The expansion of 5G-enabled Internet of Things(IoT)networks,while enabling transformative applications,significantly increases the attack surface and necessitates security solutions that extend beyond traditional intr...The expansion of 5G-enabled Internet of Things(IoT)networks,while enabling transformative applications,significantly increases the attack surface and necessitates security solutions that extend beyond traditional intrusion detection.Existing intrusion detection systems(IDSs)mainly operate in an open-loop manner,excelling at classification but lacking the ability for autonomous,safety-aware remediation.This gap is particularly critical in 5G environments,where manual intervention is too slow and naive automation can lead to severe service disruptions.To address this issue,we propose a novel Self-Healing Intrusion Detection System(SH-IDS)framework that develops a closed-loop cyber defense mechanism.The main technical contribution is the integration of a deep neural networkbased threat detector,which offers uncertainty-quantified predictions,with a safety-aware reinforcement learning(RL)engine formulated as a Constrained Markov Decision Process(CMDP).The CMDP explicitly models operational safety as cost constraints,and a new runtime safety shield actively adjusts any unsafe action proposed by the RL agent to the nearest safe alternative,ensuring operational integrity.Additionally,we introduce a composite utility function for the comprehensive evaluation of the system.Empirical analysis on the 5G-NIDD dataset demonstrates the superior performance of our framework:the detector achieves 98.26%accuracy,while the safe RL agent learns effective mitigation policies.Importantly,the safety shield blocked up to 70 unsafe actions under strict constraints,and analysis of the learned Q-tables confirms that the agent internalizes safety,avoiding overly disruptive actions,such as isolating nodes for minor threats.The system also maintains high efficiency with a compact model size of 121.7 KB and sub-millisecond latency,confirming its practical deployability for real-time 5G-IoT security.展开更多
The 5G and satellite converged communication network(5G SCCN)is an impor⁃tant component of the integration of satellite-terrestrial networks,the national science,and technology major projects towards 2030.Security is ...The 5G and satellite converged communication network(5G SCCN)is an impor⁃tant component of the integration of satellite-terrestrial networks,the national science,and technology major projects towards 2030.Security is the key to ensuring its operation,but at present,the research in this area has just started in our country.Based on the network char⁃acteristics and security risks,we propose the security architecture of the 5G SCCN and sys⁃tematically sort out the key protection technologies and improvement directions.In particu⁃lar,unique thinking on the security of lightweight data communication and design reference for the 5G SCCN network architecture is presented.It is expected to provide a piece of refer⁃ence for the follow-up 5G SCCN security technology research,standard evolution,and indus⁃trialization.展开更多
With the rapid advancement of mobile communication networks,key technologies such as Multi-access Edge Computing(MEC)and Network Function Virtualization(NFV)have enhanced the quality of service for 5G users but have a...With the rapid advancement of mobile communication networks,key technologies such as Multi-access Edge Computing(MEC)and Network Function Virtualization(NFV)have enhanced the quality of service for 5G users but have also significantly increased the complexity of network threats.Traditional static defense mechanisms are inadequate for addressing the dynamic and heterogeneous nature of modern attack vectors.To overcome these challenges,this paper presents a novel algorithmic framework,SD-5G,designed for high-precision intrusion detection in 5G environments.SD-5G adopts a three-stage architecture comprising traffic feature extraction,elastic representation,and adaptive classification.Specifically,an enhanced Concrete Autoencoder(CAE)is employed to reconstruct and compress high-dimensional network traffic features,producing compact and expressive representations suitable for large-scale 5G deployments.To further improve accuracy in ambiguous traffic classification,a Residual Convolutional Long Short-Term Memory model with an attention mechanism(ResCLA)is introduced,enabling multi-level modeling of spatial–temporal dependencies and effective detection of subtle anomalies.Extensive experiments on benchmark datasets—including 5G-NIDD,CIC-IDS2017,ToN-IoT,and BoT-IoT—demonstrate that SD-5G consistently achieves F1 scores exceeding 99.19%across diverse network environments,indicating strong generalization and real-time deployment capabilities.Overall,SD-5G achieves a balance between detection accuracy and deployment efficiency,offering a scalable,flexible,and effective solution for intrusion detection in 5G and next-generation networks.展开更多
