ZSM-Based E2E Security Slice Management for DDoS Attack Protection in MEC-Enabled V2X Environments
Research on vehicle-to-everything (V2X) is attracting significant attention nowadays, driven by the recent advances in beyond-5G (B5G) networks and the multi-access edge computing (MEC) paradigm. However, the inherent heterogeneity of B5G combined with the security vulnerabilities of MEC infrastruct...
Saved in:
| Main Authors: | , , , , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2024-01-01
|
| Series: | IEEE Open Journal of Vehicular Technology |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/10465254/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1832582295830134784 |
|---|---|
| author | Rodrigo Asensio-Garriga Pol Alemany Alejandro M. Zarca Roshan Sedar Charalampos Kalalas Jordi Ortiz Ricard Vilalta Raul Munoz Antonio Skarmeta |
| author_facet | Rodrigo Asensio-Garriga Pol Alemany Alejandro M. Zarca Roshan Sedar Charalampos Kalalas Jordi Ortiz Ricard Vilalta Raul Munoz Antonio Skarmeta |
| author_sort | Rodrigo Asensio-Garriga |
| collection | DOAJ |
| description | Research on vehicle-to-everything (V2X) is attracting significant attention nowadays, driven by the recent advances in beyond-5G (B5G) networks and the multi-access edge computing (MEC) paradigm. However, the inherent heterogeneity of B5G combined with the security vulnerabilities of MEC infrastructure in dynamic V2X scenarios introduces unprecedented challenges. Efficient resource and security management in multi-domain V2X environments is vital, especially with the growing threat of distributed denial-of-service (DDoS) attacks against critical V2X services within MEC. Our approach employs the zero-touch network and service management (ZSM) standard, integrating autonomous security into end-to-end (E2E) slicing management. We consider an entire 5G network, including vehicular user equipment, radio access networks, MEC, and core components, in the presence of DDoS targeting V2X services. Our framework complies with security service-level agreements (SSLAs) and policies, autonomously deploying and interconnecting security sub-slices across domains. Security requirements are continuously monitored and, upon DDoS detection, our framework reacts with a coordinated E2E strategy. The strategy mitigates DDoS at the MEC and deploys countermeasures in neighboring domains. Performance assessment reveals effective DDoS detection and mitigation with low latency, aligned with the mission-critical nature of certain V2X services. This work is part of ETSI ZSM PoC “security SLA assurance in 5G network slices”. |
| format | Article |
| id | doaj-art-3d40c4112d1b4ee8a2073f8288c9705c |
| institution | Kabale University |
| issn | 2644-1330 |
| language | English |
| publishDate | 2024-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Open Journal of Vehicular Technology |
| spelling | doaj-art-3d40c4112d1b4ee8a2073f8288c9705c2025-01-30T00:04:26ZengIEEEIEEE Open Journal of Vehicular Technology2644-13302024-01-01548549510.1109/OJVT.2024.337544810465254ZSM-Based E2E Security Slice Management for DDoS Attack Protection in MEC-Enabled V2X EnvironmentsRodrigo Asensio-Garriga0https://orcid.org/0000-0002-9980-5866Pol Alemany1https://orcid.org/0000-0003-1170-9587Alejandro M. Zarca2https://orcid.org/0000-0003-0038-9012Roshan Sedar3https://orcid.org/0000-0003-3170-5575Charalampos Kalalas4https://orcid.org/0000-0003-2210-7768Jordi Ortiz5https://orcid.org/0000-0001-7573-6731Ricard Vilalta6https://orcid.org/0000-0003-0391-9728Raul Munoz7https://orcid.org/0000-0003-4651-4499Antonio Skarmeta8https://orcid.org/0000-0002-5525-1259Department of Information and Communications Engineering, University of Murcia, Murcia, SpainCentre Tecnològic de Telecomunicacions de Catalunya (CTTC/CERCA), Castelldefels, SpainUniversity Center of Defense at the Spanish Air Force Academy, San Javier, SpainCentre Tecnològic de Telecomunicacions de Catalunya (CTTC/CERCA), Castelldefels, SpainCentre Tecnològic de Telecomunicacions de Catalunya (CTTC/CERCA), Castelldefels, SpainUniversity Center of Defense at the Spanish Air Force Academy, San Javier, SpainCentre Tecnològic de Telecomunicacions de Catalunya (CTTC/CERCA), Castelldefels, SpainCentre Tecnològic de Telecomunicacions de Catalunya (CTTC/CERCA), Castelldefels, SpainDepartment of Information and Communications Engineering, University of Murcia, Murcia, SpainResearch on vehicle-to-everything (V2X) is attracting significant attention nowadays, driven by the recent advances in beyond-5G (B5G) networks and the multi-access edge computing (MEC) paradigm. However, the inherent heterogeneity of B5G combined with the security vulnerabilities of MEC infrastructure in dynamic V2X scenarios introduces unprecedented challenges. Efficient resource and security management in multi-domain V2X environments is vital, especially with the growing threat of distributed denial-of-service (DDoS) attacks against critical V2X services within MEC. Our approach employs the zero-touch network and service management (ZSM) standard, integrating autonomous security into end-to-end (E2E) slicing management. We consider an entire 5G network, including vehicular user equipment, radio access networks, MEC, and core components, in the presence of DDoS targeting V2X services. Our framework complies with security service-level agreements (SSLAs) and policies, autonomously deploying and interconnecting security sub-slices across domains. Security requirements are continuously monitored and, upon DDoS detection, our framework reacts with a coordinated E2E strategy. The strategy mitigates DDoS at the MEC and deploys countermeasures in neighboring domains. Performance assessment reveals effective DDoS detection and mitigation with low latency, aligned with the mission-critical nature of certain V2X services. This work is part of ETSI ZSM PoC “security SLA assurance in 5G network slices”.https://ieeexplore.ieee.org/document/10465254/Zero-touch network and service management (ZSM)beyond-5G (B5G)vehicle-to-everything (V2X)securityautomationend-to-end (E2E) network slicing |
| spellingShingle | Rodrigo Asensio-Garriga Pol Alemany Alejandro M. Zarca Roshan Sedar Charalampos Kalalas Jordi Ortiz Ricard Vilalta Raul Munoz Antonio Skarmeta ZSM-Based E2E Security Slice Management for DDoS Attack Protection in MEC-Enabled V2X Environments IEEE Open Journal of Vehicular Technology Zero-touch network and service management (ZSM) beyond-5G (B5G) vehicle-to-everything (V2X) security automation end-to-end (E2E) network slicing |
| title | ZSM-Based E2E Security Slice Management for DDoS Attack Protection in MEC-Enabled V2X Environments |
| title_full | ZSM-Based E2E Security Slice Management for DDoS Attack Protection in MEC-Enabled V2X Environments |
| title_fullStr | ZSM-Based E2E Security Slice Management for DDoS Attack Protection in MEC-Enabled V2X Environments |
| title_full_unstemmed | ZSM-Based E2E Security Slice Management for DDoS Attack Protection in MEC-Enabled V2X Environments |
| title_short | ZSM-Based E2E Security Slice Management for DDoS Attack Protection in MEC-Enabled V2X Environments |
| title_sort | zsm based e2e security slice management for ddos attack protection in mec enabled v2x environments |
| topic | Zero-touch network and service management (ZSM) beyond-5G (B5G) vehicle-to-everything (V2X) security automation end-to-end (E2E) network slicing |
| url | https://ieeexplore.ieee.org/document/10465254/ |
| work_keys_str_mv | AT rodrigoasensiogarriga zsmbasede2esecurityslicemanagementforddosattackprotectioninmecenabledv2xenvironments AT polalemany zsmbasede2esecurityslicemanagementforddosattackprotectioninmecenabledv2xenvironments AT alejandromzarca zsmbasede2esecurityslicemanagementforddosattackprotectioninmecenabledv2xenvironments AT roshansedar zsmbasede2esecurityslicemanagementforddosattackprotectioninmecenabledv2xenvironments AT charalamposkalalas zsmbasede2esecurityslicemanagementforddosattackprotectioninmecenabledv2xenvironments AT jordiortiz zsmbasede2esecurityslicemanagementforddosattackprotectioninmecenabledv2xenvironments AT ricardvilalta zsmbasede2esecurityslicemanagementforddosattackprotectioninmecenabledv2xenvironments AT raulmunoz zsmbasede2esecurityslicemanagementforddosattackprotectioninmecenabledv2xenvironments AT antonioskarmeta zsmbasede2esecurityslicemanagementforddosattackprotectioninmecenabledv2xenvironments |