ArticlePDF Available

Abstract and Figures

The ETSI's Zero touch network and Service Management (ZSM) framework is a prominent initiative to tame the envisioned complexity in operating and managing 5G and beyond networks. To this end, the ZSM framework promotes the shift toward full Automation of Network and Service Management and Operation (ANSMO) by leveraging the flexibility of SDN/NFV technologies along with Artificial Intelligence, combined with the portability and reusability of model-driven, open interfaces. Besides its benefits, each leveraged enabler will bring its own security threats, which should be carefully tackled to make the ANSMO vision a reality. This paper introduces the ZSM's potential attack surface and recommends possible mitigation measures along with some research directions to safeguard ZSM system security.
Content may be subject to copyright.
A preview of the PDF is not available
... It will benefit system operators and stakeholders who are not technically sound in AI/ML. In E2E slicing and ZSM [3], [69] security of AI/ML components are used in integral parts of the system architecture. For example, the ZSM's E2E service intelligence enables decisionmaking based on data collected in the domain and standard data services. ...
... In [3] a range of attacks that are possible in the threat surface of ZSM on various network aspects is discussed. The E2E service intelligence offered by the ZSM enables decisionmaking and forecasting capabilities. ...
... Furthermore, API based attacks such as parameter attacks, identity attacks, MITM, and DDoS attacks; Intent-based interface threats like information exposure, undesirable configuration, and abnormal behavior; threats on closed-loop automation control systems such as deception attacks; AI/ML system target attacks such as poisoning attacks and evasion attacks; threats on Programmable Network Technologies such as DoS, privilege escalation, malformed control message injection, eavesdropping, flooding and introspection attacks are some of the attack vectors emphasized in the threat surface of ZSM. The authors of [3] have proposed a range of solutions for these attacks, such as adversarial training, input validation, defensive distillation, defense Generative Adversarial Networks (GANs), and concept drift. They further elaborate on the efficacy of defense GANs against the white box and black-box attacks. ...
Full-text available
Preprint
With the advent of 5G commercialization, the need for more reliable, faster, and intelligent telecommunication systems are envisaged for the next generation beyond 5G (B5G) radio access technologies. Artificial Intelligence (AI) and Machine Learning (ML) are not just immensely popular in the service layer applications but also have been proposed as essential enablers in many aspects of B5G networks, from IoT devices and edge computing to cloud-based infrastructures. However, most of the existing surveys in B5G security focus on the performance of AI/ML models and their accuracy, but they often overlook the accountability and trustworthiness of the models' decisions. Explainable AI (XAI) methods are promising techniques that would allow system developers to identify the internal workings of AI/ML black-box models. The goal of using XAI in the security domain of B5G is to allow the decision-making processes of the security of systems to be transparent and comprehensible to stakeholders making the systems accountable for automated actions. In every facet of the forthcoming B5G era, including B5G technologies such as RAN, zero-touch network management, E2E slicing, this survey emphasizes the role of XAI in them and the use cases that the general users would ultimately enjoy. Furthermore, we presented the lessons learned from recent efforts and future research directions on top of the currently conducted projects involving XAI.
... Therefore, the privacy issues related with AI may affect the IBN decision making process. The intentbased interfaces in ZSM can carry information about the desires of the application, including the peer connections, network traffic regulation and advertising services, which may expose important information [61]. The closed-loop automation is also at risk of getting influenced by attackers by observing, creating, or hiding information in the network channel [61]. ...
... The intentbased interfaces in ZSM can carry information about the desires of the application, including the peer connections, network traffic regulation and advertising services, which may expose important information [61]. The closed-loop automation is also at risk of getting influenced by attackers by observing, creating, or hiding information in the network channel [61]. Therefore, if this network channel handles sensitive or private data, owners are at risk of the data being observed or stolen. ...
Full-text available
Article
Massive developments in mobile wireless telecommunication networks have been made during the last few decades. At present, mobile users are getting familiar with the latest 5G networks, and the discussion for the next generation of Beyond 5G (B5G)/6G networks has already been initiated. It is expected that B5G/6G will push the existing network capabilities to the next level, with higher speeds, enhanced reliability and seamless connectivity. To make these expectations a reality, research is progressing on new technologies, architectures, and intelligence-based decision-making processes related to B5G/6G. Privacy considerations are a crucial aspect that requires further attention in such developments, as billions of people and devices will be transmitting data through the upcoming network. However, the main recognition remains biased towards the network security. A discussion focused on privacy of B5G/6G is lacking at the moment. To address the gap, this paper provides a comprehensive survey on privacy-related aspects of B5G/6G networks. First, it discusses a taxonomy of different privacy perspectives. Based on the taxonomy, the paper then conceptualizes a set of challenges that appear as barriers to reach privacy preservation. Next, this work provides a set of solutions applicable to the proposed architecture of B5G/6G networks to mitigate the challenges. It also provides an overview of standardization initiatives for privacy preservation. Finally, the paper concludes with a roadmap of future directions, which will be an arena for new research towards privacy-enhanced B5G/6G networks. This work provides a basis for privacy aspects that will significantly impact peoples' daily lives when using these future networks.
