Biblio

The recent 5G networks aim to provide higher speed, lower latency, and greater capacity; therefore, compared to the previous mobile networks, more advanced and intelligent network security is essential for 5G networks. To detect unknown and evolving 5G network intrusions, this paper presents an artificial intelligence (AI)-based network threat detection system to perform data labeling, data filtering, data preprocessing, and data learning for 5G network flow and security event data. The performance evaluations are first conducted on two well-known datasets-NSL-KDD and CICIDS 2017; then, the practical testing of proposed system is performed in 5G industrial IoT environments. To demonstrate detection against network threats in real 5G environments, this study utilizes the 5G model factory, which is downscaled to a real smart factory that comprises a number of 5G industrial IoT-based devices.

The introduction of the study primarily emphasises the significance of utilising block chain technologies with the possibility of privacy and security benefits from the 5G Network. One may state that the study’s primary focus is on all the advantages of adopting block chain technology to safeguard everyone’s access to crucial data by utilizing intelligent contracts to enhance the 5G network security model on information security operations.Our literature evaluation for the study focuses primarily on the advantages advantages of utilizing block chain technology advance data security and privacy, as well as their development and growth. The whole study paper has covered both the benefits and drawbacks of employing the block chain technology. The literature study part of this research article has, on the contrary hand, also studied several approaches and tactics for using the blockchain technology facilities. To fully understand the circumstances in this specific case, a poll was undertaken. It was possible for the researchers to get some real-world data in this specific situation by conducting a survey with 51 randomly selected participants.

The 5G research community is increasingly leveraging the innovative features offered by Information Centric Networking (ICN). However, ICN’s fundamental features, such as in-network caching, make access control enforcement more challenging in an ICN-based 5G deployment. To address this shortcoming, we propose a Blockchain-based Decentralized Authentication Protocol (BDAP) which enables efficient and secure mobile user authentication in an ICN-based 5G network. We show that BDAP is robust against a variety of attacks to which mobile networks and blockchains are particularly vulnerable. Moreover, a preliminary performance analysis suggests that BDAP can reduce the authentication delay compared to the standard 5G authentication protocols.

Nowadays, 5G has been widely used in various fields. People are starting to turn their attention to 6G. Therefore, at the beginning, this paper describes in detail the principle and performance of 6G, and introduces the key technologies of 6G, Cavity technology and THz technology. Based on the high-performance indicators of 6G, we then study the possible application changes brought by 6G, for example, 6G technology will make remote surgery and remote control possible. 6G technology will make remote surgery and remote control possible. 6G will speed up the interconnection of everything, allowing closer and faster connection between cars. Next, virtual reality is discussed. 6G technology will enable better development of virtual reality technology and enhance people's immersive experience. Finally, we present the issues that need to be addressed with 6G technology, such as cybersecurity issues and energy requirements. As well as the higher challenges facing 6G technology, such as connectivity and communication on a larger social plane.

The concept of a connected vehicle refers to the linking of vehicles to each other and to other things. Today, developments in the Internet of Things (IoT) and 5G have made a significant contribution to connected vehicle technology. In addition to many positive contributions, connected vehicle technology also brings with it many security-related problems. In this study, a digital signature algorithm based on elliptic curve cryptography is proposed to verify the message and identity sent to the vehicles. In the proposed model, with the anonymous identification given to the vehicle by the central unit, the vehicle is prevented from being detected by other vehicles and third parties. Thus, even if the personal data produced in the vehicles is shared, it cannot be found which vehicle it belongs to.

Currently, research on 5G communication is focusing increasingly on communication techniques. The previous studies have primarily focused on the prevention of communications disruption. To date, there has not been sufficient research on network anomaly detection as a countermeasure against on security aspect. 5g network data will be more complex and dynamic, intelligent network anomaly detection is necessary solution for protecting the network infrastructure. However, since the AI-based network anomaly detection is dependent on data, it is difficult to collect the actual labeled data in the industrial field. Also, the performance degradation in the application process to real field may occur because of the domain shift. Therefore, in this paper, we research the intelligent network anomaly detection technique based on domain adaptation (DA) in 5G edge network in order to solve the problem caused by data-driven AI. It allows us to train the models in data-rich domains and apply detection techniques in insufficient amount of data. For Our method will contribute to AI-based network anomaly detection for improving the security for 5G edge network.

