Security Challenges of Small Cell as a Service in Virtualized Mobile Edge Computing Environments

  • Vassilios VassilakisEmail author
  • Emmanouil Panaousis
  • Haralambos Mouratidis
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9895)


Research on next-generation 5G wireless networks is currently attracting a lot of attention in both academia and industry. While 5G development and standardization activities are still at their early stage, it is widely acknowledged that 5G systems are going to extensively rely on dense small cell deployments, which would exploit infrastructure and network functions virtualization (NFV), and push the network intelligence towards network edges by embracing the concept of mobile edge computing (MEC). As security will be a fundamental enabling factor of small cell as a service (SCaaS) in 5G networks, we present the most prominent threats and vulnerabilities against a broad range of targets. As far as the related work is concerned, to the best of our knowledge, this paper is the first to investigate security challenges at the intersection of SCaaS, NFV, and MEC. It is also the first paper that proposes a set of criteria to facilitate a clear and effective taxonomy of security challenges of main elements of 5G networks. Our analysis can serve as a staring point towards the development of appropriate 5G security solutions. These will have crucial effect on legal and regulatory frameworks as well as on decisions of businesses, governments, and end-users.


Security Small cell as a service Network functions virtualization Mobile edge computing 5G 



The present work has been performed in the scope of the SESAME (“Small cEllS coordinAtion for Multi-tenancy and Edge services”) European Research Project and has been supported by the Commission of the European Communities (5G-PPP/H2020, Grant Agreement No. 671596).