... While there have been numerous suggested approaches that leverage ML for generic security related network functions [20], [21], few recent publications put these in the context of ZTM frameworks. Benzaid et al. [72], [72] reference a few potentially suitable ML-based approaches when discussing ZSM security threats, challenges, mitigation measures and other best practices. ETSI recently published a comprehensive study on security aspects and risks relating to the ZSM architecture [73]. ...
... While there have been numerous suggested approaches that leverage ML for generic security related network functions [20], [21], few recent publications put these in the context of ZTM frameworks. Benzaid et al. [72], [72] reference a few potentially suitable ML-based approaches when discussing ZSM security threats, challenges, mitigation measures and other best practices. ETSI recently published a comprehensive study on security aspects and risks relating to the ZSM architecture [73]. ...
... This study provides an overview of the vulnerabilities that might be exploited in a ZSM system, as well as mitigation strategies and future research needs for ensuring the security of ZSM infrastructure. [16] Xiong, et al. (2019) looked principles, applications, and challenges of deep reinforcement learning for 5G mobile networks and beyond. In the following, we take a look at a range of related studies that use deep reinforcement learning to address issues afflicting 5G networks. ...
Full-text available
Article
Need of security enhancement for 5G network has been increased in last decade. Data transmitted over network need to be secure from external attacks. Thus there is need to enhance the security during data transmission over 5G network. There remains different security system that focus on identification of attacks. In order to identify attack different machine learning mechanism are considered. But the issue with existing research work is limited security and performance issue. There remains need to enhance security of 5G network. To achieve this objective hybrid mechanism are introduced. Different treats such as Denial-of-Service, Denial-of-Detection, Unfair use or resources are classified using enhanced machine learning approach. Proposed work has make use of LSTM model to improve accuracy during decision making and classification of attack of 5G network. Research work is considering accuracy parameters such as Recall, precision and F-Score to assure the reliability of proposed model. Simulation results conclude that proposed model is providing better accuracy as compared to conventional model.
... In [207], the author presented the Self-Evolving Network (SEN) foundation for sustainable 6G networks, based on the Intuitive Vertical Hybrid Networks. In addition, the authors of [208] also looked into prospective Zero Service Management (ZSM) assaults, such as cyberattacks on open Application Programming Interfaces (APIs), risks to intent-based interfaces, and concerns with closed automation. ...
Full-text available
Article
Recent technological breakthroughs and significant expansion in the number of Internet-of-Things (IoT) devices, a new paradigm of unparalleled user experiences, dramatically improved a host of innovative applications, and the emergence of various use cases has begun. To achieve this, a much better adaptable communication network architecture is required, one that is exceptionally intelligent and capable of providing hyper-fast, ultra-reliable, and low-latency communications. These needs of the next-generation wireless communication systems are expected to be met by sixth-generation (6G) communication technologies. The standardization process for fifth-generation is now complete, and the worldwide installation has begun. To keep cellular networks competitive, a collaboration between industry and academics has already commenced in designing the next phase called “6G” in communication networks. It provides the groundwork for layering the communication demands arising in the 2030s. 6G perception, services, technology, and standardization are all hot topics in academics and industries. In pursuit of this ambition, this paper outlines the most prospective avenues of 6G research from current literature. In this investigation, the paper highly focuses on state-of-art driving factors and technological developments propelling the 6G revolution. In this study, emerging applications and requirements are also discussed in depth. Then, to provide a perspective on the global aspect of 6G development, the frameworks for existing and ongoing research projects and activities, including standardization efforts, are reviewed. Finally, specific issues have been incorporated to give new insight into future development approaches towards 6G based on developing demands in the coming years.
... Artificial Intelligence (AI) and Machine Learning (ML) algorithms play a vital role to bring out the functionalities of closed loop operations running in the ZSM architecture [3]. The security considerations can be directly applicable with the general ZSM architecture and the security closed loop operations for attack detection, security analytics, cyber threat intelligence for attack mitigation or prevention, security orchestration and security policy updates [4]. ...
