Attacking Slicing Network via Side-channel Reinforcement Learning Attack

TL;DR

This paper presents a reinforcement learning-based side-channel cache attack framework targeting network slicing in 5G/6G, demonstrating high success rates in identifying sensitive data locations and exposing security vulnerabilities in shared infrastructure.

Contribution

It introduces a novel RL-driven cache attack method specifically designed for network slicing environments, outperforming traditional approaches in accuracy and adaptability.

Findings

Achieves 95-98% success rate in locating sensitive data

Demonstrates vulnerability of shared network slices to RL-based cache attacks

Highlights the need for enhanced security measures in network slicing

Abstract

Network slicing in 5G and the future 6G networks will enable the creation of multiple virtualized networks on a shared physical infrastructure. This innovative approach enables the provision of tailored networks to accommodate specific business types or industry users, thus delivering more customized and efficient services. However, the shared memory and cache in network slicing introduce security vulnerabilities that have yet to be fully addressed. In this paper, we introduce a reinforcement learning-based side-channel cache attack framework specifically designed for network slicing environments. Unlike traditional cache attack methods, our framework leverages reinforcement learning to dynamically identify and exploit cache locations storing sensitive information, such as authentication keys and user registration data. We assume that one slice network is compromised and demonstrate how the attacker can induce another shared slice to send registration requests, thereby estimating the cache locations of critical data. By formulating the cache timing channel attack as a reinforcement learning-driven guessing game between the attack slice and the victim slice, our model efficiently explores possible actions to pinpoint memory blocks containing sensitive information. Experimental results showcase the superiority of our approach, achieving a success rate of approximately 95\% to 98\% in accurately identifying the storage locations of sensitive data. This high level of accuracy underscores the potential risks in shared network slicing environments and highlights the need for robust security measures to safeguard against such advanced side-channel attacks.