Pawani Porambage | University of Moratuwa (original) (raw)

Papers by Pawani Porambage

Research paper thumbnail of Comprehensive Analysis Over Centralized and Federated Learning-Based Anomaly Detection in Networks with Explainable AI (XAI)

ICC 2023 - IEEE International Conference on Communications

Research paper thumbnail of Security in Intent-Based Networking: Challenges and Solutions

This article studies the security gains and challenges in IBN from the aspect of enabling concept... more This article studies the security gains and challenges in IBN from the aspect of enabling concepts and technologies. Furthermore, the article highlights potential solutions to existing challenges, outlines the standardization efforts, and summarizes the most important research gaps to advance future research in this direction.

Research paper thumbnail of Integration of ICN and MEC in 5G and Beyond Networks: Mutual Benefits, Use Cases, Challenges, Standardization, and Future Research

IEEE open journal of the Communications Society, 2022

Multi-access Edge Computing (MEC) is a novel edge computing paradigm that moves cloudbased proces... more Multi-access Edge Computing (MEC) is a novel edge computing paradigm that moves cloudbased processing and storage capabilities closer to mobile users by implementing server resources in the access nodes. MEC helps fulfill the stringent requirements of 5G and beyond networks to offer anytimeanywhere connectivity for many devices with ultra-low delay and huge bandwidths. Information-Centric Networking (ICN) is another prominent network technology that builds on a content-centric network architecture to overcome host-centric routing/operation shortcomings and to realize efficient pervasive and ubiquitous networking. It is envisaged to be employed in Future Internet including Beyond 5G (B5G) networks. The consolidation of ICN with MEC technology offers new opportunities to realize that vision and serve advanced use cases. However, various integration challenges are yet to be addressed to enable the wide-scale co-deployment of ICN with MEC in future networks. In this paper, we discuss and elaborate on ICN MEC integration to provide a comprehensive survey with a forward-looking perspective for B5G networks. In that regard, we deduce lessons learned from related works (for both 5G and B5G networks). We present ongoing standardization activities to highlight practical implications of such efforts. Moreover, we render key B5G use cases and highlight the role for ICN MEC integration for addressing their requirements. Finally, we layout research challenges and identify potential research directions. For this last contribution, we also provide a mapping of the latter to ICN integration challenges and use cases.

Research paper thumbnail of Security and Privacy Vision in 6G

Research paper thumbnail of Blockchain and Game Theory Convergence for Network Slice Brokering

IEEE Computer, Mar 1, 2023

As a distributed ledger technology, blockchain has received signicant attention in revolutionizi... more As a distributed ledger technology, blockchain has received signicant attention in revolutionizing telecommunication and networking domains. Besides, network slicing is a key enabling technology in 5G and a road map to the envisioned 6G, which expects to support multi-tenant and multi-operator environments. In this context, the concept of Network Slice (NS) broker has emerged as a promising business entity to facilitate dynamic resource trading between network operators or resource providers and multiple tenants. This work proposes a blockchainbased NS brokering mechanism for multi-operator and multitenant environments of the envisioned 6G networks. Our solution, the so-called SFSBroker, utilizes the Stackelberg game based approach to nd the best matching NS offered by a Resource Provider (RP) for a resource request created by a tenant. We provide a detailed implementation of the SFSBroker mechanism, which runs as a blockchain service in such a multi-operator multi-tenant platform, focusing on possible future improvements.

Research paper thumbnail of Micro-Operator driven Local 5G Network Architecture for Industrial Internet

arXiv (Cornell University), Nov 10, 2018

In addition to the high degree of flexibility and customization required by different vertical se... more In addition to the high degree of flexibility and customization required by different vertical sectors, 5G calls for a network architecture that ensures ultra-responsive and ultrareliable communication links. The novel concept called microoperator (uO) enables a versatile set of stakeholders to operate local 5G networks within their premises with a guaranteed quality and reliability to complement mobile network operators' (MNOs) offerings. In this paper, we propose a descriptive architecture for emerging 5G uOs which provides user specific and location specific services in a spatially confined environment. The architecture is discussed in terms of network functions and the operational units which entail the core and radio access networks in a smart factory environment which supports industry 4.0 standards. Moreover, in order to realize the conceptual design, we provide simulation results for the latency measurements of the proposed uO architecture with respect to an augmented reality use case in industrial internet. Thereby we discuss the benefits of having uO driven local 5G networks for specialized user requirements, rather than continuing with the conventional approach where only MNOs can deploy cellular networks.

