Building trust and security for 6G networks with DPI

Sebastian Müller portrait

by Sebastian Müller
published on: 05.12.2022

Reading time: ( words)

The age of 6G is upon us. While actual deployments are still years away, the telecoms fraternity is already rife with talks that revolve around capabilities and technologies never seen before in a wireless network. A lot of attention is also being paid to cutting-edge applications such as tactile communications, intelligent internet of medical things, connected robotics and autonomous systems1 that will be leveraging 6G to redefine our economies and life experiences.

While 6G is expected to radically transform the breadth and depth of wireless communications, many parties expect security, privacy and trust issues to weigh heavily on real-life deployments. Unlike LTE and 5G, even the smallest security incident such as temporary inaccessibility of user credentials or a short-lived, random DDoS attack can bring down an entire application. This is due to the inherent sensitivity of 6G applications to even the minutest change in speeds and latencies. With critical economic and administrative systems migrated to mobile-based communications running on microsecond latencies, the slightest impairments caused by security incidents can lead to economic and social chaos.

Network security issues in 6G are exacerbated partly by the massive explosion in the number of end points that are now linked to the Internet. The introduction of the Internet of Senses for example will require an infinite number of connected sensors to track movements, tastes, smells, sights and sounds. 6G will also build on 5G mMTC and will stretch connectivity to millions of machines and things that are part of the Internet of Everything. Attack surfaces are expanding by many folds with these additions, leading to increased points of entry into the network.

AI everywhere

Artificial intelligence (AI) is touted as one of the biggest differentiating factors between 5G and 6G. In 6G, AI becomes distributed. Network devices create and process data to acquire their own intelligence, reducing the reliance on central AI capabilities. The edge becomes the intelligent edge, and the RAN becomes the intelligent RAN, learning from their own activity logs and responses to network events. However, intelligence that is distributed becomes susceptible to manipulation when such devices or nodes fall into the wrong hands. Corrupted AI/ML models for example, can impair the entire training model in distributed AI and result in networks running off course.

Revolutionary, yet challenging

6G amalgamates a number of disparate networks. 6G SAGIN sees satellite, UAV, undersea communications and 5G/6G unified as a single network. Weak authentication policies in any one network can lead to threat actors having easy access to all other networks. Vulnerabilities also crop up from inter-network handover protocols that can be manipulated by unauthorized users.

6G also presents its share of revolutionary technologies such as blockchain, THz communications, visible light communications (VLC), molecular and quantum communications2. Some of these, for example blockchain, create robust and reliable authentication mechanisms for user access and transaction recording, and enable tampering to be detected easily. However, these technologies themselves are susceptible to security risks. Nefarious forces can intercept, spoof, flood and jam molecular communications. Similarly, THz and VLC are susceptible to eavesdropping. Blockchain security itself is limited by operational shortfalls due to its novelty. An example of this would be the lack of security audits for smart contracts and the Paid Network3 breach is a case in point.

Securing 6G networks and applications

The susceptibilities inherent in 6G introduce new vulnerabilities and attack vectors. Unfortunately, the sheer amount of data expected to flow through 6G networks would render most attacks undetectable, and this is where tools such as R&S®PACE 2 and R&S®vPACE by ipoque become indispensable. Both deep packet inspection (DPI) engines provide a 6G-ready solution by delivering unparalleled traffic processing capacity. With high throughput rates and linear scalability, the modules enable terabytes of data to be filtered and identified in real-time, with no additional latencies. This enables both engines to support a wide range of security functions such as firewalls, advanced threat detection and intrusion prevention systems (IPS). R&S®vPACE, in particular is built to cater for cloud computing environments with vectoring-ready APIs and enhanced CPU-cycles-per-packet for deployment in 6G edge and cloud networks. This enables traffic processing for demanding use cases such as mobile broadband and low latency (MBBLL), which supports applications such as multi-sensory XR.

