Abstract
5G mobile networks are pushing new dynamic and flexible scenarios that demand the automation and optimization of network management processes. In this sense, Self-Organizing Networks (SON) arose to evolve from traditional manual management towards fully autonomic and dynamic processes. Due to the large volumes of data generated in 5G networks, functionalities and capabilities of SON require efficient processes and resource optimization techniques. In particular, self-protection is a critical capability of SON focused on protecting the network resources in a flexible and autonomic way. To achieve self-protection, SON perform different processes ranging from the monitoring of network communications to the analysis, detection, and mitigation of cyber-attacks. In this article, we propose an architecture that combines the Software Defined Networking and Network Functions Virtualization technologies to optimize the usage of network resources for monitoring services. A use case based on botnet detection in 5G networks shows how our architecture ensures the provision of monitoring services in managing self-protection scenarios. Additionally, we describe a set of experiments that confirm the best time calculated by our solution to deploy or reconfigure monitoring and detection services. These experiments consider different aspects like the number of zombies shaping the botnet, their mobility, or network traffic.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
5G-PPP Consortium (2018) Key performance indicators. http://5g-ppp.eu/kpis/. Accessed 20 Mar 2018
Anagnostopoulos M, Kambourakis G, Gritzalis S (2016) New facets of mobile botnet: architecture and evaluation. Int J Inf Secur 15(5):455–473. https://doi.org/10.1007/s10207-015-0310-0
Bhattacherjee D (2016) Stepping stone detection for tracing attack sources in Software-Defined Networks. Master’s thesis, Aalto University, Finland
Chen J, Cheng X, Du R, Hu L, Wang C (2017) BotGuard: lightweight real-time botnet detection in software defined networks. Wuhan Univ J Nat Sci 22(2):103–113. https://doi.org/10.1007/s11859-017-1223-8
Chowdhury SR, Bari MF, Ahmed R, Boutaba R (2014) PayLess: a low cost network monitoring framework for software defined networks. In: 2014 IEEE network operations and management symposium, pp 1–9. https://doi.org/10.1109/NOMS.2014.6838227
Demarest J (2014) Taking down botnets: public and private efforts to disrupt and dismantle cybercriminal networks (Statement Before the Senate Judiciary Committee, Subcommittee on Crime and Terrorism). http://www.fbi.gov/news/testimony/taking-down-botnets/. Accessed 20 Mar 2018
Duan Q, Ansari N, Toy M (2016) Software-defined network virtualization: an architectural framework for integrating SDN and NFV for service provisioning in future networks. IEEE Netw 30(5):10–16. https://doi.org/10.1109/MNET.2016.7579021
ETSI NFV ISG (2017) Network functions virtualisation (NFV); network operator perspectives on NFV priorities for 5G. http://portal.etsi.org/NFV/NFV-White-Paper-5G.pdf. Accessed 20 Mar 2018
Gil Pérez M, Huertas Celdrán A, Ippoliti F, Giardina PG, Bernini G, Marco Alaez R, Chirivella-Perez E, García Clemente FJ, Martínez Pérez G, Kraja E, Carrozzo G, Alcaraz Calero J, Wang Q (2017) Dynamic reconfiguration in 5G mobile networks to proactively detect and mitigate botnets. IEEE Internet Comput 21(5):28–36. https://doi.org/10.1109/MIC.2017.3481345
Gupta B, Agrawal DP, Yamaguchi S (2016) Handbook of research on modern cryptographic solutions for computer and cyber security, 1st edn. IGI Global
Hsiao YM, Chen MJ, Chu YS, Huang CH (2012) High-throughput intrusion detection system with parallel pattern matching. IEICE Electron Express 9(18):1467–1472. https://doi.org/10.1587/elex.9.1467
Huang Z, Liu S, Mao X, Chen K, Li J (2017) Insight of the protection for data security under selective opening attacks. Inf Sci 412–413:223–241. https://doi.org/10.1016/j.ins.2017.05.031
Huertas Celdrán A, Gil Pérez M, García Clemente FJ, Martínez Pérez G (2017) Automatic monitoring management for 5G mobile networks. In: 12th International conference on future networks and communications, pp 328–335. https://doi.org/10.1016/j.procs.2017.06.102
Isolani PH, Wickboldt JA, Both CB, Rochol J, Granville LZ (2015) Interactive monitoring, visualization, and configuration of OpenFlow-based SDN. In: 2015 IFIP/IEEE international symposium on integrated network management, pp 207–215. https://doi.org/10.1109/INM.2015.7140294
Jararweh Y, Al-Ayyoub M, Darabseh A, Benkhelifa E, Vouk M, Rindos A (2015) SDIoT: a software defined based internet of things framework. J Ambient Intell Hum Comput 6(4):453–461. https://doi.org/10.1007/s12652-015-0290-y