In this work, we propose a novel framework to identify and mitigate a recently disclosed covert channel scheme exploiting unprotected broadcast messages in cellular MAC layer protocols. Examples of covert channel are used in data exfiltration, remote command-and-control (CnC) and espionage. Responsibly disclosed to GSMA (CVD-2021-0045), the SPAR-ROW covert channel scheme exploits the downlink power of LTE/5G base-stations that broadcast contention resolution identity (CRI) from any anonymous device according to the 3GPP standards. Thus, the SPARROW devices can covertly relay short messages across long-distance which can be potentially harmful to critical infrastructure. The SPARROW schemes can also complement the solutions for long-range M2M applications. This work investigates the security vs. performance trade-off in CRI-based contention resolution mechanisms. Then it offers a rig-orously designed method to randomly obfuscate CRI broadcast in future 5G/6G standards. Compared to CRI length reduction, the proposed method achieves considerable protection against SPARROW exploitation with less impact on the random-access performance as shown in the numerical results.

The digital transformation brought on by 5G is redefining current models of end-to-end (E2E) connectivity and service reliability to include security-by-design principles necessary to enable 5G to achieve its promise. 5G trustworthiness highlights the importance of embedding security capabilities from the very beginning while the 5G architecture is being defined and standardized. Security requirements need to overlay and permeate through the different layers of 5G systems (physical, network, and application) as well as different parts of an E2E 5G architecture within a risk-management framework that takes into account the evolving security-threats landscape. 5G presents a typical use-case of wireless communication and computer networking convergence, where 5G fundamental building blocks include components such as Software Defined Networks (SDN), Network Functions Virtualization (NFV) and the edge cloud. This convergence extends many of the security challenges and opportunities applicable to SDN/NFV and cloud to 5G networks. Thus, 5G security needs to consider additional security requirements (compared to previous generations) such as SDN controller security, hypervisor security, orchestrator security, cloud security, edge security, etc. At the same time, 5G networks offer security improvement opportunities that should be considered. Here, 5G architectural flexibility, programmability and complexity can be harnessed to improve resilience and reliability. The working group scope fundamentally addresses the following: •5G security considerations need to overlay and permeate through the different layers of the 5G systems (physical, network, and application) as well as different parts of an E2E 5G architecture including a risk management framework that takes into account the evolving security threats landscape. •5G exemplifies a use-case of heterogeneous access and computer networking convergence, which extends a unique set of security challenges and opportunities (e.g., related to SDN/NFV and edge cloud, etc.) to 5G networks. Similarly, 5G networks by design offer potential security benefits and opportunities through harnessing the architecture flexibility, programmability and complexity to improve its resilience and reliability. •The IEEE FNI security WG's roadmap framework follows a taxonomic structure, differentiating the 5G functional pillars and corresponding cybersecurity risks. As part of cross collaboration, the security working group will also look into the security issues associated with other roadmap working groups within the IEEE Future Network Initiative.

The Internet of Things (IoT) is rapidly evolving, allowing physical items to share information and coordinate with other nodes, increasing IoT’s value and being widely applied to various applications. Radio Frequency Identification (RFID) is usually used in IoT applications to automate item identification by establishing symmetrical communication between the tag device and the reader. Because RFID reading data is typically in plain text, a security mechanism is required to ensure that the reading results from this RFID data remain confidential. Researchers propose a lightweight encryption algorithm framework for IoT-based RFID applications to address this security issue. Furthermore, this research assesses the implementation of lightweight encryption algorithms, such as Grain v1 and Espresso, as two systems scenarios. The Grain v1 encryption is the final eSTREAM project that accepts an 80-bit key, 64-bit IV, and has a 160-bit internal state with limited application. In contrast, the Espresso algorithm has been implemented in various applications such as 5G wireless communication. Furthermore, this paper tested the performance of each encryption algorithm in the microcontroller and inspected the network performance in an IoT system.

5G has received significant interest from commercial as well as defense industries. However, resiliency in 5G remains a major concern for its use in military and defense applications. In this paper, we explore physical layer resiliency enhancements for 5G and use narrow-band Internet of Things (NB-IoT) as a study case. Two physical layer modifications, frequency hopping, and direct sequence spreading, are analyzed from the standpoint of implementation and performance. Simulation results show that these techniques are effective to harden the resiliency of the physical layer to interference and jamming. A discussion of protocol considerations for 5G and beyond is provided based on the results.

