Security Policy to Manage Responses to DDoS Attacks on 5G Enabled IoT Devices

<p dir="ltr">In recent years, the need for high-speed, seamless connectivity has increased across various network platforms with demands coming from industries, home, mobile, transportation and office networks. The new generation network being deployed to meet such demand is the 5G infrastructure. 5G is the fifth generation of mobile networks that is a high-speed network technology with seamless connectivity of different devices in a large network area. The advantages of the new generation network technology also contribute to the security challenges in 5G, where attackers might have easy access into the network infrastructure. One of the most common threats to the security of 5G network is a Distributed Denial of Service (DDoS). The purpose of this research is to provide a comprehensive security solution for 5G technology by managing the response(s) to threats posed by DDoS attacks through the use of a policy language. There are many mitigation techniques to combat DDoS attacks, however, it is very expensive to have all possible security functions, methods, and models operational at all times. A cost effective and highly efficient security model should be flexible and reactive to any attack scenario or network circumstances when needed. Deploying a security policy language which is a reactive event-oriented resource-based policy, meets the need for a flexible, efficient, and lightweight security approach. Which was done successfully with our policy language MAPHISO. A policy in our language consists of one or more actions which are taken in response to a triggering event. Optionally, policies can also include conditions which further define the circumstances under which they are executed and further, updates to internal variable held by the policy engine as well as restriction to the implementation of the response. The policy language is reactive to different types of events and related to several conditions with multiple actions for flexibility and scalability. It takes into consideration the network architecture and management.</p>