The open nature and heterogeneous architecture of Open Radio Access Network(Open RAN)undermine the consistency of security policies and broaden the attack surface,thereby increasing the risk of security vulnerabilitie...The open nature and heterogeneous architecture of Open Radio Access Network(Open RAN)undermine the consistency of security policies and broaden the attack surface,thereby increasing the risk of security vulnerabilities.The dynamic nature of network performance and traffic patterns in Open RAN necessitates advanced detection models that can overcome the constraints of traditional techniques and adapt to evolving behaviors.This study presents a methodology for effectively detecting malicious traffic in Open RAN by utilizing an Artificial-Intelligence/MachineLearning(AI/ML)Framework.A hybrid Transformer–Convolutional-Neural-Network(Transformer-CNN)ensemble model is employed for anomaly detection.The proposed model generates final predictions through a soft-voting technique based on the predictive outputs of the two models with distinct features.This approach improves accuracy by up to 1.06%and F1 score by 1.48%compared with a hard-voting technique to determine the final prediction.Furthermore,the proposed model achieves an average accuracy of approximately 98.3%depending on the time step,exhibiting a 1.43%increase in accuracy over single-model approaches.Unlike single-model approaches,which are prone to overfitting,the ensemble model resolves the overfitting problem by reducing the deviation in validation loss.展开更多
The sixth-generation mobile communication(6G)networks will face more complex endogenous security problems,and it is urgent to propose new universal security theories and establish new practice norms to deal with the&#...The sixth-generation mobile communication(6G)networks will face more complex endogenous security problems,and it is urgent to propose new universal security theories and establish new practice norms to deal with theªunknown unknownºsecurity threats in cyberspace.This paper first expounds the new paradigm of cyberspace endogenous security and introduces the vision of 6G cyberspace security.Then,it analyzes the security problems faced by the 6G core network,wireless access network,and emerging associated technologies in detail,as well as the corresponding security technology development status and the integrated development of endogenous security and traditional security.Furthermore,this paper describes the relevant security theories and technical concepts under the guidance of the new paradigm of endogenous security.展开更多
The advent of 5G technology has revolutionized network communication by introducing network slicing(NS)and virtualization to allow multiple network service providers(NSPs)to share infrastructure,thereby reducing deplo...The advent of 5G technology has revolutionized network communication by introducing network slicing(NS)and virtualization to allow multiple network service providers(NSPs)to share infrastructure,thereby reducing deployment costs and accelerating 5G adoption.While this new open marketplace enables NSPs to trade resources dynamically,it also exposes the system to security concerns,such as front-running and selfish-validation attacks,which can lead to market manipulation and strategy leakage.This paper presents TRADE-5G,a secure blockchainbased marketplace for 5G resource trading that mitigates these attacks and ensures fair,transparent resource allocation while preserving the cofidentiality of NSP strategies.Through extensive simulations,TRADE-5G demonstrates a substantial 18%improvement in user satisfaction and a 36%reduction in wasted resources compared to traditional models.Additionally,it opens new profit opportunities for NSPs through unused resources,establishing a more competitive,secure,and transparent 5G trading environment that exceeds the capabilities of traditional mobile networks.展开更多
User Equipment(UE)authentication holds paramount importance in upholding the security of wireless networks.A nascent technology,Radio Frequency Fingerprint Identification(RFFI),is gaining prominence as a means to bols...User Equipment(UE)authentication holds paramount importance in upholding the security of wireless networks.A nascent technology,Radio Frequency Fingerprint Identification(RFFI),is gaining prominence as a means to bolster network security authentication.To expedite the integration of RFFI within fifth-generation(5G)networks,this research undertakes the creation of a comprehensive link-level simulation platform tailored for 5G scenarios.The devised platform emulates various device impairments,including an oscillator,IQ modulator,and power amplifier(PA)nonlinearities,alongside simulating channel distortions.Consequent to this,a plausibility analysis is executed,intertwining transmitter device impairments with 3rd Generation Partnership Project(3GPP)new radio(NR)protocols.Subsequently,an exhaustive exploration is conducted to assess the impact of transmitter impairments,deep neural networks(DNNs),and channel effects on RF fingerprinting performance.Notably,under a signal-to-noise ratio(SNR)of 15 d B,the deep learning approach demonstrates the capability to accurately classify 100 UEs with a commendable 91%accuracy rate.Through a multifaceted evaluation,it is ascertained that the Attention-based network architecture emerges as the optimal choice for the RFFI task,serving as the new benchmark model for RFFI applications.展开更多
基金appreciation to the Deanship of Research and Graduate Studies at King Khalid University for funding this work through the Large Group Project under grant number(RGP2/245/46)Princess Nourah bint Abdulrahman University Researchers Supporting Project number(PNURSP2026R333)Princess Nourah bint Abdulrahman University,Riyadh,Saudi Arabia.
