The fast-paced growth of 5G networks, along with the emergence of 6G technology, has emphasized the crucial importance of strong security measures to safeguard communication infrastructures. A key security issue in 5G data networks is Distributed Denial-of-Service (DDoS) at tacks, which specifically target the GTP-based protocol which is a significant threat. However, network telemetry data provides a rich source of information about the nature of network traffic, which can be used to detect and predict DDoS attacks. We propose a novel framework for collecting and processing large amounts of telemetry data in 5G networks leveraging state-of-the-art technologies, including data-plane programmability in P4-based User-Plane Function (UPF) and Data Processing Unit (DPU). Furthermore, we propose an anomaly-detection method for performing live deep learning analysis on network traffic using a Convolutional Neural Network (CNN) to detect DDoS attacks. Our results demonstrate the effectiveness of our framework, achieving an impressive 98.6% accuracy and 98% F1-score.
5GDAD: A Deep Learning Approach for DDoS Attack Detection in 5G P4-based UPF
Bakar, Rana Abu;Alhamed, Faris;Castoldi, Piero;Sgambelluri, Andrea;Olmos, Juan Jose Vegas;Cugini, Filippo;Paolucci, Francesco
2024-01-01
Abstract
The fast-paced growth of 5G networks, along with the emergence of 6G technology, has emphasized the crucial importance of strong security measures to safeguard communication infrastructures. A key security issue in 5G data networks is Distributed Denial-of-Service (DDoS) at tacks, which specifically target the GTP-based protocol which is a significant threat. However, network telemetry data provides a rich source of information about the nature of network traffic, which can be used to detect and predict DDoS attacks. We propose a novel framework for collecting and processing large amounts of telemetry data in 5G networks leveraging state-of-the-art technologies, including data-plane programmability in P4-based User-Plane Function (UPF) and Data Processing Unit (DPU). Furthermore, we propose an anomaly-detection method for performing live deep learning analysis on network traffic using a Convolutional Neural Network (CNN) to detect DDoS attacks. Our results demonstrate the effectiveness of our framework, achieving an impressive 98.6% accuracy and 98% F1-score.File | Dimensione | Formato | |
---|---|---|---|
5GDAD_A_Deep_Learning_Approach_for_DDoS_Attack_Detection_in_5G_P4-based_UPF.pdf
accesso aperto
Descrizione: 5GDAD_A_Deep_Learning_Approach_for_DDoS_Attack_Detection_in_5G_P4-based_UPF.pdf
Tipologia:
PDF Editoriale
Licenza:
Dominio pubblico
Dimensione
701.81 kB
Formato
Adobe PDF
|
701.81 kB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.