Research paper thumbnail of Demo: Blockchain-based Secured and Federated Slice Broker (SFSBroker)

NOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium, Apr 25, 2022

Research paper thumbnail of Lightweight authentication and key management of wireless sensor networks for Internet of things

The concept of the Internet of Things (IoT) is driven by advancements of the Internet with the in... more The concept of the Internet of Things (IoT) is driven by advancements of the Internet with the interconnection of heterogeneous smart objects using different networking and communication technologies. Among many underlying networking technologies for the IoT, Wireless Sensor Network (WSN) technology has become an integral building block. IoT enabled sensor networks provide a wide range of application areas such as smart homes, connected healthcare, smart cities and various solutions for the manufacturing industry. The integration of WSNs in IoT will also create new security challenges for establishing secure channels between low power sensor nodes and Internet hosts. This will lead to many challenges in designing new key establishment and authentication protocols and redefining the existing ones. This dissertation addresses how to integrate lightweight key management and authentication solutions in the resource constrained sensor networks deployed in IoT domains. Firstly, this thesis elaborates how to exploit the implicit certificates to initiate secure End-to-End (E2E) communication channels between the resource constrained sensor nodes in IoT networks. Implicit certificates are used for authentication and key establishment purposes. The compliance of the security schemes is proven through performance evaluations and by discussing the security properties. Secondly, this dissertation presents the design of two lightweight group key establishment protocols for securing group communications between resource-constrained IoT devices. Finally, the thesis explores promising approaches on how to tailor the existing security protocols in accordance with IoT device and network characteristics. In particular, variants of Host Identity Protocol (HIP) are adopted for constructing dynamic and secure E2E connections between the heterogeneous network devices with imbalanced resource profiles and less or no previous knowledge about each other. A solutions called Collaborative HIP (CHIP) is proposed with an efficient key establishment component for the high resource-constrained devices on the IoT. The applicability of the keying mechanism is demonstrated with the implementation and the performance measurements results.

Research paper thumbnail of A Survey on Network Slicing Security: Attacks, Challenges, Solutions and Research Directions

IEEE Communications Surveys & Tutorials

The dawn of softwarized networks enables Network Slicing (NS) as an important technology towards ... more The dawn of softwarized networks enables Network Slicing (NS) as an important technology towards allocating endto-end logical networks to facilitate diverse requirements of emerging applications in fifth-generation (5G) mobile networks. However, the emergence of NS also exposes novel security and privacy challenges, primarily related to aspects such as NS life-cycle security, inter-slice security, intra-slice security, slice broker security, zero-touch network and management security, and blockchain security. Hence, enhancing NS security, privacy, and trust has become a key research area toward realizing the true capabilities of 5G. This paper presents a comprehensive and up-to-date survey on NS security. The paper articulates a taxonomy for NS security and privacy, laying the structure for the survey. Accordingly, the paper presents key attack scenarios specific to NS-enabled networks. Furthermore, the paper explores NS security threats, challenges, and issues while elaborating on NS security solutions available in the literature. In addition, NS trust and privacy aspects, along with possible solutions, are explained. The paper also highlights future research directions in NS security and privacy. It is envisaged that this survey will concentrate on existing research work, highlight research gaps and shed light on future research, development, and standardization work to realize secure NS in 5G and beyond mobile communication networks.

Research paper thumbnail of Proof-of-Monitoring (PoM): A Novel Consensus Mechanism for Blockchain-Based Secure Service Level Agreement Management

IEEE Transactions on Network and Service Management

In the current 5th Generation (5G) networking paradigm, the enforcement of Service Level Agreemen... more In the current 5th Generation (5G) networking paradigm, the enforcement of Service Level Agreements (SLAs) is a non-trivial measure to ensure the scope and the quality of services and standards between tenants and service providers (SPs). On top of this, Secure Service Level Agreements (SSLA) are introduced to ensure that SPs deliver the most critical and required security-related standards defined in the contract, such as integrity, confidentiality, availability, nonrepudiation, and privacy assurance. However, with the tendency for more distributed and multi-stakeholder networking architectures in next-generation networks, the management process of such SSLAs will be challenging due to the diversified security vulnerabilities and complexity of underlying technologies. Although blockchain is emerging as a platform to facilitate such distributed SSLA/SLA management frameworks, its currently available consensus mechanisms are more generic. Still, they need to improve in terms of applying in multi-stakeholder networks. Therefore, this paper presents a novel consensus mechanism called Proof-of-Monitoring (PoM) for a blockchain-based novel SSLA management framework. Moreover, we provide details about the prototype implementation of our proposed consensus algorithm and SSLA management framework. It is proven by comparing our proposal with the other existing solutions that our solution outperforms in many aspects, such as energy consumption, computation cost, and security features.

