PI: Christian Gehrmann (LU); co-PI: Mikael Asplund (LiU)
The huge amount of cellular connected devices can be used to launch Distributed Denial of Service (DDoS) attacks which are a severe threat against telecommunication infrastructures and services. The new analytic function introduced by 3GPP in 5G, Network Data Analytics Function (NWDAF), supports anomaly detection, the first step towards DDoS blocking even if few such functions have so far been introduced. In general, relative little research work addresses next generation cellular network, machine learning, DDoS detection. In this PhD project we investigate different anomaly detection strategies with focus on resource allocation and mobility-oriented attacks as well as low-rate DDoS. The research is directed towards obtaining appropriate data for these attack classes and, in the next step, identification of appropriate machine learning detection principles for these classes. The research is built upon and extends a recently started research cooperation with Ericsson Research.
Project number: D7