文摘The expansion of 5G-enabled Internet of Things(IoT)networks,while enabling transformative applications,significantly increases the attack surface and necessitates security solutions that extend beyond traditional intrusion detection.Existing intrusion detection systems(IDSs)mainly operate in an open-loop manner,excelling at classification but lacking the ability for autonomous,safety-aware remediation.This gap is particularly critical in 5G environments,where manual intervention is too slow and naive automation can lead to severe service disruptions.To address this issue,we propose a novel Self-Healing Intrusion Detection System(SH-IDS)framework that develops a closed-loop cyber defense mechanism.The main technical contribution is the integration of a deep neural networkbased threat detector,which offers uncertainty-quantified predictions,with a safety-aware reinforcement learning(RL)engine formulated as a Constrained Markov Decision Process(CMDP).The CMDP explicitly models operational safety as cost constraints,and a new runtime safety shield actively adjusts any unsafe action proposed by the RL agent to the nearest safe alternative,ensuring operational integrity.Additionally,we introduce a composite utility function for the comprehensive evaluation of the system.Empirical analysis on the 5G-NIDD dataset demonstrates the superior performance of our framework:the detector achieves 98.26%accuracy,while the safe RL agent learns effective mitigation policies.Importantly,the safety shield blocked up to 70 unsafe actions under strict constraints,and analysis of the learned Q-tables confirms that the agent internalizes safety,avoiding overly disruptive actions,such as isolating nodes for minor threats.The system also maintains high efficiency with a compact model size of 121.7 KB and sub-millisecond latency,confirming its practical deployability for real-time 5G-IoT security.
文摘The 5G and satellite converged communication network(5G SCCN)is an impor⁃tant component of the integration of satellite-terrestrial networks,the national science,and technology major projects towards 2030.Security is the key to ensuring its operation,but at present,the research in this area has just started in our country.Based on the network char⁃acteristics and security risks,we propose the security architecture of the 5G SCCN and sys⁃tematically sort out the key protection technologies and improvement directions.In particu⁃lar,unique thinking on the security of lightweight data communication and design reference for the 5G SCCN network architecture is presented.It is expected to provide a piece of refer⁃ence for the follow-up 5G SCCN security technology research,standard evolution,and indus⁃trialization.
文摘With the rapid advancement of mobile communication networks,key technologies such as Multi-access Edge Computing(MEC)and Network Function Virtualization(NFV)have enhanced the quality of service for 5G users but have also significantly increased the complexity of network threats.Traditional static defense mechanisms are inadequate for addressing the dynamic and heterogeneous nature of modern attack vectors.To overcome these challenges,this paper presents a novel algorithmic framework,SD-5G,designed for high-precision intrusion detection in 5G environments.SD-5G adopts a three-stage architecture comprising traffic feature extraction,elastic representation,and adaptive classification.Specifically,an enhanced Concrete Autoencoder(CAE)is employed to reconstruct and compress high-dimensional network traffic features,producing compact and expressive representations suitable for large-scale 5G deployments.To further improve accuracy in ambiguous traffic classification,a Residual Convolutional Long Short-Term Memory model with an attention mechanism(ResCLA)is introduced,enabling multi-level modeling of spatial–temporal dependencies and effective detection of subtle anomalies.Extensive experiments on benchmark datasets—including 5G-NIDD,CIC-IDS2017,ToN-IoT,and BoT-IoT—demonstrate that SD-5G consistently achieves F1 scores exceeding 99.19%across diverse network environments,indicating strong generalization and real-time deployment capabilities.Overall,SD-5G achieves a balance between detection accuracy and deployment efficiency,offering a scalable,flexible,and effective solution for intrusion detection in 5G and next-generation networks.