Deploying statistical, behavioral and heuristic analyses and combining these with pattern matching and metadata extraction, R&S®PACE 2 and R&S®vPACE boast a high degree of classification accuracy – identifying thousands of applications in real time and detecting flows that are malicious, suspicious and anomalous. With a comprehensive, frequently updated signature library, network security solutions benefit from application-aware monitoring. This optimizes traffic scrutiny based on application vulnerabilities and risks to maintain ultra-low latencies and to securely deliver critical applications.

R&S®PACE 2 and R&S®vPACE also feature encrypted traffic intelligence (ETI), which combines machine learning and deep learning with high dimensional data analysis to identify traffic flows that are encrypted, obfuscated and anonymized. ETI maximizes the accuracy of traffic classification results by combining multiple ML algorithms, including k-nearest neighbors (k-NN) and decision-tree learning, as well as multiple DL layers and algorithms, including convolutional neural networks (CNN), recurrent neural networks (RNN) and long short-term memory (LSTM). This enables ETI to provide visibility into encrypted 6G applications such as collaborative robots, hyper-intelligent healthcare and Industry 5.04. With ETI, security gateways, unified threat management, SIEM and next-generation firewalls can better identify malicious and irregular traffic patterns associated with each application. ETI effectively supports 6G’s ubiquitous AI and autonomous networking by enabling continuous learning of threat patterns at any point in the network for automated, real-time security responses.

Finding the wormholes

6G’s new architecture, systems and technologies can precipitate new attack forms that operators have little experience in handling. The UAV networks for example operate without human supervision, creating the perfect avenue for adversaries to gain control of aerial vehicles and manipulate them for malicious purposes. IPS, deployed to identify traffic abnormalities associated with such threats, can be greatly enhanced with DPI. For example, the combination of advanced DPI and ETI by ipoque as well as R&S®PACE 2 and R&S®vPACE enables it to capture and analyze irregularities in traffic flows between neighboring nodes, leveraging advanced AI-based learning on the behavior of infected nodes to uncover threats such as wormhole attacks and fake information dissemination5.

Similarly, for autonomous cars, cyber-physical systems running such applications open up device and network-level vulnerabilities, including unauthorized access to the controller area network6 (CAN) and tampering of sensor data. The combination of DPI and ETI by ipoque can be used to capture anomalous traffic flows including encrypted flows between the vehicle and the application hosted at the 6G edge, based on learned patterns of communications prevalent in autonomous vehicles. Firewalls and network gateways can use the information to block DDoS and brute force attacks aimed at hacking into CAN.

Taking off with the right precautions

It will not be too long before brain-computer interactions deliver neurological information to robotic limbs and remote machines wirelessly. It will also not be too far in the future before humans start interacting with environments that are thousands of miles away via 6G-powered holographic lenses. These 6G realities are all rooted in the digital world, and as such will continue to be susceptible to security, safety and privacy challenges. R&S®PACE 2 and R&S®vPACE are built with reality in mind, with traffic inspection capabilities that can alert network security tools if the conversational bot appearing in the corner of an immersive virtual reality application is part of the program or has been planted by a hacker.


Sources

[1] https://www.researchgate.net/publication/344433382_6G_Envisioning_the_Key_Technologies_Applications_and_Challenges
[2] https://www.sciencedirect.com/science/article/pii/S2352864820302431
[3] https://www.techtarget.com/searchcio/tip/8-blockchain-security-risks-to-weigh-before-adoption
[4] https://www.researchgate.net/publication/350824205_6G_Security_Challenges_and_Potential_Solutions
[5] https://arxiv.org/ftp/arxiv/papers/2003/2003.04984.pdf
[6] https://semiengineering.com/standards-and-threat-testing-for-secure-autonomous-vehicles/

Sebastian Müller portrait

Sebastian Müller

Contact me on LinkedIn

Sebastian is a passionate DPI thought leader guiding a cross-functional team to build the networks of the future with leading traffic analytics capabilities. He has over ten years of dedicated experience in the telecom and cybersecurity domain, providing him with deep understanding of market requirements and customer needs. When he’s not at work, you can either find him on his road bike or hiking in the mountains.

Email: Seb.Mueller@rohde-schwarz.com