Research paper thumbnail of 5G-NIDD: A Comprehensive Network Intrusion Detection Dataset Generated over 5G Wireless Network

arXiv (Cornell University), Dec 2, 2022

With a plethora of new connections, features, and services introduced, the 5th generation (5G) wi... more With a plethora of new connections, features, and services introduced, the 5th generation (5G) wireless technology reflects the development of mobile communication networks and is here to stay for the next decade. The multitude of services and technologies that 5G incorporates have made modern communication networks very complex and sophisticated in nature. This complexity along with the incorporation of Machine Learning (ML) and Artificial Intelligence (AI) provides the opportunity for the attackers to launch intelligent attacks against the network and network devices. These attacks often traverse undetected due to the lack of intelligent security mechanisms to counter these threats. Therefore, the implementation of real-time, proactive, and self-adaptive security mechanisms throughout the network would be an integral part of 5G as well as future communication systems. Therefore, large amounts of data collected from real networks will play an important role in the training of AI/ML models to identify and detect malicious content in network traffic. This work presents 5G-NIDD, a fully labeled dataset built on a functional 5G test network that can be used by those who develop and test AI/ML solutions. The work further analyses the collected data using common ML models and shows the achieved accuracy levels.

Research paper thumbnail of A survey on the use of blockchain for future 6G: Technical aspects, use cases, challenges and research directions

Journal of Industrial Information Integration

Research paper thumbnail of Integration of ICN and MEC in 5G and Beyond Networks: Mutual Benefits, Use Cases, Challenges, Standardization, and Future Research

IEEE Open Journal of the Communications Society

Multi-access Edge Computing (MEC) is a novel edge computing paradigm that moves cloudbased proces... more Multi-access Edge Computing (MEC) is a novel edge computing paradigm that moves cloudbased processing and storage capabilities closer to mobile users by implementing server resources in the access nodes. MEC helps fulfill the stringent requirements of 5G and beyond networks to offer anytimeanywhere connectivity for many devices with ultra-low delay and huge bandwidths. Information-Centric Networking (ICN) is another prominent network technology that builds on a content-centric network architecture to overcome host-centric routing/operation shortcomings and to realize efficient pervasive and ubiquitous networking. It is envisaged to be employed in Future Internet including Beyond 5G (B5G) networks. The consolidation of ICN with MEC technology offers new opportunities to realize that vision and serve advanced use cases. However, various integration challenges are yet to be addressed to enable the wide-scale co-deployment of ICN with MEC in future networks. In this paper, we discuss and elaborate on ICN MEC integration to provide a comprehensive survey with a forward-looking perspective for B5G networks. In that regard, we deduce lessons learned from related works (for both 5G and B5G networks). We present ongoing standardization activities to highlight practical implications of such efforts. Moreover, we render key B5G use cases and highlight the role for ICN MEC integration for addressing their requirements. Finally, we layout research challenges and identify potential research directions. For this last contribution, we also provide a mapping of the latter to ICN integration challenges and use cases.

Research paper thumbnail of Federated Learning based Anomaly Detection as an Enabler for Securing Network and Service Management Automation in Beyond 5G Networks

2022 Joint European Conference on Networks and Communications & 6G Summit (EuCNC/6G Summit)

Network automation is a necessity in order to meet the unprecedented demand in the future network... more Network automation is a necessity in order to meet the unprecedented demand in the future networks and zero touch network architecture is proposed to cater such requirements. Closed-loop and artificial intelligence are key enablers in this proposed architecture in critical elements such as security. Apart from the arising privacy concerns, machine learning models can also face resource limitations. Federated learning is a machine learning-based technique that addresses both privacy and communication efficiency issues. Therefore, we propose a federated learning-based model incorporating the ZSM architecture for network automation. The paper also contains the simulations and results of the proposed multi-stage federated learning model that uses the UNSW-NB15 dataset.

