Secure Cloud Architecture for 5G Core Network

LI Lingshu; WU Jiangxing; HU Hongchao; LIU Wenyan; GUO Zehua

doi:10.1049/cje.2021.04.005

Volume 30 Issue 3

May 2021

Turn off MathJax

Article Contents

Article Navigation > Chinese Journal of Electronics > 2021 > 30(3): 516-522

LI Lingshu, WU Jiangxing, HU Hongchao, et al., “Secure Cloud Architecture for 5G Core Network,” Chinese Journal of Electronics, vol. 30, no. 3, pp. 516-522, 2021, doi: 10.1049/cje.2021.04.005

Citation:

LI Lingshu, WU Jiangxing, HU Hongchao, et al., “Secure Cloud Architecture for 5G Core Network,” Chinese Journal of Electronics, vol. 30, no. 3, pp. 516-522, 2021, doi: 10.1049/cje.2021.04.005

LI Lingshu, WU Jiangxing, HU Hongchao, et al., “Secure Cloud Architecture for 5G Core Network,” Chinese Journal of Electronics, vol. 30, no. 3, pp. 516-522, 2021, doi: 10.1049/cje.2021.04.005

Citation:

LI Lingshu, WU Jiangxing, HU Hongchao, et al., “Secure Cloud Architecture for 5G Core Network,” Chinese Journal of Electronics, vol. 30, no. 3, pp. 516-522, 2021, doi: 10.1049/cje.2021.04.005

PDF( 1394 KB)

Secure Cloud Architecture for 5G Core Network

doi: 10.1049/cje.2021.04.005

1. PLA Strategic Support Force Information Engineering University, Zhengzhou 450001, China;
2. Beijing Institute of Technology, Beijing 100000, China

Funds:

This work is supported by the National Key Research and Development Program of China (No.2018YFB0804004), the Beijing Institute of Technology Research Fund Program for Young Scholars, and the Natural Science Foundation of China under Grant (No.62002019).

Received Date: 2020-08-21

Abstract

Abstract

Service-based architecture (SBA) is a profound advancement in the novel 5G Core network (5GC). Existing studies show that SBA can benefit from cloud computing to achieve extensibility, modularity, reusability, and openness. It also brings security problems (e.g., hypervisor hijacking, and malware injection). To provide secure 5G services, we propose a service-based cloud architecture called Mimicloud for 5GC based on dynamic and heterogeneous techniques. Mimicloud provides flexible reconfiguration mechanisms to protect containers and eliminate all attack knowledge obtained from adversaries. We use multiple containers to execute crucial services and ensure security with crosscheck. Mimicloud employs heterogeneous components to prevent multiple containers from being breached through the same vulnerabilities. Experimental results show that Mimicloud can effectively strengthen the security of the 5GC. The performance overhead is analyzed in order to demonstrate its scalability.
- 5G,
- Service-based architecture,
- Cloud security,
- Cyber mimic defense

FullText(HTML)

References(22)

References

3GPP TS 29.500 v1.0.0:2018, 5G System Technical Realization of Service Based Architecture.

A. Kanellopoulos and K. Vamvoudakis, “A Moving Target Defense Control Framework for Cyber-Physical Systems”, IEEE Transactions on Automatic Control, Vol.65, No.3, pp.1029–1043, 2020.

B. Spasic, A. Rath, P. Thiran, et al., “Security pattern for cloud SaaS: from system and data security to privacy”, 4th International Conference on Cloud Computing Technologies and Applications (Cloudtech), Brussels, Belgium, pp.1–8, 2018.

P. Stewin and I. Bystrov, “Understanding DMA malware”, 9th Int Conf on Detection of Intrusions and Malware, and Vulnerability Assessment, Heraklion, Crete, Greece, pp.21–41, 2012.

A. Verma, M. Mittal and B. Chhabra, “The mutual authentication scheme to detect virtual side channel attack in cloud computing”, International Journal of Computer Science and Information Security (IJCSIS), Vol.15, No.3, pp.83–98, 2017.

I. Ahmad, T. Kumar, M. Liyanage, el al., “Overview of 5g security challenges and solutions”, IEEE Communications Standards Magazine, Vol.2, No.1, pp.36–43, 2018.

W. Meng, Y. Wang, W. Li, et al., “Enhancing intelligent alarm reduction for distributed intrusion detection systems via edge computing”, Australasian Conference on Information Security & Privacy, Springer, Cham, pp.759–767, 2018.

H. Lauer and K. Nicolai, “Hypervisor–based attestation of virtual environments”, Ubiquitous Intelligence and Computing, Toulouse, France, pp.333–340, 2016.

M. Schwarz, S. Weiser, D. Gruss, et al., “Malware guard extension: using SGX to conceal cache attacks”, International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, Bonn, Germany, pp.3–24, 2017.

J. Wu, Cyberspace Mimic Defense: Generalized Robust Control and Endogenous Security, Springer, Cham, pp.207–272, 2020.

B. Zhang, X. Chang and J. Li, “A generalized information security model SOCMD for CMD Systems”, Chinese Journal of Electronics, Vol.29, No.3, pp.417–426, 2020.

Y. Wang, J. Wu, Y. Guo, et al., “Scientific workflow execution system based on mimic defense in the cloud environment”, Frontiers of Information Technology & Electronic Engineering, Vol.19, No.12, pp.1522–1536, 2018.

L. Kleinrock, Queueing systems, Volume I: Theory, John Wiley & Sons, New Jersey, USA, pp.9–20, 1975.

I. Ahmad, T. Kumar, M. Liyanage, et al., “Overview of 5g security challenges and solutions”, IEEE Communications Standards Magazine, Vol.2, No.1, pp.36–43, 2018.

M. Polla, F. Martinelli and D. Sgandurra, “A survey on security for mobile devices”, IEEE Communications Surveys Tutorials, Vol.15, No.1, pp.446–471, 2013.

X. Pan and Z. Xiao, “Survey of location privacy–preserving”, Journal of Frontiers of Computer Science and Technology, Vol.1, No.3, pp.268–281, 2007.

J. Liu, M. Au, W. Susilo, et al., “Secure sharing and searching for real-time video data in mobile cloud”, IEEE Network, Vol.29, No.2, pp.46–50, 2015.

S. Seth and N. Singh, “Dynamic heterogeneous shortest job first (DHSJF): A task scheduling approach for heterogeneous cloud computing systems”, International Journal of Information Technology, vol. 11, pp.653–657, 2018.

M. Thompson, N. Evans and V. Kisekka, “Multiple OS rotational environment an implemented moving target defense”, IEEE International Symposium on Resilient Control Systems (ISRCS), Denver, CO, USA, pp.1–6, 2014.

J. Cho, D. Sharma, H. Alavizadeh, et al., “Toward proactive, adaptive defense: A survey on moving target defense”, IEEE Communications Surveys & Tutorials, Vol.22, No.1, pp.709–745, 2020.

S. Sengupta, S. Vadlamudi, S. Kambhampati, et al., “A game theoretic approach to strategy generation for moving target defense in Web applications”, International Foundation for Autonomous Agents and Multiagent Systems, São Paulo, Brazil, pp.178–186, 2017.

M. Zhu, Z. Hu and P. Liu, “Reinforcement learning algorithms for adaptive cyber defense against heartbleed”, ACM Workshop Moving Target Defense, Scottsdale, Arizona, USA, pp.51–58, 2014.

Relative Articles

Supplements(0)

Cited By

Proportional views