Tehnički vjesnik, Vol. 31 No. 4, 2024.
Izvorni znanstveni članak
https://doi.org/10.17559/TV-20230708000792
A Slice Escape Detection Model Based on Full Flow Adaptive Detection
Zhenzhen Liu
; Information Data Department, Guangdong Power Exchange Center Co. Ltd., Guangdong 510080, China
Rui Zhou
; Information Data Department, Guangdong Power Exchange Center Co. Ltd., Guangdong 510080, China
Jingbing Chen
; A Key Laboratory of Trustworthy Distributed Computing and Service, Beijing University of Posts and Tele-communications, Beijing 100876, China
Kangqian Huang
; Information Data Department, Guangdong Power Exchange Center Co. Ltd., Guangdong 510080, China
Jingyin Huang
; Information Data Department, Guangdong Power Exchange Center Co. Ltd., Guangdong 510080, China
Binsi Cai
orcid.org/0000-0002-7084-5952
; A Key Laboratory of Trustworthy Distributed Computing and Service, Beijing University of Posts and Tele-communications, Beijing 100876, China
*
Yali Gao
; A Key Laboratory of Trustworthy Distributed Computing and Service, Beijing University of Posts and Tele-communications, Beijing 100876, China
Kaiguo Yuan
; A Key Laboratory of Trustworthy Distributed Computing and Service, Beijing University of Posts and Tele-communications, Beijing 100876, China
* Dopisni autor.
Sažetak
The 5G power trading private network increases network flexibility and lowers building costs with the aid of 5G and Access Point Name (APN) technology. However, the private network is facing a series of security problems, such as the lack of effective isolation between slices and malicious terminal damage in slices, which result in a large consumption of slice resource failures and even slice escape attacks. To solve this problem, we propose a slice escape detection model based on full flow adaptive detection. Firstly, we improve the "six-tuple" flow table features detection technology, and creatively proposed a set of "eleven-tuple" features scheme, so as to realize the adaptive detection of intra-slice and inter-slice escape attacks. Secondly, we construct a two-level detection model based on long short-term memory network and self-attention mechanism to improve detection efficiency and reduce false alarm rate. Thirdly, we design an exception handling module to handle the abnormally detected traffic. Our model has a high detection accuracy and a low false alarm rate for the slice escape assault, according to a large number of experiments on the CIC-DDoS2019 dataset, and the detection delay complies with the requirements for online detection.
Ključne riječi
long short-term memory; network slicing; slice escape
Hrčak ID:
318484
URI
Datum izdavanja:
27.6.2024.
Posjeta: 390 *