Collaborative Research: NeTS: JUNO3: Leveraging Heterogeneous Programmable Data Planes for Security and Privacy of Cellular Networks, 5G & Beyond

合作研究：NetS：JUNO3：利用异构可编程数据平面实现蜂窝网络、5G 的安全和隐私

• 批准号: 2210380
• 负责人: Timothy Wood
• 金额: $ 22.5万
• 依托单位: George Washington University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2022
• 资助国家: 美国
• 起止时间: 2022-09-01 至 2025-08-31
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2210380&HistoricalAwards=false
• 关键词: Collaborative; Research; NeTS; JUNO3; Leveraging

Securing “5G and beyond” cellular networks is critical to support the growing traffic from mobile and IoT devices. Significant parts of the cellular network infrastructure are being implemented on software-based environments. The shift to a disaggregated, virtualized cellular core network may result in an increased attack surface and greater vulnerability. Slow attacks, which attempt to avoid notice, can be damaging as they cannot be easily detected, and generally require the memory and computational capacity of end-host security middleboxes to detect or prevent them. Likewise, attackers seeking to violate user-privacy by eavesdropping on communication, cannot be easily prevented, especially at large scale. These threats leave both cellular users and operators vulnerable to attacks. This joint US-Japan project seeks to provide strong security monitoring and privacy protection solutions that exploit the high speed of programmable switches, the increased capabilities of programmable network interface cards, and the memory/computational capacity of end-host servers. By leveraging the strengths of each of these data plane components, the project will develop an efficient and performant cellular network security solution. To achieve this goal, this joint US-Japan project will pursue technical tasks that will be collaboratively pursued by the PIs based in the US and Japan. First, the team will design a heterogeneous data plane framework that cohesively combines multiple data plane devices for network function processing. The approach will use a collaborative filtering system, where most of the traffic is processed only by high-speed programmable switches that can easily extract aggregated, coarse-grained metrics. Suspicious traffic will be redirected to programmable network interface cards, or the host as necessary, for further inspection and metrics collection. Second, the project will develop real-time monitoring of cellular traffic, leveraging the cellular core network as a key vantage point. Monitoring at the cellular core can not only effectively detect and thwart data plane-based attacks, but also those on the control plane. It is in the unique position of being able to correlate between data and control plane state to further improve upon existing approaches to detect security attacks. Finally, the project will design privacy protection mechanisms that ensure anonymity of users in the face of fingerprinting attacks. The approach will leverage traffic morphing techniques that leverage the entire range of capabilities of a multi-tier, programmable, heterogeneous data plane framework, to enable high-speed operation. The proposed techniques will have significant societal impact by providing strong threat prevention and privacy preservation for cellular network users and their traffic.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

确保“5G 及更高版本”蜂窝网络的安全对于支持移动和物联网设备不断增长的流量至关重要，蜂窝网络基础设施的重要部分正在基于软件的环境中实施。试图避免引起注意的缓慢攻击可能会造成破坏，因为它们无法轻易检测到，并且通常需要终端主机安全中间件的内存和计算能力来检测或阻止攻击者。试图违反通过窃听通信来侵犯用户隐私的行为无法轻易防止，尤其是大规模威胁，这些威胁使蜂窝用户和运营商都容易受到攻击。该美日联合项目旨在提供强大的安全监控和隐私保护解决方案，以利用高强度的信息。可编程交换机的速度、可编程网络接口卡的增强功能以​​及终端主机服务器的内存/计算能力通过利用这些数据平面组件中的每一个的优势，该项目将开发高效且高性能的蜂窝网络安全解决方案。 .为了实现这一目标为了实现这个目标，这个美日联合项目将致力于由美国和日本的 PI 共同完成的技术任务。首先，该团队将设计一个异构数据平面框架，将多个数据平面设备紧密结合起来进行网络功能处理。该方法将使用协作过滤系统，其中大部分流量仅由高速可编程交换机处理，这些交换机可以轻松提取聚合的粗粒度指标，可疑流量将被重定向到可编程网络接口卡或网络接口卡。其次，该项目将开发蜂窝流量的实时监控，利用蜂窝核心网络作为关键优势点，不仅可以有效地检测和阻止数据平面。它具有能够将数据和控制平面状态关联起来的独特地位，以进一步改进检测安全攻击的现有方法。确保用户在指纹识别时保持匿名该方法将利用流量变形技术，利用多层、可编程、异构数据平面框架的全部功能来实现高速操作，所提出的技术将通过提供强大的威胁预防和保护来产生重大的社会影响。蜂窝网络用户及其流量的隐私保护。该奖项反映了 NSF 的法定使命，并通过使用基金会的智力优点和更广泛的影响审查标准进行评估，被认为值得支持。