Full-text available
Conference Paper
Network automation is a necessity in order to meet the unprecedented demand in the future networks and zero touch network architecture is proposed to cater such requirements. Closed-loop and artificial intelligence are key enablers in this proposed architecture in critical elements such as security. Apart from the arising privacy concerns, machine learning models can also face resource limitations. Federated learning is a machine learning based techniques which address both privacy and communication efficiency issues. Therefore, we propose a federated learning based model incorporating ZSM architecture for network automation. The paper also contains the simulations and its results of the proposed multi-stage federated learning based which use UNSW-NB15 Dataset.
Chapter
This chapter provides an overview of key technologies in future sixth‐generation (6G) wireless systems. It presents important 6G radio network technologies, including terahertz (THz) communications and nonterrestrial networks toward 3D networking. THz band channel is highly frequency‐selective. These channels suffer from high atmospheric absorption, atmospheric attenuation, and free‐space path loss. Thanks to distinctive features and remarkable abilities, Artificial Intelligence (AI) has various applications in wireless and mobile networking. With 6G being envisioned to have AI/Machine Learning at its core, the role of AI/Federated Learning becomes important to 6G. The last couple of years have witnessed the rise of Distributed Ledger Technologies (DLT), in particular, blockchain technology. DLT is envisioned to unlock the doors to the decentralized future by overcoming the well‐known impediments of centralized systems. One of the very first edge computing concepts, the so‐called cloudlet, was proposed in 2009.
Chapter
Sixth‐generation (6G) is envisaged to rely on the advancements of Artificial Intelligence and data analytics to provide personalized and fully automated seamless communication services. However, this may lead to several security and privacy issues and concerns. This chapter discusses the security threat landscape of future 6G networks. In the fifth‐generation (5G) architecture, security and privacy threats are caused at access, backhaul, and core networks. Cyberware and critical infrastructure threats, network functions virtualization and software‐defined networking‐related threats, and cloud computing‐related threats are the most common security issues in 5G. The chapter discusses the security considerations, 6G security vision, and the potential security Key Performance Indicators. It describes the security landscape for the envisioned 6G architecture which is classified into four key areas such as functional architecture, edge intelligence and cloudification, specialized subnetworks, and network management and orchestration.
Full-text available
Article
The foreseen complexity in operating and managing 5G and beyond networks has propelled the trend toward closed-loop automation of network and service management operations. To this end, the ETSI Zero-touch network and Service Management (ZSM) framework is envisaged as a next-generation management system that aims to have all operational processes and tasks executed automatically, ideally with 100 percent automation. Artificial Intelligence (AI) is envisioned as a key enabler of self-managing capabilities, resulting in lower operational costs, accelerated time-tovalue and reduced risk of human error. Nevertheless, the growing enthusiasm for leveraging AI in a ZSM system should not overlook the potential limitations and risks of using AI techniques. The current paper aims to introduce the ZSM concept and point out the AI-based limitations and risks that need to be addressed in order to make ZSM a reality.Abstract
Full-text available
Article
The rapid uptake of mobile devices and the rising popularity of mobile applications and services pose unprecedented demands on mobile and wireless networking infrastructure. Upcoming 5G systems are evolving to support exploding mobile traffic volumes, agile management of network resource to maximize user experience, and extraction of fine-grained real-time analytics. Fulfilling these tasks is challenging, as mobile environments are increasingly complex, heterogeneous, and evolving. One potential solution is to resort to advanced machine learning techniques to help managing the rise in data volumes and algorithm-driven applications. The recent success of deep learning underpins new and powerful tools that tackle problems in this space. In this paper we bridge the gap between deep learning and mobile and wireless networking research, by presenting a comprehensive survey of the crossovers between the two areas. We first briefly introduce essential background and state-of-the-art in deep learning techniques with potential applications to networking. We then discuss several techniques and platforms that facilitate the efficient deployment of deep learning onto mobile systems. Subsequently, we provide an encyclopedic review of mobile and wireless networking research based on deep learning, which we categorize by different domains. Drawing from our experience, we discuss how to tailor deep learning to mobile environments. We complete this survey by pinpointing current challenges and open future directions for research.
Full-text available
Article
This paper proposes adversarial attacks for Reinforcement Learning (RL) and then improves the robustness of Deep Reinforcement Learning algorithms (DRL) to parameter uncertainties with the help of these attacks. We show that even a naively engineered attack successfully degrades the performance of DRL algorithm. We further improve the attack using gradient information of an engineered loss function which leads to further degradation in performance. These attacks are then leveraged during training to improve the robustness of RL within robust control framework. We show that this adversarial training of DRL algorithms like Deep Double Q learning and Deep Deterministic Policy Gradients leads to significant increase in robustness to parameter variations for RL benchmarks such as Cart-pole, Mountain Car, Hopper and Half Cheetah environment.
