Security-as-a-Function for IDS/IPS in Softwarized Network and Applications to 5G Network Systems

TL;DR

This paper proposes a security-as-a-function approach for deploying IDS/IPS as virtualized network functions in 5G networks, demonstrating their effectiveness in protecting against DoS and DDoS attacks while maintaining QoS.

Contribution

It introduces a virtualized IDS/IPS framework for 5G core networks, including implementation details and performance evaluation in softwarized environments.

Findings

Virtualized IDS/IPS can meet 5G QoS requirements

The approach effectively safeguards against DoS and DDoS attacks

Performance evaluations show acceptable latency and throughput

Abstract

The service-based architecture of 5G network allows network operators to place virtualized network functions on commodity hardware, unlike the traditional vendor-specific hardware-based functionalities. However, it expands the security vulnerabilities and threats to the 5G network. While there exist several theoretical studies on network function placement and service routing, a few focused on the security aspects of the 5G network systems. This paper focuses on safeguarding the 5G core network systems from DoS and DDoS attacks by placing intrusion detection and prevention systems (IDS-IPS) as virtualized network functions following the 5G standalone architecture. To ensure the virtualized placement of IDS-IPS, first, we provide thorough virtual machine (VM)-based and containerized implementation details and evaluate the network performance with two scenarios, IDS and IPS, in the presence of TCP and UDP applications. Second, we apply the VM-based implementation of IDS-IPS on a softwarized 5G core network and study the network performances. The experiment results on network throughput, latency, and packet drop reveal that the softwarized IDS-IPS can meet the QoS requirements of 5G applications, while safeguarding the network from DoS and DDoS attacks.