  1. 1.
    Boccardi, F., Heath, R.W., Lozano, A., Marzetta, T.L., Popovski, P.: Five disruptive technology directions for 5G. IEEE Commun. Mag. 52(2), 74–80 (2014)CrossRefGoogle Scholar
  2. 2.
    Andreev, S., et al.: Understanding the IoT connectivity landscape: a contemporary M2M radio technology roadmap. IEEE Commun. Mag. 53(9), 32–40 (2015)CrossRefGoogle Scholar
  3. 3.
    Vardakas, J.S., Zorba, N., Skianis, C., Verikoukis, C.V.: Performance analysis of M2M communication networks for QoS-differentiated smart grid applications. In: IEEE Globecom Workshops (GC Wkshps), pp. 1–6 (2015)Google Scholar
  4. 4.
    Patel, S., Malhar, C., Kapadiya, K.: 5G: Future mobile technology - vision 2020. Int. J. Comput. Appl. 54(17), 6–10 (2012)Google Scholar
  5. 5.
    Andrews, J.G.: Seven ways that HetNets are a cellular paradigm shift. IEEE Commun. Mag. 51(3), 136–144 (2013)CrossRefGoogle Scholar
  6. 6.
    Osseiran, A., et al.: Scenarios for 5G mobile and wireless communications: the vision of the METIS project. IEEE Commun. Mag. 52(5), 26–35 (2014)CrossRefGoogle Scholar
  7. 7.
    Trakas, P., Adelantado, F., Verikoukis, C.: A novel learning mechanism for traffic offloading with small cell as a service. In: IEEE International Conference on Communications (ICC), London, U.K. (2015)Google Scholar
  8. 8.
    Giannoulakis, I., et al.: System architecture and aspects of SESAME: Small cEllS coordinAtion for Multi-tenancy and Edge services. In: 2nd IEEE Conference on Network Softwarization (NetSoft), Workshop on Software Defined 5G Networks (Soft5G), Seoul, Korea (2016)Google Scholar
  9. 9.
    Soldani, D., Manzalini, A.: A 5G infrastructure for anything-as-a-service. J. Telecommun. Syst. Manag. 3(2), 1–10 (2014)Google Scholar
  10. 10.
    Vaquero, L.M., Rodero-Merino, L.: Finding your way in the fog: towards a comprehensive definition of fog computing. ACM SIGCOMM Comput. Commun. Rev. 44(5), 27–32 (2014)CrossRefGoogle Scholar
  11. 11.
    Roman, R., Lopez, J., Mambo, M.: Mobile edge computing, fog et al.: A survey and analysis of security threats and challenges. arXiv preprint arxiv:1602.00484 (2016)
  12. 12.
    Han, B., Gopalakrishnan, V., Ji, L., Lee, S.: Network function virtualization: challenges and opportunities for innovations. IEEE Commun. Mag. 53(2), 90–97 (2015)CrossRefGoogle Scholar
  13. 13.
    Yu, R., Xue, G., Kilari, V., Zhang, X.: Network function virtualization in the multi-tenant cloud. IEEE Netw. 29(3), 42–47 (2015)CrossRefGoogle Scholar
  14. 14.
    Ameigeiras, P., et al.: Link-level access cloud architecture design based on SDN for 5G networks. IEEE Netw. 29(2), 24–31 (2015)CrossRefGoogle Scholar
  15. 15.
    Sun, S., Kadoch, M., Gong, L., Rong, B.: Integrating network function virtualization with SDR and SDN for 4G/5G networks. IEEE Netw. 29(3), 54–59 (2015)CrossRefGoogle Scholar
  16. 16.
    EC H2020 Small sElls coordinAtion for Multi-tenancy and Edge services (SESAME) Project, July 2016.
  17. 17.
    EC H2020 5G-ENSURE, July 2016.
  18. 18.
    Mantas, G., et al.: Security for 5G Communications. Fundamentals of 5G Mobile Netw. John Wiley & Sons Ltd. (2015)Google Scholar
  19. 19.
    Fang, Q., Weijie, Z., Guojun, W., Hui, F.: Unified security architecture research for 5G wireless system. In: 11th Web Information System and Application Conference, Tianjin, China (2014)Google Scholar
  20. 20.
    Yang, N., et al.: Safeguarding 5G wireless communication networks using physical layer security. IEEE Commun. Mag. 53(4), 20–27 (2015)CrossRefGoogle Scholar
  21. 21.
    Duan, X., Wang, X.: Authentication handover and privacy protection in 5G HetNets using software-defined networking. IEEE Commun. Mag. 53(4), 28–35 (2015)CrossRefGoogle Scholar
  22. 22.
    Vassilakis, V.G., Moscholios, I.D., Alzahrani, B.A., Logothetis, M.D.: A software-defined architecture for next-generation cellular networks. In: IEEE International Conference on Communications (ICC), Kuala Lumpur, Malaysia (2016)Google Scholar
  23. 23.
    Pentikousis, K., Wang, Y., Hu, W.: Mobileflow: toward software-defined mobile networks. IEEE Commun. Mag. 51(7), 44–53 (2013)CrossRefGoogle Scholar
