Sponsored By

5G Core

Securing 5G Networks With Deep Learning-Based Threat Detection Systems

by Blogs & Opinions
Article Image With the advent of 5G wireless services, we are at the beginning of an era where truly ubiquitous broadband connectivity will fundamentally change the way people live: from real-time augmented reality to virtual medical care, from self-driving cars roadway assistance systems to massive-scale industrial and urban automation. The whole world is awakening to the idea that 5G access will revolutionize the relationship between people, places, information and experiences more than any telecommunication technology that has preceded it, and mobile operators are first in line to harness the opportunity by deploying 5G networks as fast as they technically and financially are able to.

This new age of extremely fluid connected experiences is ushered as we speak by billions of dollars in worldwide investments. Although 4G is expected to continue dominating the global footprint until 2025, Accenture Strategy estimates that telecom operators in the US alone will invest as much as $275 billion over the next seven years. While infrastructure upgrades and footprint expansion costs will dominate the bill, the portion of dollars that will need to be allocated to ensure the security of such networks will be massively higher than with prior generations of mobile connectivity.

The hyper-connectivity brought by 5G will radically expand the number and type of cloud-connected devices, exposing mission critical use cases to a broader set of security liabilities. The global economy will fundamentally become dependent upon the availability of reliable, ubiquitous and ultra-cheap wireless broadband, and anything that can disrupt it will have the potential to create extreme social and economic instability.

The unique architecture of 5G networks -- with its inclusion of the concept of "slicing," and where all network elements and functions operate via the cloud -- makes them powerful and flexible, but also makes them more complex and expensive to protect. Their physical and logical flexibility allows for higher aggregate throughput. It also opens the door to new areas of vulnerability and classes of application-level security exploits that were not possible in older network generations. The challenges presented by the much larger vulnerability surface of these new networks, with the inevitable explosion of the number of devices riding on them, is forcing the telecommunications industry to rethink the approach of securing the 5G ecosystem while keeping the associated costs in check.

These new security challenges, ultimately tied to the sheer magnitude of data flowing through the network and the application-oriented nature of the 5G architecture, can be particularly hard and expensive to address using the traditional deterministic Deep Packet Inspection (DPI) approach, where data is systematically inspected and analyzed against malware signatures.

A new approach is emerging as a more economical and effective way to secure networks: modeling malware using Deep Learning (DL) AI techniques applied to the observation of data moving in and out of edge devices and through the network core. The rapidly decreasing cost of cloud computing, together with algorithmic breakthroughs, are now affording the ability to build very deep neural networks and train them with large sample sets. Identifying extremely detailed patterns and modeling "normal" data behaviors to spot inconsistencies and possible threats or vulnerabilities is becoming a highly effective, substantially less invasive and costly way of securing any type of network when compared to DPI.

Network security based on deep learning modeling presents significant key advantages at scale when compared to traditional DPI, such as effectiveness over encrypted traffic, resiliency to the shift to DNS over HTTPS and TLS, lower computational overhead, lower latency, reduced throughput impact, respect of privacy standards and regulatory compliance. This is because DL modeling does not require the inspection of user content to assess the safety of each payload. In fact, at the data path level, the DL approach only relies on inventorying, monitoring and analyzing the technical structures of the data flow across hundreds of protocol-level features. These features are classified and then used to build the DL models. The breadth of features that can be classified, the extremely large size of the training sets and the depth of the models results in an extremely accurate ability to detect threats while remaining far less invasive than any legacy inspection technique.

While DL-based threat detection and mitigation systems are in their early days, they already show remarkable effectiveness and clear advantages over legacy approaches. With the inevitable and rapid advancements in algorithmic modeling, computational efficiencies and data featurization techniques, this class of security solutions represent the most promising candidate to become the standard for 5G network security.

— Andrea Peiro, President, CUJO AI

5G Newsletter Sign Up


Sign Up