Network Slicing (NS) is a key enabler to support 5G network services on‐demand. However, since NS is a result of the recent advancement in Software‐Defined Networking and Network Function Virtualization, it introduces new security issues which include attacks against an NS instance within an operator network and interslice security threats. In this scenario, identifying and mitigating attacks in real‐time is of paramount importance to improve security aspects. However, it is far from being straightforward. Therefore, this work proposes the FrameRTP4, a P4‐based framework that aims to deliver real‐time attack detection and mitigation mechanisms in 5G NS scenarios. For this, it provides a P4‐based switch that implements an Service Function Chaining protocol layer, an efficient and scalable Access Control List for the detection and mitigation of known attacks, and a monitoring system aiming to reduce the overhead induced on the control channel. Furthermore, it delivers an orchestrator that aims to control all switches in order to enable lifecycle management of NS instances and P4 table rules. Besides, it also performs some autonomous tasks such as the wildcard rules generation and the detection of new threats by using machine learning algorithms. Preliminary results point to the potential benefits of FrameRTP4 to be part of a 5G NS infrastructure.

中文翻译：

---

一种用于5G网络切片的实时攻击防御框架

网络切片 (NS) 是支持 5G 网络按需服务的关键推动因素。然而，由于 NS 是软件定义网络和网络功能虚拟化最近进步的结果，它引入了新的安全问题，包括对运营商网络内 NS 实例的攻击和切片间安全威胁。在这种情况下，实时识别和减轻攻击对于提高安全性至关重要。然而，这远非直截了当。因此，这项工作提出了 FrameRTP4，这是一个基于 P4 的框架，旨在在 5G NS 场景中提供实时攻击检测和缓解机制。为此，它提供了一个基于 P4 的交换机，该交换机实现了服务功能链协议层，用于检测和缓解已知攻击的高效且可扩展的访问控制列表，以及旨在减少控制通道上引起的开销的监控系统。此外，它提供了一个协调器，旨在控制所有交换机，以启用 NS 实例和 P4 表规则的生命周期管理。此外，它还通过使用机器学习算法执行一些自主任务，例如通配符规则生成和新威胁检测。初步结果表明 FrameRTP4 作为 5G NS 基础设施的一部分的潜在好处。它还执行一些自主任务，例如通配符规则生成和使用机器学习算法检测新威胁。初步结果表明 FrameRTP4 作为 5G NS 基础设施的一部分的潜在好处。它还执行一些自主任务，例如通配符规则生成和使用机器学习算法检测新威胁。初步结果表明 FrameRTP4 作为 5G NS 基础设施的一部分的潜在好处。