  24. 24.
    Fajardo, J.O., et al.: Introducing mobile edge computing capabilities through distributed 5G cloud enabled small cells. Mobile Netw. Appl., 1–11 (2016). Springer, USGoogle Scholar
  25. 25.
    Skorobogatov, S.: Physical attacks and tamper resistance. In: Tehranipoor, M., Wang, C. (eds.) Introduction to Hardware Security and Trust, pp. 143–173. Springer, New York (2012)Google Scholar
  26. 26.
    Cloud Security Alliance, Security Guidance for Critical Areas of Focus in Cloud Computing V2.1, December 2009Google Scholar
  27. 27.
    Subashini, S., Kavitha, V.: A survey on security issues in service delivery models of cloud computing. J. Netw. Comput. Appl. 34(1), 1–11 (2011)CrossRefGoogle Scholar
  28. 28.
    Ryan, M.D.: Cloud computing security: the scientific challenge, and a survey of solutions. J. Syst. Softw. 86(9), 2263–2268 (2013)CrossRefGoogle Scholar
  29. 29.
    Zissis, D., Lekkas, D.: Addressing cloud computing security issues. Future Gener. Comput. Syst. 28(3), 583–592 (2012)CrossRefGoogle Scholar
  30. 30.
    Mouratidis, H., Islam, S., Kalloniatis, C., Gritzalis, S.: A framework to support selection of cloud providers based on security and privacy requirements. J. Syst. Softw. 86(9), 2276–2293 (2013)CrossRefGoogle Scholar
  31. 31.
    Dolev, D., Yao, A.C.: On the security of public key protocols. IEEE Trans. Inf. Theory 29(2), 198–208 (1983)MathSciNetCrossRefzbMATHGoogle Scholar
  32. 32.
    Papp, D., Ma, Z., Buttyan, L.: Embedded systems security: threats, vulnerabilities, and attack taxonomy. In: 13th Annual Conference on Privacy, Security and Trust, Izmir, Turkey (2015)Google Scholar
  33. 33.
    Mihaljevic, M.J., Gangopadhyay, S., Paul, G., Imai, H.: Generic cryptographic weakness of k-normal Boolean functions in certain stream ciphers and cryptanalysis of grain-128. Periodica Math. Hungarica 65(2), 205–227 (2012)MathSciNetCrossRefzbMATHGoogle Scholar
  34. 34.
    Gobbo, N., Merlo, A., Migliardi, M.: A denial of service attack to GSM networks via attach procedure. In: Cuzzocrea, A., Kittl, C., Simos, D.E., Weippl, E., Xu, L. (eds.) CD-ARES Workshops 2013. LNCS, vol. 8128, pp. 361–376. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  35. 35.
    Merlo, A., Migliardi, M., Gobbo, N., Palmieri, F., Castiglione, A.: A denial of service attack to UMTS networks using SIM-less devices. IEEE Trans. Depend. Secure Comput. 11(3), 280–291 (2014)CrossRefGoogle Scholar
  36. 36.
    Fragkiadakis, A., Askoxylakis, I., Chatziadam, P.: Denial-of-service attacks in wireless networks using off-the-shelf hardware. In: Streitz, N., Markopoulos, P. (eds.) DAPI 2014. LNCS, vol. 8530, pp. 427–438. Springer, Heidelberg (2014)CrossRefGoogle Scholar
  37. 37.
    Armando, A., Costa, G., Merlo, A.: Bring your own device, securely. In: 28th ACM Symposium on Applied Computing, Coimbra, Portugal (2013)Google Scholar
  38. 38.
    Davi, L., et al.: MoCFI: a framework to mitigate control-flow attacks on smartphones. In: 19th Annual Network & Distributed System Security Symposium, San Diego, USA (2012)Google Scholar
  39. 39.
    Wang, L.B., Wei, G.H., Li, Z.: Research of defense scheme against buffer overflow attack in embedded system. J. Comput. Appl. 12 (2012)Google Scholar
  40. 40.
    Wang, H., Chen, S., Xu, H., Ai, M., Shi, Y.: SoftNet: a software defined decentralized mobile network architecture toward 5G. IEEE Netw. 29(2), 16–22 (2015)CrossRefGoogle Scholar
  41. 41.
    Vassilakis, V.G., Moscholios, I.D., Alzahrani, B.A., Logothetis, M.D.: On the security of software-defined next-generation cellular networks. In: IEICE Information and Communication Technology Forum (ICTF), Patras, Greece (2016)Google Scholar
  42. 42.
    Kotsovinos, E.: Virtualization: Blessing or curse? Commun. ACM 54(1), 61–65 (2011)CrossRefGoogle Scholar
  43. 43.
    Barthe, G., Betarte, G., Campo, J.D., Luna, C.: Cache-leakage resilient OS isolation in an idealized model of virtualization. In: IEEE 25th Computer Security Foundations Symposium, Cambridge, USA (2012)Google Scholar
  44. 44.
