Cross-Layer Security Using AI/Machine Learning

Motivation

Heterogeneous networks, such as 5G networks for IoT, industrial applications, sensor networks or high-density networks can be sufficiently cumbersome for monitoring and management from security viewpoint. In a very high density networks, the vulnerabilities can go unnoticed and overlooked, allowing for attackers to exploit the very same in order to gain advantage. In this case, a firewall and intrusion detection system may not be sufficient and thus, we resort towards smarter mechanism for tackling the vulnerabilities.

Furthermore, the 5G networks’ main strength is the Network Slicing concept that allows for diverse logical segments of a same network. The slicing will allow for tailored service experience according to the requirements of the users, as well as adequate Quality of Service (QoS). In a single network there may be multiple network slices for different purposes, for example a network slice for mobile communications using phones and a network slice for smart home and devices used in the same. By default, these two should be isolated from each other and users’ devices attached to each slice should not be able to communicate with each other in a cross-slice manner.

Nevertheless, a security loophole may transpire and the attackers can execute their attacks from another network slice. In times of emergency, different security rules and protocols apply, which on the contrary can weaken the inter-slice security and the attacks in this case can be very hard to identify and tackle because of two main reasons:

  • Unknown attack vectors
  • Unknown intentions of the attackers (sometimes attackers only eavesdrop and collect information without compromising the system)

To resolve and question this issue, the Secure 5G4IoT Lab focuses on mechanisms employed by the Machine Learning / Artificial Intelligence anomaly detection to find such attacks and predict the same. In that case, it is possible to isolate the cause and prevent a security breach in time before damage is done. However, there are some questions that this research should answer beforehand.

The Research Questions:

  • How should the anomaly detection be realized on top of each network slice?
  • What kind of data should be collected in order to train the required AI system?
  • Should this data be anonymized and whether should it leave the premises or the users or not?
  • How to safe-guard the anomaly detection system from adversarial attacks on itself?
  • How to predict possible attacks and react in emergency cases?
  • Can the system prune towards other entities beyond the cross-layer model?

The Research Approach:

To find the answers to the research questions efforts have been successively put into the following tasks:

  1. Defining the type and volume of data to be collected
  2. Training a special model for recognizing anomalies in highly dense heterogeneous networks
  3. Considering user privacy and data reducing to provide anonimization for sensitive personal information