Moving Target Defense for the cloud/edge Telco environments

The Internet of Things (IoT) paradigm has been one of the main contributors, in recent years, to the growth in the number of connected equipment. This fact has predominantly contributed to IoT being constrained by the 5th Generation Mobile Network (5G) progress and the promises this technology brings. However, this can be a double-edged sword. On the one hand, it will benefit from those progresses, but on the other, it will also be impacted by any security risk associated with 5G. One of the more serious security problems associated with it is the new wave of virtualization and softwarization of networks and analogous appliances, brought to light by paradigms such as Network Functions Virtualization (NFV) and Multi-access Edge Computing (MEC). Considering these predicaments, we propose a state-of-the-art Moving Target Defense (MTD) approach that defends Cloud-based Network Functions (CNFs) launched within MEC and NFV environments. Furthermore, our mechanism follows the famous Everything as a Service (XaaS) ideology, allowing any CNF provider to use this protection system, working agonistically. In the end, we created a Proof of Concept (PoC) of our proposed methodology, which we then used to conduct an extensive practical security analysis against the multiple phases of the Intrusion Kill Chain. Our final results have proven that our MTD as a Service (MTDaaS) approach can effectively delay and, in some cases, stop an attacker from achieving its objectives when trying to attack a CNF, even if the related vulnerability is a zero-day.

Automated summary

The development of IoT has positively impacted 5G technology, but also faces security risks associated with it. One major security issue is the risk brought by network virtualization and softwarization. To address these problems, a Moving Target Defense approach is proposed to protect cloud-based network functions. Experimental results have shown that this approach can effectively delay and prevent attackers from achieving their objectives.