Towards Secure Slicing: Using Slice Isolation to Mitigate DDoS Attacks on 5G Core Network Slices
In this paper, we propose a solution to proactively mitigate Distributed Denial-of-Service attacks in 5G core network slicing using slice isolation. Network slicing is one of the key technologies that allow 5G networks to offer dedicated resources to different industries (services). However, a Distributed Denial-of-Service attack could severely impact the performance and availability of the slices as they could share the same physical resources in a multi-tenant virtualized networking infrastructure. Slice isolation is an essential requirement for 5G network slicing. In this paper, we use network isolation to tackle the challenging problem of Distributed Denial-of-Service attacks in 5G network slicing. We propose the use of a mathematical model that can provide on-demand slice isolation as well as guarantee end-to-end delay for 5G core network slices. We evaluate the proposed work with a mix of simulation and experimental work. Our results show that the proposed isolation could mitigate Distributed Denial-of-Service attacks as well as increase the availability of the slices. We believe this work will encourage further research in securing 5G network slicing.
READ FULL TEXT