Autonomic protection of multi-tenant 5G mobile networks against UDP flooding DDoS attacks

There is a lack of effective security solutions that autonomously, without any human intervention, detect and mitigate DDoS cyber-attacks. The lack is exacerbated when the network to be protected is a 5G mobile network. 5G networks push multi-tenancy to the edge of the network. Both the 5G user mobility and multi-tenancy are challenges to be addressed by current security solutions. These challenges lead to an insufficient protection of 5G users, tenants and infrastructures. This research proposes a novel autonomic security system, including the design, implementation and empirical validation to demonstrate the efficient protection of the network against Distributed Denial of Service (DDoS) attacks by applying countermeasures decided on and taken by an autonomic system, instead of a human. The self-management architecture provides support for all the different phases involved in a DDoS attack, from the detection of an attack to its final mitigation, through making the appropriate autonomous decisions and enforcing actions. Empirical experiments have been performed to protect a 5G multi-tenant infrastructure against a User Datagram Protocol (UDP) flooding attack, as an example of an attack to validate the design and prototype of the proposed architecture. Scalability results show self-protection against DDoS attacks, without human intervention, in around one second for an attack of 256 simultaneous attackers with 100 Mbps bandwidth per attacker. Furthermore, results demonstrate the proposed approach is flow-, user- and tenant-aware, which allows applying different protection strategies within the infrastructure.