alaez R, Chirivella-Perez E, García Clemente FJ, Martínez Pérez G, Kraja E, Carrozzo G, Alcaraz Calero J, Wang Q (2017) Dynamic reconfiguration in 5G mobile networks to proactively detect and mitigate botnets. IEEE Internet Comput 21(5):28–36. CrossRefGoogle Scholar
  10. Gupta B, Agrawal DP, Yamaguchi S (2016) Handbook of research on modern cryptographic solutions for computer and cyber security, 1st edn. IGI GlobalGoogle Scholar
  11. Hsiao YM, Chen MJ, Chu YS, Huang CH (2012) High-throughput intrusion detection system with parallel pattern matching. IEICE Electron Express 9(18):1467–1472. CrossRefGoogle Scholar
  12. Huang Z, Liu S, Mao X, Chen K, Li J (2017) Insight of the protection for data security under selective opening attacks. Inf Sci 412–413:223–241. CrossRefGoogle Scholar
  13. Huertas Celdrán A, Gil Pérez M, García Clemente FJ, Martínez Pérez G (2017) Automatic monitoring management for 5G mobile networks. In: 12th International conference on future networks and communications, pp 328–335.
  14. Isolani PH, Wickboldt JA, Both CB, Rochol J, Granville LZ (2015) Interactive monitoring, visualization, and configuration of OpenFlow-based SDN. In: 2015 IFIP/IEEE international symposium on integrated network management, pp 207–215.
  15. Jararweh Y, Al-Ayyoub M, Darabseh A, Benkhelifa E, Vouk M, Rindos A (2015) SDIoT: a software defined based internet of things framework. J Ambient Intell Hum Comput 6(4):453–461. CrossRefGoogle Scholar
  16. Jorguseski L, Pais A, Gunnarsson F, Centonza A, Willcock C (2014) Self-organizing networks in 3GPP: standardization and future trends. IEEE Commun Mag 52(12):28–34. CrossRefGoogle Scholar
  17. Li J, Zhang Y, Chen X, Xiang Y (2018) Secure attribute-based data sharing for resource-limited users in cloud computing. Comput Secur 72:1–12. CrossRefGoogle Scholar
  18. Machado CC, Granville LZ, Schaeffer-Filho A (2016) ANSwer: combining NFV and SDN features for network resilience strategies. In: 2016 IEEE symposium on computers and communication, pp 391–396.
  19. Mahmoud M, Nir M, Matrawy A (2015) A survey on botnet architectures, detection and defences. Int J Netw Secur 17(3):272–289. Google Scholar
  20. Mamoori SA, Rami D, Jaekel A (2018) Energy-efficient anycast scheduling and resource allocation in optical grids. J Ambient Intell Hum Comput 9(1):73–83. CrossRefGoogle Scholar
  21. Mantas G, Komninos N, Rodriguez J, Logota E, Marques H (2015) Fundamentals of 5G mobile networks, chap Security for 5G communications. Wiley, Hoboken, pp 207–220.
  22. Mijumbi R, Serrat J, Gorricho JL, Bouten N, De Turck F, Boutaba R (2015) Network function virtualization: state-of-the-art and research challenges. IEEE Commun Surv Tutor 18(1):236–262. CrossRefGoogle Scholar
  23. Mostafazadeh Davani A, Nazari Shirehjini AA, Daraei S (2018) Towards interacting with smarter systems. J Ambient Intell Hum Comput 9(1):187–209. CrossRefGoogle Scholar
  24. Muñoz R, Vilalta R, Casellas R, Martinez R, Szyrkowiec T, Autenrieth A, López V, López D (2015) Integrated SDN/NFV management and orchestration architecture for dynamic deployment of virtual SDN control instances for virtual tenant networks. J Opt Commun Netw 7(11):B62–B70. CrossRefGoogle Scholar
  25. Namal S, Ahmad I, Gurtov A, Ylianttila M (2013) SDN based inter-technology load balancing leveraged by flow admission control. In: 2013 IEEE SDN for future networks and services, pp 1–5.
  26. Open Information Security Foundation (2018) Suricata: open source IDS/IPS/NSM engine. Accessed 20 Mar 2018
  27. Raza Shah SA, Issac B (2018) Performance comparison of intrusion detection systems and application of machine learning to Snort system. Fut Gener Comput Syst 80:157–170. CrossRefGoogle Scholar
  28. Saucedo-Martínez JA, Pérez-Lara M, Marmolejo-Saucedo JA, Salais-Fierro TE, Vasant P (2017) Industry 4.0 framework for management and operations: a review. J Ambient Intell Hum Comput. Google Scholar
  29. Singh S, Jha RK (2017) A survey on software defined networking:architecture for next generation network. J Netw Syst Manag 25(2):321–374. CrossRefGoogle Scholar
  30. Sourcefire, Inc (2018) Snort: an open source network intrusion detection and prevention system. Accessed 20 Mar 2018
  31. Van Adrichem NLM, Doerr C, Kuipers FA (2014) OpenNetMon: network monitoring in OpenFlow software-defined networks. In: 2014 IEEE network operations and management symposium, pp 1–8.
  32. Wibowo FXA, Gregory MA, Ahmed K, Gomez KM (2017) Multi-domain software defined networking: research status and challenges. J Netw Comput Appl 87:32–45. CrossRefGoogle Scholar

Copyright information

© Springer-Verlag GmbH Germany, part of Springer Nature 2018

Authors and Affiliations

  • Alberto Huertas Celdrán
    • 1
    • 3
  • Manuel Gil Pérez
    • 1
  • Félix J. García Clemente
    • 2
  • Gregorio Martínez Pérez
    • 1
  1. 1.Departamento de Ingeniería de la Información y las ComunicacionesUniversity of MurciaMurciaSpain
  2. 2.Departamento de Ingeniería y Tecnología de ComputadoresUniversity of MurciaMurciaSpain
  3. 3.Telecommunications Software & Systems GroupWaterford Institute of TechnologyWaterfordIreland

Personalised recommendations