Research paper thumbnail of Robust and Resilient Federated Learning for Securing Future Networks

2022 Joint European Conference on Networks and Communications & 6G Summit (EuCNC/6G Summit)

Machine Learning (ML) and Artificial Intelligence (AI) techniques are widely adopted in the telec... more Machine Learning (ML) and Artificial Intelligence (AI) techniques are widely adopted in the telecommunication industry, especially to automate beyond 5G networks. Federated Learning (FL) recently emerged as a distributed ML approach that enables localized model training to keep data decentralized to ensure data privacy. In this paper, we identify the applicability of FL for securing future networks and its limitations due to the vulnerability to poisoning attacks. First, we investigate the shortcomings of state-of-the-art security algorithms for FL and perform an attack to circumvent FoolsGold algorithm, which is known as one of the most promising defense techniques currently available. The attack is launched with the addition of intelligent noise at the poisonous model updates. Then we propose a more sophisticated defense strategy, a threshold-based clustering mechanism to complement FoolsGold. Moreover, we provide a comprehensive analysis of the impact of the attack scenario and the performance of the defense mechanism.

Research paper thumbnail of Demo: Blockchain-based Secured and Federated Slice Broker (SFSBroker)

NOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium

Research paper thumbnail of Blockchain-Based Network Slice Broker to Facilitate Factory-As-a-Service

IEEE Transactions on Industrial Informatics

The novel concept of Factory-as-a-Service (FaaS) allows the agility of adapting the manufacturing... more The novel concept of Factory-as-a-Service (FaaS) allows the agility of adapting the manufacturing process by identifying the industry's supply chain and user requirements. To cater to FaaS, flexibility in networking and cloud services is a must. 5G network slice broker is a third-party mediator that caters to networking resource demand from clients to the service providers. Thus, this paper introduces a secure blockchain-based network slice broker to facilitate FaaS. The proposed secure network slice broker (SNSB) provides secure, cognitive, and distributed network services for resource allocation and security service level agreement (SSLA) formation with coordination of slice managers and SSLA managers. In SNSB we introduce a federated slice selection algorithm with Stackelberg game model and Reinforcement Learning (RL) algorithm to compute the realtime and the optimal unit price and demand level. We provide an extensive implementation and performance evaluation of SNSB using the Katana slice manager and a custom SSLA manager.

Research paper thumbnail of ASEC: Anonym Signcryption Scheme Based on EC operations

International Journal of Computer Applications, 2015

Research paper thumbnail of Managing Mobile Relays for Secure E2E Connectivity of Low-Power IoT Devices

2019 16th IEEE Annual Consumer Communications & Networking Conference (CCNC), 2019

The widespread Internet of Things (IoT) ecosystems empower the deployment of various Bluetooth Lo... more The widespread Internet of Things (IoT) ecosystems empower the deployment of various Bluetooth Low Energy (BLE) sensor nodes in many ambient assisted living (AAL) type applications. Regardless of their limitations, these low-power IoT sensor nodes need pervasive and secure connections to transfer the aggregated data to the central servers located in remote clouds which will perform further processing and storing functions. The common practice is to use one or multiple dedicated gateways to assist the communication between the sensor and the cloud. This paper presents a mobile-based relay assistance solution for establishing secure end-to-end (E2E) connectivity between lowpower IoT sensors and cloud servers without using a dedicated gateway. za The prototype implementation and the described security features verify the technical readiness of the proposed solution.

Research paper thumbnail of Blockchain and Game Theory Convergence for Network Slice Brokering

Computer

As a distributed ledger technology, blockchain has received signicant attention in revolutionizi... more As a distributed ledger technology, blockchain has received signicant attention in revolutionizing telecommunication and networking domains. Besides, network slicing is a key enabling technology in 5G and a road map to the envisioned 6G, which expects to support multi-tenant and multi-operator environments. In this context, the concept of Network Slice (NS) broker has emerged as a promising business entity to facilitate dynamic resource trading between network operators or resource providers and multiple tenants. This work proposes a blockchainbased NS brokering mechanism for multi-operator and multitenant environments of the envisioned 6G networks. Our solution, the so-called SFSBroker, utilizes the Stackelberg game based approach to nd the best matching NS offered by a Resource Provider (RP) for a resource request created by a tenant. We provide a detailed implementation of the SFSBroker mechanism, which runs as a blockchain service in such a multi-operator multi-tenant platform, focusing on possible future improvements.

