基于 ZSM 的 E2E 安全片管理,在支持 MEC 的 V2X 环境中保护 DDoS 攻击

IF 5.3 Q1 ENGINEERING, ELECTRICAL & ELECTRONIC IEEE Open Journal of Vehicular Technology Pub Date : 2024-03-11 DOI:10.1109/OJVT.2024.3375448
Rodrigo Asensio-Garriga;Pol Alemany;Alejandro M. Zarca;Roshan Sedar;Charalampos Kalalas;Jordi Ortiz;Ricard Vilalta;Raul Muñoz;Antonio Skarmeta
{"title":"基于 ZSM 的 E2E 安全片管理,在支持 MEC 的 V2X 环境中保护 DDoS 攻击","authors":"Rodrigo Asensio-Garriga;Pol Alemany;Alejandro M. Zarca;Roshan Sedar;Charalampos Kalalas;Jordi Ortiz;Ricard Vilalta;Raul Muñoz;Antonio Skarmeta","doi":"10.1109/OJVT.2024.3375448","DOIUrl":null,"url":null,"abstract":"Research on vehicle-to-everything (V2X) is attracting significant attention nowadays, driven by the recent advances in beyond-5G (B5G) networks and the multi-access edge computing (MEC) paradigm. However, the inherent heterogeneity of B5G combined with the security vulnerabilities of MEC infrastructure in dynamic V2X scenarios introduces unprecedented challenges. Efficient resource and security management in multi-domain V2X environments is vital, especially with the growing threat of distributed denial-of-service (DDoS) attacks against critical V2X services within MEC. Our approach employs the zero-touch network and service management (ZSM) standard, integrating autonomous security into end-to-end (E2E) slicing management. We consider an entire 5G network, including vehicular user equipment, radio access networks, MEC, and core components, in the presence of DDoS targeting V2X services. Our framework complies with security service-level agreements (SSLAs) and policies, autonomously deploying and interconnecting security sub-slices across domains. Security requirements are continuously monitored and, upon DDoS detection, our framework reacts with a coordinated E2E strategy. The strategy mitigates DDoS at the MEC and deploys countermeasures in neighboring domains. Performance assessment reveals effective DDoS detection and mitigation with low latency, aligned with the mission-critical nature of certain V2X services. This work is part of ETSI ZSM PoC “security SLA assurance in 5G network slices”.","PeriodicalId":34270,"journal":{"name":"IEEE Open Journal of Vehicular Technology","volume":null,"pages":null},"PeriodicalIF":5.3000,"publicationDate":"2024-03-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10465254","citationCount":"0","resultStr":"{\"title\":\"ZSM-Based E2E Security Slice Management for DDoS Attack Protection in MEC-Enabled V2X Environments\",\"authors\":\"Rodrigo Asensio-Garriga;Pol Alemany;Alejandro M. Zarca;Roshan Sedar;Charalampos Kalalas;Jordi Ortiz;Ricard Vilalta;Raul Muñoz;Antonio Skarmeta\",\"doi\":\"10.1109/OJVT.2024.3375448\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Research on vehicle-to-everything (V2X) is attracting significant attention nowadays, driven by the recent advances in beyond-5G (B5G) networks and the multi-access edge computing (MEC) paradigm. However, the inherent heterogeneity of B5G combined with the security vulnerabilities of MEC infrastructure in dynamic V2X scenarios introduces unprecedented challenges. Efficient resource and security management in multi-domain V2X environments is vital, especially with the growing threat of distributed denial-of-service (DDoS) attacks against critical V2X services within MEC. Our approach employs the zero-touch network and service management (ZSM) standard, integrating autonomous security into end-to-end (E2E) slicing management. We consider an entire 5G network, including vehicular user equipment, radio access networks, MEC, and core components, in the presence of DDoS targeting V2X services. Our framework complies with security service-level agreements (SSLAs) and policies, autonomously deploying and interconnecting security sub-slices across domains. Security requirements are continuously monitored and, upon DDoS detection, our framework reacts with a coordinated E2E strategy. The strategy mitigates DDoS at the MEC and deploys countermeasures in neighboring domains. Performance assessment reveals effective DDoS detection and mitigation with low latency, aligned with the mission-critical nature of certain V2X services. This work is part of ETSI ZSM PoC “security SLA assurance in 5G network slices”.\",\"PeriodicalId\":34270,\"journal\":{\"name\":\"IEEE Open Journal of Vehicular Technology\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":5.3000,\"publicationDate\":\"2024-03-11\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10465254\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Open Journal of Vehicular Technology\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://ieeexplore.ieee.org/document/10465254/\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"ENGINEERING, ELECTRICAL & ELECTRONIC\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Open Journal of Vehicular Technology","FirstCategoryId":"1085","ListUrlMain":"https://ieeexplore.ieee.org/document/10465254/","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENGINEERING, ELECTRICAL & ELECTRONIC","Score":null,"Total":0}
引用次数: 0