Jorguseski L, Pais A, Gunnarsson F, Centonza A, Willcock C (2014) Self-organizing networks in 3GPP: standardization and future trends. IEEE Commun Mag 52(12):28–34. https://doi.org/10.1109/MCOM.2014.6979983
Li J, Zhang Y, Chen X, Xiang Y (2018) Secure attribute-based data sharing for resource-limited users in cloud computing. Comput Secur 72:1–12. https://doi.org/10.1016/j.cose.2017.08.007
Machado CC, Granville LZ, Schaeffer-Filho A (2016) ANSwer: combining NFV and SDN features for network resilience strategies. In: 2016 IEEE symposium on computers and communication, pp 391–396. https://doi.org/10.1109/ISCC.2016.7543771
Mahmoud M, Nir M, Matrawy A (2015) A survey on botnet architectures, detection and defences. Int J Netw Secur 17(3):272–289. https://doi.org/10.6633/IJNS.201505.17(3).06
Mamoori SA, Rami D, Jaekel A (2018) Energy-efficient anycast scheduling and resource allocation in optical grids. J Ambient Intell Hum Comput 9(1):73–83. https://doi.org/10.1007/s12652-017-0527-z
Mantas G, Komninos N, Rodriguez J, Logota E, Marques H (2015) Fundamentals of 5G mobile networks, chap Security for 5G communications. Wiley, Hoboken, pp 207–220. https://doi.org/10.1002/9781118867464.ch9
Mijumbi R, Serrat J, Gorricho JL, Bouten N, De Turck F, Boutaba R (2015) Network function virtualization: state-of-the-art and research challenges. IEEE Commun Surv Tutor 18(1):236–262. https://doi.org/10.1109/COMST.2015.2477041
Mostafazadeh Davani A, Nazari Shirehjini AA, Daraei S (2018) Towards interacting with smarter systems. J Ambient Intell Hum Comput 9(1):187–209. https://doi.org/10.1007/s12652-016-0433-9
Muñoz R, Vilalta R, Casellas R, Martinez R, Szyrkowiec T, Autenrieth A, López V, López D (2015) Integrated SDN/NFV management and orchestration architecture for dynamic deployment of virtual SDN control instances for virtual tenant networks. J Opt Commun Netw 7(11):B62–B70. https://doi.org/10.1364/JOCN.7.000B62
Namal S, Ahmad I, Gurtov A, Ylianttila M (2013) SDN based inter-technology load balancing leveraged by flow admission control. In: 2013 IEEE SDN for future networks and services, pp 1–5. https://doi.org/10.1109/SDN4FNS.2013.6702551
Open Information Security Foundation (2018) Suricata: open source IDS/IPS/NSM engine. http://suricata-ids.org/. Accessed 20 Mar 2018
Raza Shah SA, Issac B (2018) Performance comparison of intrusion detection systems and application of machine learning to Snort system. Fut Gener Comput Syst 80:157–170. https://doi.org/10.1016/j.future.2017.10.016
Saucedo-Martínez JA, Pérez-Lara M, Marmolejo-Saucedo JA, Salais-Fierro TE, Vasant P (2017) Industry 4.0 framework for management and operations: a review. J Ambient Intell Hum Comput. https://doi.org/10.1007/s12652-017-0533-1
Singh S, Jha RK (2017) A survey on software defined networking:architecture for next generation network. J Netw Syst Manag 25(2):321–374. https://doi.org/10.1007/s10922-016-9393-9
Sourcefire, Inc (2018) Snort: an open source network intrusion detection and prevention system. http://www.snort.org/. Accessed 20 Mar 2018
Van Adrichem NLM, Doerr C, Kuipers FA (2014) OpenNetMon: network monitoring in OpenFlow software-defined networks. In: 2014 IEEE network operations and management symposium, pp 1–8. https://doi.org/10.1109/NOMS.2014.6838228
Wibowo FXA, Gregory MA, Ahmed K, Gomez KM (2017) Multi-domain software defined networking: research status and challenges. J Netw Comput Appl 87:32–45. https://doi.org/10.1016/j.jnca.2017.03.004
Acknowledgements
This work has been supported by a Séneca Foundation grant within the Human Resources Researching Postdoctoral Program 2018, an Irish Research Council Government Postdoctoral Fellowship Award 2018, a postdoctoral INCIBE grant within the “Ayudas para la Excelencia de los Equipos de Investigación Avanzada en Ciberseguridad” Program, with code INCIBEI-2015-27352, as well as European Commission FEDER funds, under grant TIN2015-66972-C5-3-R and the European Commission Horizon 2020 Programme under grant agreement number H2020-ICT-2014-2/671672 - SELFNET (Framework for Self-Organized Network Management in Virtualized and Software Defined Networks).
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Huertas Celdrán, A., Gil Pérez, M., García Clemente, F.J. et al. Towards the autonomous provision of self-protection capabilities in 5G networks. J Ambient Intell Human Comput 10, 4707–4720 (2019). https://doi.org/10.1007/s12652-018-0848-6
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12652-018-0848-6