Research paper thumbnail of Comprehensive Analysis Over Centralized and Federated Learning-Based Anomaly Detection in Networks with Explainable AI (XAI)

ICC 2023 - IEEE International Conference on Communications

Research paper thumbnail of Security in Intent-Based Networking: Challenges and Solutions

This article studies the security gains and challenges in IBN from the aspect of enabling concept... more This article studies the security gains and challenges in IBN from the aspect of enabling concepts and technologies. Furthermore, the article highlights potential solutions to existing challenges, outlines the standardization efforts, and summarizes the most important research gaps to advance future research in this direction.

Research paper thumbnail of Integration of ICN and MEC in 5G and Beyond Networks: Mutual Benefits, Use Cases, Challenges, Standardization, and Future Research

IEEE open journal of the Communications Society, 2022

Multi-access Edge Computing (MEC) is a novel edge computing paradigm that moves cloudbased proces... more Multi-access Edge Computing (MEC) is a novel edge computing paradigm that moves cloudbased processing and storage capabilities closer to mobile users by implementing server resources in the access nodes. MEC helps fulfill the stringent requirements of 5G and beyond networks to offer anytimeanywhere connectivity for many devices with ultra-low delay and huge bandwidths. Information-Centric Networking (ICN) is another prominent network technology that builds on a content-centric network architecture to overcome host-centric routing/operation shortcomings and to realize efficient pervasive and ubiquitous networking. It is envisaged to be employed in Future Internet including Beyond 5G (B5G) networks. The consolidation of ICN with MEC technology offers new opportunities to realize that vision and serve advanced use cases. However, various integration challenges are yet to be addressed to enable the wide-scale co-deployment of ICN with MEC in future networks. In this paper, we discuss and elaborate on ICN MEC integration to provide a comprehensive survey with a forward-looking perspective for B5G networks. In that regard, we deduce lessons learned from related works (for both 5G and B5G networks). We present ongoing standardization activities to highlight practical implications of such efforts. Moreover, we render key B5G use cases and highlight the role for ICN MEC integration for addressing their requirements. Finally, we layout research challenges and identify potential research directions. For this last contribution, we also provide a mapping of the latter to ICN integration challenges and use cases.

Research paper thumbnail of Security and Privacy Vision in 6G

Research paper thumbnail of Blockchain and Game Theory Convergence for Network Slice Brokering

IEEE Computer, Mar 1, 2023

As a distributed ledger technology, blockchain has received signicant attention in revolutionizi... more As a distributed ledger technology, blockchain has received signicant attention in revolutionizing telecommunication and networking domains. Besides, network slicing is a key enabling technology in 5G and a road map to the envisioned 6G, which expects to support multi-tenant and multi-operator environments. In this context, the concept of Network Slice (NS) broker has emerged as a promising business entity to facilitate dynamic resource trading between network operators or resource providers and multiple tenants. This work proposes a blockchainbased NS brokering mechanism for multi-operator and multitenant environments of the envisioned 6G networks. Our solution, the so-called SFSBroker, utilizes the Stackelberg game based approach to nd the best matching NS offered by a Resource Provider (RP) for a resource request created by a tenant. We provide a detailed implementation of the SFSBroker mechanism, which runs as a blockchain service in such a multi-operator multi-tenant platform, focusing on possible future improvements.

Research paper thumbnail of Micro-Operator driven Local 5G Network Architecture for Industrial Internet

arXiv (Cornell University), Nov 10, 2018

In addition to the high degree of flexibility and customization required by different vertical se... more In addition to the high degree of flexibility and customization required by different vertical sectors, 5G calls for a network architecture that ensures ultra-responsive and ultrareliable communication links. The novel concept called microoperator (uO) enables a versatile set of stakeholders to operate local 5G networks within their premises with a guaranteed quality and reliability to complement mobile network operators' (MNOs) offerings. In this paper, we propose a descriptive architecture for emerging 5G uOs which provides user specific and location specific services in a spatially confined environment. The architecture is discussed in terms of network functions and the operational units which entail the core and radio access networks in a smart factory environment which supports industry 4.0 standards. Moreover, in order to realize the conceptual design, we provide simulation results for the latency measurements of the proposed uO architecture with respect to an augmented reality use case in industrial internet. Thereby we discuss the benefits of having uO driven local 5G networks for specialized user requirements, rather than continuing with the conventional approach where only MNOs can deploy cellular networks.