    Bhargavan, K., Fournet, C., Kohlweiss, M., Pironti, A., Strub, P.: Implementing TLS with verified cryptographic security. In: 34th IEEE Symposium on Security and Privacy, San Francisco, USA (2013)Google Scholar
  45. 45.
    Rostami, M., Koushanfar, F., Rajendran, J., Karri, R.: Hardware security: threat models and metrics. In: 32nd IEEE/ACM International Conference on Computer-Aided Design, San Jose, CA (2013)Google Scholar
  46. 46.
    Findling, R.D., Mayrhofer, R.: Towards device-to-user authentication: protecting against phishing hardware by ensuring mobile device authenticity using vibration patterns. In: 14th ACM International Conference on Mobile and Ubiquitous Multimedia, pp. 131–135 (2015)Google Scholar
  47. 47.
    Perez-Botero, D., Szefer, J., Lee, R.B.: Characterizing hypervisor vulnerabilities in cloud computing servers. In: 8th ACM International Workshop on Security in Cloud Computing, Hangzhou, China, pp. 3–10 (2013)Google Scholar
  48. 48.
    Suzaki, K., Iijima, K., Yagi, T., Artho, C.: Memory deduplication as a threat to the guest OS. In: 4th ACM European Workshop on System Security, Salzburg, Austria (2011)Google Scholar
  49. 49.
    Hoesing, M.T.: Virtualization security assessment. Inf. Secur. J.: A Global Perspect. 18(3), 124–130 (2009)Google Scholar
  50. 50.
    Giust, F., Cominardi, L., Bernardos, C.: Distributed mobility management for future 5G networks: overview and analysis of existing approaches. IEEE Commun. Mag. 53(1), 142–149 (2015)CrossRefGoogle Scholar
  51. 51.
    Chen, P.Y., Cheng, S.M., Ting, P.S., Lien, C.W., Chu, F.J.: When crowdsourcing meets mobile sensing: a social network perspective. IEEE Commun. Mag. 53(10), 157–163 (2015)CrossRefGoogle Scholar
  52. 52.
    Han, Q., Liang, S., Zhang, H.: Mobile cloud sensing, big data, and 5G networks make an intelligent and smart world. IEEE Netw. 29(2), 40–45 (2015)CrossRefGoogle Scholar
  53. 53.
    Goktas, E., Athanasopoulos, E., Bos, H., Portokalidis, G.: Out of control: overcoming control-flow integrity. In: 35th IEEE Symposium on Security and Privacy, San Jose, CA (2014)Google Scholar
  54. 54.
    Nikaein, N., et al.: Network store: exploring slicing in future 5G networks. In: 10th International ACM Workshop on Mobility in the Evolving Internet Architecture, Paris, France (2015)Google Scholar
  55. 55.
    Chin, W.H., Fan, Z., Haines, R.: Emerging technologies and research challenges for 5G wireless networks. IEEE Wirel. Commun. 21(2), 106–112 (2014)CrossRefGoogle Scholar
  56. 56.
    Luo, S., Lin, Z., Chen, X., Yang, Z., Chen, J.: Virtualization security for cloud computing service. In: 4th International Conference on Cloud and Service Computing (CSC), 174–179 (2011)Google Scholar
  57. 57.
    Oyama, Y., Giang, T.T., Chubachi, Y., Shinagawa, T., Kato, K.: Detecting malware signatures in a thin hypervisor. In: 27th Annual ACM Symposium on Applied Computing, Trento, Italy (2012)Google Scholar
  58. 58.
    Hu, C., Li, Z., Ma, J., Guo, T., Shi, Z.: File parsing vulnerability detection with symbolic execution. In: IEEE 6th International Symposium on Theoretical Aspects of Software Engineering, Beijing, China (2012)Google Scholar
  59. 59.
    Chen, M., Qian, Y., Mao, S., Tang, W., Yang, X.: Software-defined mobile networks security. Mob. Netw. Appl., 1–15 (2015)Google Scholar
  60. 60.
    Roy, S., Manoj, B.S.: IoT enablers and their security and privacy issues. In: Mavromoustakis, C.X., Mastorakis, G., Batalla, J.M. (eds.) Internet of Things (IoT) in 5G Mobile Technologies. Modeling and Optimization in Science and Technologies, vol. 8, pp. 449–482. Springer International Publishing, Switzerland (2016)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2016

Authors and Affiliations

  • Vassilios Vassilakis
    • 1
    Email author
  • Emmanouil Panaousis
    • 2
  • Haralambos Mouratidis
    • 2
  1. 1.School of Computing and EngineeringUniversity of West LondonLondonUK
  2. 2.Secure and Dependable Software Systems Research Cluster, School of Computing, Engineering, and MathematicsUniversity of BrightonBrightonUK

Personalised recommendations