SliceScore: A Network Function Sharing Aware and Slice-Oriented DDoS Filtering Approach
Network slicing presents new opportunities for cost-effective implementations of next-generation communication networks that target diverse service requirements. Deploying vertical use cases on shared resources is the main motivation for network slicing. Recently, network function (NF) sharing has b...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2025-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/10848102/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Network slicing presents new opportunities for cost-effective implementations of next-generation communication networks that target diverse service requirements. Deploying vertical use cases on shared resources is the main motivation for network slicing. Recently, network function (NF) sharing has been proposed in the literature in order to further exploit unused resources and lower the costs for network operators. However, such optimizations through NF sharing expose new security threats and need appropriate defense mechanisms. In this paper, we describe new attack vectors that arise due to NF sharing and list some of the possible defense strategies and security precautions. Furthermore, we propose an NF sharing-aware and network slice-oriented distributed denial of service (DDoS) filtering mechanism, SliceScore, that successfully mitigates the threat of resource exhaustion. We prove by simulations that SliceScore outperforms previous filtering mechanisms, which did not focus on differences among network slices. In this regard, we encourage researchers to investigate slice-oriented approaches to improve defense mechanisms in next-generation communication networks. |
|---|---|
| ISSN: | 2169-3536 |