Full-text available
Conference Paper
Machine learning (ML) models may be deemed confidential due to their sensitive training data, commercial value, or use in security applications. Increasingly often, confidential ML models are being deployed with publicly accessible query interfaces. ML-as-a-service ("predictive analytics") systems are an example: Some allow users to train models on potentially sensitive data and charge others for access on a pay-per-query basis. The tension between model confidentiality and public access motivates our investigation of model extraction attacks. In such attacks, an adversary with black-box access, but no prior knowledge of an ML model's parameters or training data, aims to duplicate the functionality of (i.e., "steal") the model. Unlike in classical learning theory settings, ML-as-a-service offerings may accept partial feature vectors as inputs and include confidence values with predictions. Given these practices, we show simple, efficient attacks that extract target ML models with near-perfect fidelity for popular model classes including logistic regression, neural networks, and decision trees. We demonstrate these attacks against the online services of BigML and Amazon Machine Learning. We further show that the natural countermeasure of omitting confidence values from model outputs still admits potentially harmful model extraction attacks. Our results highlight the need for careful ML model deployment and new model extraction countermeasures.
Article
Emerging software defined network (SDN) stacks have introduced an entirely new attack surface that is exploitable from a wide range of launch points. Through an analysis of the various attack strategies reported in prior work, and through our own efforts to enumerate new and variant attack strategies, we have gained two insights. First, we observe that different SDN controller implementations, developed independently by different groups, seem to manifest common sets of pitfalls and design weakness that enable the extensive set of attacks compiled in this paper. Second, through a principled exploration of the underlying design and implementation weaknesses that enables these attacks, we introduce a taxonomy to offer insight into the common pitfalls that enable SDN stacks to be broken or destabilized when fielded within hostile computing environments. This paper first captures our understanding of the SDN attack surface through a comprehensive survey of existing SDN attack studies, which we extend by enumerating 12 new vectors for SDN abuse. We then organize these vulnerabilities within the well-known confidentiality, integrity, and availability model, assess the severity of these attacks by replicating them in a physical SDN testbed, and evaluate them against three popular SDN controllers. We also evaluate the impact of these attacks against published SDN defense solutions. Finally, we abstract our findings to offer the research and development communities with a deeper understanding of the common design and implementation pitfalls that are enabling the abuse of SDN networks.
Conference Paper
Machine-learning (ML) algorithms are increasingly utilized in privacy-sensitive applications such as predicting lifestyle choices, making medical diagnoses, and facial recognition. In a model inversion attack, recently introduced in a case study of linear classifiers in personalized medicine by Fredrikson et al., adversarial access to an ML model is abused to learn sensitive genomic information about individuals. Whether model inversion attacks apply to settings outside theirs, however, is unknown. We develop a new class of model inversion attack that exploits confidence values revealed along with predictions. Our new attacks are applicable in a variety of settings, and we explore two in depth: decision trees for lifestyle surveys as used on machine-learning-as-a-service systems and neural networks for facial recognition. In both cases confidence values are revealed to those with the ability to make prediction queries to models. We experimentally show attacks that are able to estimate whether a respondent in a lifestyle survey admitted to cheating on their significant other and, in the other context, show how to recover recognizable images of people's faces given only their name and access to the ML model. We also initiate experimental exploration of natural countermeasures, investigating a privacy-aware decision tree training algorithm that is a simple variant of CART learning, as well as revealing only rounded confidence values. The lesson that emerges is that one can avoid these kinds of MI attacks with negligible degradation to utility.
Conference Paper
In security-sensitive applications, the success of machine learning depends on a thorough vetting of their resistance to adversarial data. In one pertinent, well-motivated attack scenario, an adversary may attempt to evade a deployed system at test time by carefully manipulating attack samples. In this work, we present a simple but effective gradient-based approach that can be exploited to systematically assess the security of several, widely-used classification algorithms against evasion attacks. Following a recently proposed framework for security evaluation, we simulate attack scenarios that exhibit different risk levels for the classifier by increasing the attacker’s knowledge of the system and her ability to manipulate attack samples. This gives the classifier designer a better picture of the classifier performance under evasion attacks, and allows him to perform a more informed model selection (or parameter setting). We evaluate our approach on the relevant security task of malware detection in PDF files, and show that such systems can be easily evaded. We also sketch some countermeasures suggested by our analysis.
Conference Paper
Machine learning systems offer unparalled flexibility in dealing with evolving input in a variety of applications, such as intrusion detection systems and spam e-mail filtering. However, machine learning algorithms themselves can be a target of attack by a malicious adversary. This paper provides a framework for answering the question, "Can machine learning be secure?" Novel contributions of this paper include a taxonomy of different types of attacks on machine learning techniques! and systems, a variety of defenses against those attacks, a discussion of ideas that are important to security for machine learning, an analytical model giving a lower bound on attacker's work function, and a list of open, problems.