摘要

如今,在 5G 以外(B5G)网络和多接入边缘计算(MEC)范例的最新进展的推动下,有关车对物(V2X)的研究备受关注。然而,B5G 固有的异构性与动态 V2X 场景中 MEC 基础设施的安全漏洞相结合,带来了前所未有的挑战。多域 V2X 环境中的高效资源和安全管理至关重要,尤其是在 MEC 中的关键 V2X 服务受到分布式拒绝服务 (DDoS) 攻击的威胁日益严重的情况下。我们的方法采用了零接触网络和服务管理(ZSM)标准,将自主安全集成到端到端(E2E)切片管理中。我们考虑了整个 5G 网络,包括车辆用户设备、无线接入网络、MEC 和核心组件,以及针对 V2X 服务的 DDoS。我们的框架符合安全服务级别协议(SSLA)和策略,可跨域自主部署和互联安全子切片。我们会持续监控安全要求,一旦检测到 DDoS,我们的框架就会通过协调的 E2E 策略做出反应。该策略可减轻 MEC 的 DDoS,并在邻域部署应对措施。性能评估显示,DDoS 检测和缓解效果显著,延迟时间短,符合某些 V2X 服务的关键任务性质。这项工作是 ETSI ZSM PoC "5G 网络切片中的安全 SLA 保证 "的一部分。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
ZSM-Based E2E Security Slice Management for DDoS Attack Protection in MEC-Enabled V2X Environments
Research on vehicle-to-everything (V2X) is attracting significant attention nowadays, driven by the recent advances in beyond-5G (B5G) networks and the multi-access edge computing (MEC) paradigm. However, the inherent heterogeneity of B5G combined with the security vulnerabilities of MEC infrastructure in dynamic V2X scenarios introduces unprecedented challenges. Efficient resource and security management in multi-domain V2X environments is vital, especially with the growing threat of distributed denial-of-service (DDoS) attacks against critical V2X services within MEC. Our approach employs the zero-touch network and service management (ZSM) standard, integrating autonomous security into end-to-end (E2E) slicing management. We consider an entire 5G network, including vehicular user equipment, radio access networks, MEC, and core components, in the presence of DDoS targeting V2X services. Our framework complies with security service-level agreements (SSLAs) and policies, autonomously deploying and interconnecting security sub-slices across domains. Security requirements are continuously monitored and, upon DDoS detection, our framework reacts with a coordinated E2E strategy. The strategy mitigates DDoS at the MEC and deploys countermeasures in neighboring domains. Performance assessment reveals effective DDoS detection and mitigation with low latency, aligned with the mission-critical nature of certain V2X services. This work is part of ETSI ZSM PoC “security SLA assurance in 5G network slices”.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
CiteScore
9.60
自引率
0.00%
发文量
25
审稿时长
10 weeks
期刊最新文献
Digital Twin-Empowered Green Mobility Management in Next-Gen Transportation Networks Fairness-Aware Utility Maximization for Multi-UAV-Aided Terrestrial Networks LiFi for Industry 4.0: Main Features, Implementation and Initial Testing of IEEE Std 802.15.13 Partial Learning-Based Iterative Detection of MIMO Systems Decentralized and Asymmetric Multi-Agent Learning in Construction Sites
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1