While 5G Edge Computing along with IoT technology has transformed the future of healthcare data transmission, it presents security vulnerabilities and risks when transmitting patients' confidential information. Currently, there are very few reliable security solutions available for healthcare data that routes through SDN routers in 5G Edge Computing. These solutions do not provide cryptographic security from IoT sensor devices. In this paper, we studied how 5G edge computing integrated with IoT network helps healthcare data transmission for remote medical treatment, explored security risks associated with unsecured data transmission, and finally proposed a cryptographic end-to-end security solution initiated at IoT sensor devices and routed through SDN routers. Our proposed solution with cryptographic security initiated at IoT sensor goes through SDN control plane and data plane in 5G edge computing and provides an end-to-end secured communication from IoT device to doctor's office. A prototype built with two-layer encrypted communication has been lab tested with promising results. This analysis will help future security implementation for eHealth in 5G and beyond networks.

Software-Defined Networking (SDN) can be a good option to support Industry 4.0 (4IR) and 5G wireless networks. SDN can also be a secure networking solution that improves the security, capability, and programmability in the networks. In this paper, we present and analyze an SDN-based security architecture for 4IR with 5G. SDN is used for increasing the level of security and reliability of the network by suitably dividing the whole network into data, control, and applications planes. The SDN control layer plays a beneficial role in 4IR with 5G scenarios by managing the data flow properly. We also evaluate the performance of the proposed architecture in terms of key parameters such as data transmission rate and response time.

Mobile small cells that are enabled with Network Coding (NC) are seen as a potentially useful technique for Fifth Generation (5G) networks, since they can cover an entire city and can be put up on demand anywhere, any time, and on any device. Despite numerous advantages, significant security issues arise as a result of the fact that the NC-enabled mobile small cells are vulnerable to attacks. Intrusions are a severe security threat that exploits the inherent vulnerabilities of NC. In order to make NC-enabled mobile small cells to realize their full potential, it is essential to implement intrusion detection systems. When compared to homomorphic signature or hashing systems, homomorphic message authentication codes (MACs) provide safe network coding techniques with relatively smaller overheads. A number of research studies have been conducted with the goal of developing mobile small cells that are enabled with secure network coding and coming up with integrity protocols that are appropriate for such crowded situations. However, the intermediate nodes alter packets while they are in transit and hence the integrity of the data cannot be confirmed by using MACs and checksums. This research study has analyzed numerous intrusion detection models for NC enabled small cells. This research helps the scholars to get a brief idea about various intrusion detection models.

Vehicular networks are vulnerable to large scale attacks. Blockchain, implemented upon application layer, is recommended as one of the effective security and privacy solutions for vehicular networks. However, due to an increasing complexity of connected nodes, heterogeneous environment and rising threats, a robust security solution across multiple layers is required. Motivated by the Physical Layer Security (PLS) which utilizes physical layer characteristics such as channel fading to ensure reliable and confidential transmission, in this paper we analyze the impact of PLS on a blockchain-enabled vehicular network with two types of physical layer attacks, i.e., jamming and eavesdropping. Throughout the analysis, a Full Duplex Non-Orthogonal Multiple Access (FD-NOMA) based vehicle-to-everything (V2X) is considered to reduce interference caused by jamming and meet 5G communication requirements. Simulation results show enhanced goodput of a blockckchain enabled vehicular network integrated with PLS as compared to the same solution without PLS.

Physical Layer Security (PLS) is used to accomplish perfect secure communication between intended network nodes, while the eavesdropper gets zero information. In this paper, a smart antenna technology i.e., Massive multiple-input-multiple-output (mMIMO) and Non-Orthogonal Multiple Access (NOMA) technology is being used to enhance the secrecy performance of a 5G communication network. Small scale Rayleigh fading channels, as well as large scale pathway loss, have to be taken into consideration. An eavesdropper with multiple antennas, an amplify-and-forward (AF) relay with multi antenna has been proposed. Spider Monkey Algorithm (SMO) is used in adding Artificial Noise (AN) for refining secrecy rate. The findings revealed that the suggested technique improves the security and the quality of Wireless communication.