基金supported by the Institute of Information&Communications Technology Planning&Evaluation(IITP)grant funded by the Korea government(MSIT)(RS-2024-00396797,Development of core technology for intelligent O-RAN security platform)。
文摘The open nature and heterogeneous architecture of Open Radio Access Network(Open RAN)undermine the consistency of security policies and broaden the attack surface,thereby increasing the risk of security vulnerabilities.The dynamic nature of network performance and traffic patterns in Open RAN necessitates advanced detection models that can overcome the constraints of traditional techniques and adapt to evolving behaviors.This study presents a methodology for effectively detecting malicious traffic in Open RAN by utilizing an Artificial-Intelligence/MachineLearning(AI/ML)Framework.A hybrid Transformer–Convolutional-Neural-Network(Transformer-CNN)ensemble model is employed for anomaly detection.The proposed model generates final predictions through a soft-voting technique based on the predictive outputs of the two models with distinct features.This approach improves accuracy by up to 1.06%and F1 score by 1.48%compared with a hard-voting technique to determine the final prediction.Furthermore,the proposed model achieves an average accuracy of approximately 98.3%depending on the time step,exhibiting a 1.43%increase in accuracy over single-model approaches.Unlike single-model approaches,which are prone to overfitting,the ensemble model resolves the overfitting problem by reducing the deviation in validation loss.
基金the National Key Research and Development Program of China(Nos.2020YFB1806607 and 2022YFB2902202)the National Natural Science Foundation of China(Nos.61521003 and 61701538)。
文摘The sixth-generation mobile communication(6G)networks will face more complex endogenous security problems,and it is urgent to propose new universal security theories and establish new practice norms to deal with theªunknown unknownºsecurity threats in cyberspace.This paper first expounds the new paradigm of cyberspace endogenous security and introduces the vision of 6G cyberspace security.Then,it analyzes the security problems faced by the 6G core network,wireless access network,and emerging associated technologies in detail,as well as the corresponding security technology development status and the integrated development of endogenous security and traditional security.Furthermore,this paper describes the relevant security theories and technical concepts under the guidance of the new paradigm of endogenous security.
文摘The advent of 5G technology has revolutionized network communication by introducing network slicing(NS)and virtualization to allow multiple network service providers(NSPs)to share infrastructure,thereby reducing deployment costs and accelerating 5G adoption.While this new open marketplace enables NSPs to trade resources dynamically,it also exposes the system to security concerns,such as front-running and selfish-validation attacks,which can lead to market manipulation and strategy leakage.This paper presents TRADE-5G,a secure blockchainbased marketplace for 5G resource trading that mitigates these attacks and ensures fair,transparent resource allocation while preserving the cofidentiality of NSP strategies.Through extensive simulations,TRADE-5G demonstrates a substantial 18%improvement in user satisfaction and a 36%reduction in wasted resources compared to traditional models.Additionally,it opens new profit opportunities for NSPs through unused resources,establishing a more competitive,secure,and transparent 5G trading environment that exceeds the capabilities of traditional mobile networks.
基金supported by the National Natural Science Foundation of China(No:62201172)the National Key Research and Development Program of China(2022YFE0136800)
文摘User Equipment(UE)authentication holds paramount importance in upholding the security of wireless networks.A nascent technology,Radio Frequency Fingerprint Identification(RFFI),is gaining prominence as a means to bolster network security authentication.To expedite the integration of RFFI within fifth-generation(5G)networks,this research undertakes the creation of a comprehensive link-level simulation platform tailored for 5G scenarios.The devised platform emulates various device impairments,including an oscillator,IQ modulator,and power amplifier(PA)nonlinearities,alongside simulating channel distortions.Consequent to this,a plausibility analysis is executed,intertwining transmitter device impairments with 3rd Generation Partnership Project(3GPP)new radio(NR)protocols.Subsequently,an exhaustive exploration is conducted to assess the impact of transmitter impairments,deep neural networks(DNNs),and channel effects on RF fingerprinting performance.Notably,under a signal-to-noise ratio(SNR)of 15 d B,the deep learning approach demonstrates the capability to accurately classify 100 UEs with a commendable 91%accuracy rate.Through a multifaceted evaluation,it is ascertained that the Attention-based network architecture emerges as the optimal choice for the RFFI task,serving as the new benchmark model for RFFI applications.
