الملخص الإنجليزي
ABSTRACT :
Wireless communication technologies have evolved drastically in the past decade, with the latest evolution being the introduction of the Fifth-Generation mobile communication systems (5G). The 5G technology introduces higher data rates, ultra-low latency, high mobility, and expanded coverage. These features unlock enormous potential for Mobile Broadband user experience and Internet of Things (IoT) use cases. At the core network layer, 5G is enabled by Software Defined Networking (SDN), Network Function Virtual- ization (NFV), and cloud-native Service-Based Architecture (SBA). While billions of IoT devices are expected to connect to 5G, they are prone to various security weaknesses, mak- ing them an attractive platform for attackers to exploit and launch Distributed Denial of Service (DDoS) attacks from compromised 5G-IoT devices. Traditional DDoS mitigation mechanisms will not withstand 5G DDoS attacks due to the massive number of devices and dynamic nature of 5G. Signaling DDoS attacks triggered by a massive number of 5G-IoT devices is one type of DDoS in the 5G domain; it targets overloading 5G Core Network functions. This thesis introduces DDoS Kubernetes Scaling Solution (DKSS), a novel so- lution that utilizes the infrastructure flexibility provided by Kubernetes and Amazon Web Services (AWS) scaling in a 5G microservices architecture. The solution was demonstrated to be successful in mitigating the signaling DDoS targeting 5G Core functions with no time overhead between attack start and mitigation. In addition, the solution is highly applica- ble to real-world networks, as it utilizes Kubernetes built-in features and works within the boundaries of the 3rd Generation Partnership Project (3GPP) and microservices standard architectures.