With the continuous development of the Internet, artificial intelligence, 5G and other technologies, various issues have started to receive attention, among which the network security issue is now one of the key research directions for relevant research scholars at home and abroad. This paper researches on the basis of traditional Internet technology to establish a security identification system on top of the network physical layer of the Internet, which can effectively identify some security problems on top of the network infrastructure equipment and solve the identified security problems on the physical layer. This experiment is to develop a security identification system, research and development in the network physical level of the Internet, compared with the traditional development of the relevant security identification system in the network layer, the development in the physical layer, can be based on the physical origin of the protection, from the root to solve part of the network security problems, can effectively carry out the identification and solution of network security problems. The experimental results show that the security identification system can identify some basic network security problems very effectively, and the system is developed based on the physical layer of the Internet network, and the protection is carried out from the physical device, and the retransmission symbol error rates of CQ-PNC algorithm and ML algorithm in the experiment are 110 and 102, respectively. The latter has a lower error rate and better protection.

5G network slicing plays a key role in the smart grid business. The existing authentication schemes for 5G slicing in smart grids require high computing costs, so they are time-consuming and do not fully consider the security of authentication. Aiming at the application scenario of 5G smart grid, this paper proposes an identity-based lightweight secondary authentication scheme. Compared with other well-known methods, in the protocol interaction of this paper, both the user Ui and the grid server can authenticate each other's identities, thereby preventing illegal users from pretending to be identities. The grid user Ui and the grid server can complete the authentication process without resorting to complex bilinear mapping calculations, so the computational overhead is small. The grid user and grid server can complete the authentication process without transmitting the original identification. Therefore, this scheme has the feature of anonymous authentication. In this solution, the authentication process does not require infrastructure such as PKI, so the deployment is simple. Experimental results show that the protocol is feasible in practical applications

5G has significantly facilitated the development of attractive applications such as autonomous driving and telemedicine due to its lower latency, higher data rates, and enormous connectivity. However, there are still some security and privacy issues in 5G, such as network slicing privacy and flexibility and efficiency of network slicing selection. In the smart grid scenario, this paper proposes a 5G slice selection security scheme based on the Pohlig-Hellman algorithm, which realizes the protection of slice selection privacy data between User i(Ui) and Access and Mobility Management function (AMF), so that the data will not be exposed to third-party attackers. Compared with other schemes, the scheme proposed in this paper is simple in deployment, low in computational overhead, and simple in process, and does not require the help of PKI system. The security analysis also verifies that the scheme can accurately protect the slice selection privacy data between Ui and AMF.

To fulfill different requirements from various services, the smart grid typically uses 5G network slicing technique for splitting the physical network into multiple virtual logical networks. By doing so, end users in smart grid can select appropriate slice that is suitable for their services. Privacy has vital significance in network slicing selection, since both the end user and the network entities are afraid that their sensitive slicing features are leaked to an adversary. At the same time, in the smart grid, there are many low-power users who are not suitable for complex security schemes. Therefore, both security and efficiency are basic requirements for 5G slicing selection schemes. Considering both security and efficiency, we propose a 5G slicing selection security scheme based on matching degree estimation, called SS-MDE. In SS-MDE, a set of random numbers is used to hide the feature information of the end user and the AMF which can provide privacy protection for exchanged slicing features. Moreover, the best matching slice is selected by calculating the Euclid distance between two slices. Since the algorithms used in SS-MDE include only several simple mathematical operations, which are quite lightweight, SS-MDE can achieve high efficiency. At the same time, since third-party attackers cannot extract the slicing information, SS-MDE can fulfill security requirements. Experimental results show that the proposed scheme is feasible in real world applications.

Confidentiality and integrity security are the key challenges in future 5G networks. To encounter these challenges, various signature and key agreement protocols are being implemented in 5G systems to secure high-speed mobile-to-mobile communication. Many security ciphers such as SNOW 3G, Advanced Encryption Standard (AES), and ZUC are used for 5G security. Among these protocols, the AES algorithm has been shown to achieve higher hardware efficiency and throughput in the literature. In this paper, we implement the AES algorithm on Field Programmable Gate Array (FPGA) and real-time performance factors of the AES algorithm were exploited to best fit the needs and requirements of 5G. In addition, several modifications such as partial pipelining and deep pipelining (partial pipelining with sub-module pipelining) are implemented on Virtex 6 FPGA ML60S board to improve the throughput of the proposed design.