Research paper thumbnail of Demo: Blockchain-based Secured and Federated Slice Broker (SFSBroker)

NOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium, Apr 25, 2022

Research paper thumbnail of Lightweight authentication and key management of wireless sensor networks for Internet of things

The concept of the Internet of Things (IoT) is driven by advancements of the Internet with the in... more The concept of the Internet of Things (IoT) is driven by advancements of the Internet with the interconnection of heterogeneous smart objects using different networking and communication technologies. Among many underlying networking technologies for the IoT, Wireless Sensor Network (WSN) technology has become an integral building block. IoT enabled sensor networks provide a wide range of application areas such as smart homes, connected healthcare, smart cities and various solutions for the manufacturing industry. The integration of WSNs in IoT will also create new security challenges for establishing secure channels between low power sensor nodes and Internet hosts. This will lead to many challenges in designing new key establishment and authentication protocols and redefining the existing ones. This dissertation addresses how to integrate lightweight key management and authentication solutions in the resource constrained sensor networks deployed in IoT domains. Firstly, this thesis elaborates how to exploit the implicit certificates to initiate secure End-to-End (E2E) communication channels between the resource constrained sensor nodes in IoT networks. Implicit certificates are used for authentication and key establishment purposes. The compliance of the security schemes is proven through performance evaluations and by discussing the security properties. Secondly, this dissertation presents the design of two lightweight group key establishment protocols for securing group communications between resource-constrained IoT devices. Finally, the thesis explores promising approaches on how to tailor the existing security protocols in accordance with IoT device and network characteristics. In particular, variants of Host Identity Protocol (HIP) are adopted for constructing dynamic and secure E2E connections between the heterogeneous network devices with imbalanced resource profiles and less or no previous knowledge about each other. A solutions called Collaborative HIP (CHIP) is proposed with an efficient key establishment component for the high resource-constrained devices on the IoT. The applicability of the keying mechanism is demonstrated with the implementation and the performance measurements results.

Research paper thumbnail of A Survey on Network Slicing Security: Attacks, Challenges, Solutions and Research Directions

IEEE Communications Surveys & Tutorials

The dawn of softwarized networks enables Network Slicing (NS) as an important technology towards ... more The dawn of softwarized networks enables Network Slicing (NS) as an important technology towards allocating endto-end logical networks to facilitate diverse requirements of emerging applications in fifth-generation (5G) mobile networks. However, the emergence of NS also exposes novel security and privacy challenges, primarily related to aspects such as NS life-cycle security, inter-slice security, intra-slice security, slice broker security, zero-touch network and management security, and blockchain security. Hence, enhancing NS security, privacy, and trust has become a key research area toward realizing the true capabilities of 5G. This paper presents a comprehensive and up-to-date survey on NS security. The paper articulates a taxonomy for NS security and privacy, laying the structure for the survey. Accordingly, the paper presents key attack scenarios specific to NS-enabled networks. Furthermore, the paper explores NS security threats, challenges, and issues while elaborating on NS security solutions available in the literature. In addition, NS trust and privacy aspects, along with possible solutions, are explained. The paper also highlights future research directions in NS security and privacy. It is envisaged that this survey will concentrate on existing research work, highlight research gaps and shed light on future research, development, and standardization work to realize secure NS in 5G and beyond mobile communication networks.

Research paper thumbnail of Proof-of-Monitoring (PoM): A Novel Consensus Mechanism for Blockchain-Based Secure Service Level Agreement Management

IEEE Transactions on Network and Service Management

In the current 5th Generation (5G) networking paradigm, the enforcement of Service Level Agreemen... more In the current 5th Generation (5G) networking paradigm, the enforcement of Service Level Agreements (SLAs) is a non-trivial measure to ensure the scope and the quality of services and standards between tenants and service providers (SPs). On top of this, Secure Service Level Agreements (SSLA) are introduced to ensure that SPs deliver the most critical and required security-related standards defined in the contract, such as integrity, confidentiality, availability, nonrepudiation, and privacy assurance. However, with the tendency for more distributed and multi-stakeholder networking architectures in next-generation networks, the management process of such SSLAs will be challenging due to the diversified security vulnerabilities and complexity of underlying technologies. Although blockchain is emerging as a platform to facilitate such distributed SSLA/SLA management frameworks, its currently available consensus mechanisms are more generic. Still, they need to improve in terms of applying in multi-stakeholder networks. Therefore, this paper presents a novel consensus mechanism called Proof-of-Monitoring (PoM) for a blockchain-based novel SSLA management framework. Moreover, we provide details about the prototype implementation of our proposed consensus algorithm and SSLA management framework. It is proven by comparing our proposal with the other existing solutions that our solution outperforms in many aspects, such as energy consumption, computation cost, and security features.

