A Link-Layer Virtual Networking Solution for Cloud-Native Network Function Virtualisation Ecosystems: L2S-M

  • Luis F. González; Iván Vidal; Francisco Valera; Raul Martin; Dulce Artalejo
Microservices have become promising candidates for the deployment of network and vertical functions in the fifth generation of mobile networks. However, microservice platforms like Kubernetes use a flat networking approach towards the connectivity of virtualised workloads, which prevents the deployment of network functions on isolated network segments (for example, the components of an IP Telephony system or a content distribution network).

An NIDS for Known and Zero-Day Anomalies

  • Ayaz Hussain; Francesc Aguiló-Ghost; Ester Simó-Mezquita; Eva Marín-Tordera; Xavier Masip-Bruin
Rapid development in the network infrastructure has resulted in sophisticated attacks which are hard to detect using typical network intrusion detection systems (NIDS). There is a strong need for efficient NIDS to detect these known attacks along with ever-emerging zero-day exploits. Existing NIDS are more focused on detecting known attacks using supervised machine learning approaches, achieving better performance for known attacks but poor detection of unknown attacks. Many NIDS have utilized the unsupervised approach, which results in better detection of unknown anomalies.

Security in DevSecOps: Applying Tools and Machine Learning to Verification and Monitoring Steps

  • Matija Cankar; Nenad Petrović; Joao Pita Costa; Aleš Černivec; Jan Antić; Tomaž Martinčič; Dejan Štepec
Security represents one of the crucial concerns when it comes to De- vOps methodology-empowered software development and service delivery process. Considering the adoption of Infrastructure as Code (IaC), even minor flaws could potentially cause fatal consequences, especially in sensitive domains such as healthcare and maritime applications. However, most of the existing solutions tackle either Static Application Security Testing (SAST) or run-time behavior analysis distinctly.

Runtime security monitoring by an interplay between rule matching and deep learning-based anomaly detection on logs

  • Jan Antić, Joao Pita Costa, Aleš Černivec, Matija Cankar, Tomaž Martinčič, Aljaz Potocnik, Hrvoje Ratkajec, Gorka Benguria Elguezabal, Nelly Leligou, Alexandra Lakka, Ismael Torres Boigues
In the era of digital transformation the increasing vulnerability of infrastructure and applications is often tied to the lack of technical capability and the improved intelligence of the attackers. In this paper, we discuss the complementarity between static security monitoring of rule matching and an application of self-supervised machine-learning to cybersecurity. Moreover, we analyse the context and challenges of supply chain resilience and smart logistics.

Providing Secure NFV Multi Site Connectivity Services

  • Manjón Cáliz, Jose Manuel; Nogales, Borja
New FISHY poster to be presented in EuCNC & 6G Summit, Gothenburg, 06-09 June 2023

A data infrastructure for heterogeneous telemetry adaptation. Application to Netflow-based cryptojacking detection

  • Moreno-Sancho, Alejandro Antonio; Pastor, Antonio; Dominguez Martinez-Casanueva, Ignacio; González-Sánchez, Daniel; Bellido Triana, Luis
The increasing development of cryptocurrencies has brought cryptojacking as a new security threat in which attackers steal computing resources for cryptomining. The digitization of the supply chain is a potential major target for cryptojacking due to the large number of different infrastructures involved. These different infrastructures provide information sources that can be useful to detect cryptojacking, but with a wide variety of data formats and encodings. 

Incident Handling for Healthcare Organizations and Supply-Chains

  • Eftychia Lakka; George Hatzivasilis; Stylianos Karagiannis; Andreas Alexopoulos; Manos Athanatos; Sotiris Ioannidis; Manolis Chatzimpyrros; Grigoris Kalogiannis; George Spanoudakis
Healthcare ecosystems form a critical type of infrastructures that provide valuable services in today societies. However, the underlying sensitive information is also of interest of malicious entities around the globe, with the attack volume being continuously increasing.

A model of capabilities of Network Security Functions

  • Cataldo Basile; Daniele Canavese; Leonardo Regano; Ignazio Pedone; Antonio Lioy
This paper presents a formal model of the features, named security capabilities, offered by the controls used for enforcing security policies in computer networks. It has been designed to support policy refinement and policy translation and address useful, practical tasks in a vendor-independent manner. The model adopts state-of-the-art design patterns and has been designed to be extensible. The model describes the actions that the controls can perform (e.g.

BenchFaaS: Benchmarking Serverless Functions in an Edge Computing Network Testbed

  • Francisco Carpio, Marc Michalke, Admela Jukan
The serverless computing model has evolved as one of the key solutions in the cloud for fast autoscaling and capacity planning. In edge computing environments, however, the serverless model is challenged by the system heterogeneity and performance variability. In this paper, we introduce BenchFaaS, an open-source edge computing network testbed which automates the deployment and benchmarking of serverless functions.

Benchmarking Various ML Solutions in Complex Intent-Based Network Management Systems

  • Mounir Bensalem, Jasenka Dizdarevic, Admela Jukan
Intent-based networking (IBN) solutions to managing complex ICT systems have become one of the key enablers of intelligent and autonomous network management. As the number of machine learning (ML) techniques deployed in IBN increases, it becomes increasingly important to understand their expected performance.