Abstract
Fog and mobile edge computing (MEC) will play a key role in the upcoming fifth generation (5G) mobile networks to support decentralized applications, data analytics and management into the network itself by using a highly distributed compute model. Furthermore, increasing attention is paid to providing user-centric cybersecurity solutions, which particularly require collecting, processing and analyzing significantly large amount of data traffic and huge number of network connections in 5G networks. In this regard, this paper proposes a MEC-oriented solution in 5G mobile networks to detect network anomalies in real-time and in autonomic way. Our proposal uses deep learning techniques to analyze network flows and to detect network anomalies. Moreover, it uses policies in order to provide an efficient and dynamic management system of the computing resources used in the anomaly detection process. The paper presents relevant aspects of the deployment of the proposal and experimental results to show its performance.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Abadi M, Barham P, Chen, J et al (2016) TensorFlow: a system for large-scale machine learning. In: 12th USENIX symposium on operating systems design and implementation, pp 265–283
Alrawais A, Alhothaily A, Hu C, Cheng X (2017) Fog computing for the internet of things: security and privacy issues. IEEE Internet Comput 21(2):34–42
Anagnostopoulos M, Kambourakis G, Gritzalis S (2016) New facets of mobile botnet: architecture and evaluation. Int J Inf Secur 15(5):455–473
Buczak A, Guven E (2016) A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun Surv Tutor 18(2):1153–1176
Chandola V, Banerjee A, Kumar V (2009) Anomaly detection: a survey. ACM Comput Surv 41(3):15:1–15:58
Chang X, Nie F, Wang S, Yang Y, Zhou X, Zhang C (2016) Compound rank-\(k\) projections for bilinear analysis. IEEE Trans Neural Netw Learn Syst 27(7):1502–1513
Chang X, Yu Y, Yang Y, Xing E (2017) Semantic pooling for complex event analysis in untrimmed videos. IEEE Trans Pattern Anal Mach Intell 39(8):1617–1632
Chen J, Cheng X, Du R, Hu L, Wang C (2017) BotGuard: lightweight real-time botnet detection in software defined networks. Wuhan Univ J Nat Sci 22(2):103–113
ETSI NFV ISG (2017) Network functions virtualisation (NFV); Network Operator Perspectives on NFV priorities for 5G. Technical report. http://portal.etsi.org/NFV/NFV_White_Paper_5G.pdf
Facebook Open Source (2017) Caffe2: a new hightweight, modular, and scalable deep learning framework [online]. http://caffe2.ai. Accessed 25 April 2018
Fernández Maimó L, Perales Gómez A, García Clemente F, Gil Pérez M, Martínez Pérez G (2018) A self-adaptive deep learning-based system for anomaly detection in 5G networks. IEEE Access 6:7700–7712
Garcia S, Grill M, Stiborek J, Zunino A (2014) An empirical comparison of botnet detection methods. Comput Secur 45:100–123
Garcia-Teodoro P, Diaz-Verdejo J, Maciá-Fernández G, Vázquez E (2009) Anomaly-based network intrusion detection: techniques, systems and challenges. Comput Secur 28(1–2):18–28
Gardiner J, Nagaraja S (2016) On the security of machine learning in malware C&C detection: a survey. ACM Comput Surv 49(3):59:1–59:39
Gil Pérez M, Huertas Celdrán A, Ippoliti F et al (2017) Dynamic reconfiguration in 5G mobile networks to proactively detect and mitigate botnets. IEEE Internet Comput 21(5):28–36
Machado C, Granville L, Schaeffer-Filho A (2016) ANSwer: Combining NFV and SDN features for network resilience strategies. In: IEEE symposium on computers and communication, pp 391–396
Mantas G, Komninos N, Rodriguez J, Logota E, Marques H (2015) Security for 5G communications. In: Rodriguez J (ed) Fundamentals of 5G mobile networks. Wiley, Hoboken, pp 207–220
Mijumbi R, Serrat J, Gorricho J, Bouten N, De Turck F, Boutaba R (2015) Network function virtualization: State-of-the-art and research challenges. IEEE Commun Surv Tut 18(1):236–262
Neves P, Calé R, Costa M et al (2017) Future mode of operations for 5G-The SELFNET approach enabled by SDN/NFV. Comp Stand Inter 54(4):229–246
Siddiqui MS, Legarrea A, Escalona E et al (2016) Hierarchical, virtualised and distributed intelligence 5G architecture for low-latency and secure applications. Trans Emerg Telecommun Technol 27(9):1233–1241
Sohal A, Sandhu R, Sood S, Chang V (2018) A cybersecurity framework to identify malicious edge device in fog computing and cloud-of-things environments. Comput Secur 74:340–354
Suárez-Albela M, Fernández-Caramés T, Fraga-Lamas P, Castedo L (2017) A practical evaluation of a high-security energy-efficient gateway for IoT fog computing applications. Sensors 17(9):1978
The 5G Infraestructure Public Private Partnership (5G-PPP) (2017) Key Performance Indicators [online]. http://5g-ppp.eu/kpis. Accessed 25 April 2018
Tran Q, Jiang F, Hu J (2012) A real-time NetFlow-based intrusion detection system with improved BBNN and high-frequency field programmable gate arrays. In: IEEE 11th international conference on trust, security and privacy in computing and communications, pp 201–208
Wang W, Sheng Y, Wang J et al (2018) HAST-IDS: learning hierarchical spatial-temporal features using deep neural networks to improve intrusion detection. IEEE Access 6:1792–1806
Yin C, Zhu Y, Fei J, He X (2017) A deep learning approach for intrusion detection using recurrent neural networks. IEEE Access 5:21,954–21,961
Acknowledgements
This work has been partially supported by a Séneca Foundation grant within the Human Resources Researching Postdoctoral Program 2018, a postdoctoral INCIBE grant within the “Ayudas para la Excelencia de los Equipos de Investigación Avanzada en Ciberseguridad” Program, with code INCIBEI-2015-27352, the European Commission Horizon 2020 Programme under Grant Agreement Number H2020-ICT-2014-2/671672 - SELFNET (Framework for Self-Organized Network Management in Virtualized and Software Defined Networks), and the European Commission (FEDER/ERDF).
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Fernández Maimó, L., Huertas Celdrán, A., Gil Pérez, M. et al. Dynamic management of a deep learning-based anomaly detection system for 5G networks. J Ambient Intell Human Comput 10, 3083–3097 (2019). https://doi.org/10.1007/s12652-018-0813-4
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12652-018-0813-4