The problem of attacks on new generation network infrastructures is becoming increasingly relevant, given the widening of the attack surface of these networks resulting from the greater number of devices that will access them in the future (sensors, actuators, vehicles, household appliances, etc.). Approaches to the design of intrusion detection systems must evolve and go beyond the traditional concept of perimeter control to build on new paradigms that exploit the typical characteristics of future 5G and 6G networks, such as in-network computing and intelligent programmable data planes. The aim of this research is to propose a disruptive paradigm in which devices in a typical data plane of a future programmable network have anomaly detection capabilities and cooperate in a fully distributed fashion to act as an ML-enabled Intrusion Prevention System "embedded" into the network. The reported proof-of-concept experiments demonstrate that the proposed paradigm allows working effectively and with a good level of precision while occupying overall less CPU and RAM resources of the devices involved.
Distributing Intelligence in 6G Programmable Data Planes for Effective In-Network Intrusion Prevention
Spina M. G.;Scalzo E.;Guerriero F.;Iera A.
2025-01-01
Abstract
The problem of attacks on new generation network infrastructures is becoming increasingly relevant, given the widening of the attack surface of these networks resulting from the greater number of devices that will access them in the future (sensors, actuators, vehicles, household appliances, etc.). Approaches to the design of intrusion detection systems must evolve and go beyond the traditional concept of perimeter control to build on new paradigms that exploit the typical characteristics of future 5G and 6G networks, such as in-network computing and intelligent programmable data planes. The aim of this research is to propose a disruptive paradigm in which devices in a typical data plane of a future programmable network have anomaly detection capabilities and cooperate in a fully distributed fashion to act as an ML-enabled Intrusion Prevention System "embedded" into the network. The reported proof-of-concept experiments demonstrate that the proposed paradigm allows working effectively and with a good level of precision while occupying overall less CPU and RAM resources of the devices involved.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