Research paper thumbnail of 5G-NIDD: A Comprehensive Network Intrusion Detection Dataset Generated over 5G Wireless Network

arXiv (Cornell University), Dec 2, 2022

With a plethora of new connections, features, and services introduced, the 5th generation (5G) wi... more With a plethora of new connections, features, and services introduced, the 5th generation (5G) wireless technology reflects the development of mobile communication networks and is here to stay for the next decade. The multitude of services and technologies that 5G incorporates have made modern communication networks very complex and sophisticated in nature. This complexity along with the incorporation of Machine Learning (ML) and Artificial Intelligence (AI) provides the opportunity for the attackers to launch intelligent attacks against the network and network devices. These attacks often traverse undetected due to the lack of intelligent security mechanisms to counter these threats. Therefore, the implementation of real-time, proactive, and self-adaptive security mechanisms throughout the network would be an integral part of 5G as well as future communication systems. Therefore, large amounts of data collected from real networks will play an important role in the training of AI/ML models to identify and detect malicious content in network traffic. This work presents 5G-NIDD, a fully labeled dataset built on a functional 5G test network that can be used by those who develop and test AI/ML solutions. The work further analyses the collected data using common ML models and shows the achieved accuracy levels.

Research paper thumbnail of A survey on the use of blockchain for future 6G: Technical aspects, use cases, challenges and research directions

Journal of Industrial Information Integration

Research paper thumbnail of Integration of ICN and MEC in 5G and Beyond Networks: Mutual Benefits, Use Cases, Challenges, Standardization, and Future Research

IEEE Open Journal of the Communications Society

Multi-access Edge Computing (MEC) is a novel edge computing paradigm that moves cloudbased proces... more Multi-access Edge Computing (MEC) is a novel edge computing paradigm that moves cloudbased processing and storage capabilities closer to mobile users by implementing server resources in the access nodes. MEC helps fulfill the stringent requirements of 5G and beyond networks to offer anytimeanywhere connectivity for many devices with ultra-low delay and huge bandwidths. Information-Centric Networking (ICN) is another prominent network technology that builds on a content-centric network architecture to overcome host-centric routing/operation shortcomings and to realize efficient pervasive and ubiquitous networking. It is envisaged to be employed in Future Internet including Beyond 5G (B5G) networks. The consolidation of ICN with MEC technology offers new opportunities to realize that vision and serve advanced use cases. However, various integration challenges are yet to be addressed to enable the wide-scale co-deployment of ICN with MEC in future networks. In this paper, we discuss and elaborate on ICN MEC integration to provide a comprehensive survey with a forward-looking perspective for B5G networks. In that regard, we deduce lessons learned from related works (for both 5G and B5G networks). We present ongoing standardization activities to highlight practical implications of such efforts. Moreover, we render key B5G use cases and highlight the role for ICN MEC integration for addressing their requirements. Finally, we layout research challenges and identify potential research directions. For this last contribution, we also provide a mapping of the latter to ICN integration challenges and use cases.

Research paper thumbnail of Federated Learning based Anomaly Detection as an Enabler for Securing Network and Service Management Automation in Beyond 5G Networks

2022 Joint European Conference on Networks and Communications & 6G Summit (EuCNC/6G Summit)

Network automation is a necessity in order to meet the unprecedented demand in the future network... more Network automation is a necessity in order to meet the unprecedented demand in the future networks and zero touch network architecture is proposed to cater such requirements. Closed-loop and artificial intelligence are key enablers in this proposed architecture in critical elements such as security. Apart from the arising privacy concerns, machine learning models can also face resource limitations. Federated learning is a machine learning-based technique that addresses both privacy and communication efficiency issues. Therefore, we propose a federated learning-based model incorporating the ZSM architecture for network automation. The paper also contains the simulations and results of the proposed multi-stage federated learning model that uses the UNSW-NB15 dataset.