As the voucher for identity, digital certificates and the public key infrastructure (PKI) system have always played a vital role to provide the authentication services. In recent years, with the increase in attacks on traditional centralized PKIs and the extensive deployment of blockchains, researchers have tried to establish blockchain-based secure decentralized PKIs and have made significant progress. Although blockchain enhances security, it brings new problems in scalability due to the inherent limitations of blockchain’s data structure and consensus mechanism, which become much severe for the massive access in the era of 5G and B5G. In this paper, we propose ScalaCert to mitigate the scalability problems of blockchain-based PKIs by utilizing redactable blockchain for "on-cert" revocation. Specifically, we utilize the redactable blockchain to record revocation information directly on the original certificate ("on-cert") and remove additional data structures such as CRL, significantly reducing storage overhead. Moreover, the combination of redactable and consortium blockchains brings a new kind of attack called deception of versions (DoV) attack. To defend against it, we design a random-block-node-check (RBNC) based freshness check mechanism. Security and performance analyses show that ScalaCert has sufficient security and effectively solves the scalability problem of the blockchain-based PKI system.

In recent years, the need for seamless connectivity has increased across various network platforms with demands coming from industries, home, mobile, transportation and office networks. The 5th generation (5G) network is being deployed to meet such demand of high-speed seamless network device connections. The seamless connectivity 5G provides could be a security threat allowing attacks such as distributed denial of service (DDoS) because attackers might have easy access into the network infrastructure and higher bandwidth to enhance the effects of the attack. The aim of this research is to provide a security solution for 5G technology to DDoS attacks by managing the response to threats posed by DDoS. Deploying a security policy language which is reactive and event-oriented fits into a flexible, efficient, and lightweight security approach. A policy in our language consists of an event whose occurrence triggers a policy rule where one or more actions are taken.

Machine Learning (ML) and Artificial Intelligence (AI) techniques are widely adopted in the telecommunication industry, especially to automate beyond 5G networks. Federated Learning (FL) recently emerged as a distributed ML approach that enables localized model training to keep data decentralized to ensure data privacy. In this paper, we identify the applicability of FL for securing future networks and its limitations due to the vulnerability to poisoning attacks. First, we investigate the shortcomings of state-of-the-art security algorithms for FL and perform an attack to circumvent FoolsGold algorithm, which is known as one of the most promising defense techniques currently available. The attack is launched with the addition of intelligent noise at the poisonous model updates. Then we propose a more sophisticated defense strategy, a threshold-based clustering mechanism to complement FoolsGold. Moreover, we provide a comprehensive analysis of the impact of the attack scenario and the performance of the defense mechanism.

Unmanned Aerial Vehicles (UAVs) are drawing enormous attention in both commercial and military applications to facilitate dynamic wireless communications and deliver seamless connectivity due to their flexible deployment, inherent line-of-sight (LOS) air-to-ground (A2G) channels, and high mobility. These advantages, however, render UAV-enabled wireless communication systems susceptible to eavesdropping attempts. Hence, there is a strong need to protect the wireless channel through which most of the UAV-enabled applications share data with each other. There exist various error correction techniques such as Low Density Parity Check (LDPC), polar codes that provide safe and reliable data transmission by exploiting the physical layer but require high transmission power. Also, the security gap achieved by these error-correction techniques must be reduced to improve the security level. In this paper, we present deep learning (DL) enabled punctured LDPC codes to provide secure and reliable transmission of data for UAVs through the Additive White Gaussian Noise (AWGN) channel irrespective of the computational power and channel state information (CSI) of the Eavesdropper. Numerical result analysis shows that the proposed scheme reduces the Bit Error Rate (BER) at Bob effectively as compared to Eve and the Signal to Noise Ratio (SNR) per bit value of 3.5 dB is achieved at the maximum threshold value of BER. Also, the security gap is reduced by 47.22 % as compared to conventional LDPC codes.

Physical layer security has gained importance with the widespread use of wireless communication systems. Multiantenna systems and multi-point transmission techniques in 5G and beyond are promising techniques not only for enhancing data rates, but also physical layer security. Coordinated multipoint transmission is used for enhancing the service quality and decreasing inter-cell interference especially for cell-edge users. In this study, analysis of physical layer security enhancement via multi-antenna technologies and coordinated multi-point for 5G and beyond networks is provided. The proposed scheme is evaluated on calculations from real-life mobile network topologies. As a figure of performance, the secure and successful detection probability is computed with varying antenna array size, number of coordinated transmission points, and different service requirements.