An information security monitoring and management system for 5G and 6G Networks based on SDN/NFV

TL;DR

This paper proposes an SDN/NFV-based security monitoring system for 5G and 6G networks, featuring efficient traffic filtering, load balancing, and fault tolerance to enhance network security management.

Contribution

It introduces a novel traffic filtering method using DPDK and LPM, and develops a load balancing algorithm for SDN controllers in 5G/6G security systems.

Findings

Traffic filtering achieves processing of 8 million packets/sec per CPU core.

The load balancing algorithm ensures optimal sensor grouping with fault tolerance.

The system enhances security monitoring efficiency in next-generation networks.

Abstract

An approach to using the concept of Software-Defined Networking and Network Functions Virtualization (SDN/NFV) for the implementation of an information security monitoring and management system in 5G and 6G networks is proposed. SDN switches based on the OpenFlow protocol are offered as network sensors. In order to reduce the time for finding a subset of the right rules in the vast array of all rules on traffic filtering systems that are logically located on sensors, a method of processing and filtering traffic in 5G and 6G transport networks is proposed. This method is based on DPDK with the LPM algorithm and is capable of processing up to 8 megapackets per second on 1 CPU core; the packet processing takes O(1), which is significantly lower than with similar algorithms. The managing subsystem consists of regional monitoring centres and a main one. The main Monitoring Centre includes a main cluster of SDN controllers along with Active/Active redundancy scheme. The regional centres represent SDN software controllers that manage locally subordinate sensors. All the managing centres are interconnected via the Transport subsystem and form a network. An algorithm for network sensor load balancing between SDN controllers has been developed in order to provide fault tolerance, load balancing and network connectivity. The algorithm results in a set of optimal sensor groups with total load not exceeding the maximum capacity of the SDN controllers.