Research paper thumbnail of Robust and Resilient Federated Learning for Securing Future Networks

2022 Joint European Conference on Networks and Communications & 6G Summit (EuCNC/6G Summit)

Machine Learning (ML) and Artificial Intelligence (AI) techniques are widely adopted in the telec... more Machine Learning (ML) and Artificial Intelligence (AI) techniques are widely adopted in the telecommunication industry, especially to automate beyond 5G networks. Federated Learning (FL) recently emerged as a distributed ML approach that enables localized model training to keep data decentralized to ensure data privacy. In this paper, we identify the applicability of FL for securing future networks and its limitations due to the vulnerability to poisoning attacks. First, we investigate the shortcomings of state-of-the-art security algorithms for FL and perform an attack to circumvent FoolsGold algorithm, which is known as one of the most promising defense techniques currently available. The attack is launched with the addition of intelligent noise at the poisonous model updates. Then we propose a more sophisticated defense strategy, a threshold-based clustering mechanism to complement FoolsGold. Moreover, we provide a comprehensive analysis of the impact of the attack scenario and the performance of the defense mechanism.

Research paper thumbnail of Demo: Blockchain-based Secured and Federated Slice Broker (SFSBroker)

NOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium

Research paper thumbnail of Blockchain-Based Network Slice Broker to Facilitate Factory-As-a-Service

IEEE Transactions on Industrial Informatics

The novel concept of Factory-as-a-Service (FaaS) allows the agility of adapting the manufacturing... more The novel concept of Factory-as-a-Service (FaaS) allows the agility of adapting the manufacturing process by identifying the industry's supply chain and user requirements. To cater to FaaS, flexibility in networking and cloud services is a must. 5G network slice broker is a third-party mediator that caters to networking resource demand from clients to the service providers. Thus, this paper introduces a secure blockchain-based network slice broker to facilitate FaaS. The proposed secure network slice broker (SNSB) provides secure, cognitive, and distributed network services for resource allocation and security service level agreement (SSLA) formation with coordination of slice managers and SSLA managers. In SNSB we introduce a federated slice selection algorithm with Stackelberg game model and Reinforcement Learning (RL) algorithm to compute the realtime and the optimal unit price and demand level. We provide an extensive implementation and performance evaluation of SNSB using the Katana slice manager and a custom SSLA manager.

Research paper thumbnail of ASEC: Anonym Signcryption Scheme Based on EC operations

International Journal of Computer Applications, 2015

Research paper thumbnail of Managing Mobile Relays for Secure E2E Connectivity of Low-Power IoT Devices

2019 16th IEEE Annual Consumer Communications & Networking Conference (CCNC), 2019

The widespread Internet of Things (IoT) ecosystems empower the deployment of various Bluetooth Lo... more The widespread Internet of Things (IoT) ecosystems empower the deployment of various Bluetooth Low Energy (BLE) sensor nodes in many ambient assisted living (AAL) type applications. Regardless of their limitations, these low-power IoT sensor nodes need pervasive and secure connections to transfer the aggregated data to the central servers located in remote clouds which will perform further processing and storing functions. The common practice is to use one or multiple dedicated gateways to assist the communication between the sensor and the cloud. This paper presents a mobile-based relay assistance solution for establishing secure end-to-end (E2E) connectivity between lowpower IoT sensors and cloud servers without using a dedicated gateway. za The prototype implementation and the described security features verify the technical readiness of the proposed solution.

Research paper thumbnail of Blockchain and Game Theory Convergence for Network Slice Brokering

Computer

As a distributed ledger technology, blockchain has received signicant attention in revolutionizi... more As a distributed ledger technology, blockchain has received signicant attention in revolutionizing telecommunication and networking domains. Besides, network slicing is a key enabling technology in 5G and a road map to the envisioned 6G, which expects to support multi-tenant and multi-operator environments. In this context, the concept of Network Slice (NS) broker has emerged as a promising business entity to facilitate dynamic resource trading between network operators or resource providers and multiple tenants. This work proposes a blockchainbased NS brokering mechanism for multi-operator and multitenant environments of the envisioned 6G networks. Our solution, the so-called SFSBroker, utilizes the Stackelberg game based approach to nd the best matching NS offered by a Resource Provider (RP) for a resource request created by a tenant. We provide a detailed implementation of the SFSBroker mechanism, which runs as a blockchain service in such a multi-operator multi-tenant platform, focusing on possible future improvements.