Cloud-Native Threat Detection and Containment for Smart Manufacturing

Softwarization facilitates the introduction of smart manufacturing applications in the industry. Manifold devices such as machine computers, Industrial IoT devices, tablets, smartphones and smart glasses are integrated into factory networks to enable shop floor digitalization and big data analysis. To handle the increasing number of devices and the resulting traffic, a flexible and scalable factory network is necessary which can be realized using softwarization technologies like Network Function Virtualization (NFV). However, the security risks increase with the increasing number of new devices, so that cyber security must also be considered in NFV-based networks. Therefore, extending our previous work, we showcase threat detection using a cloud-native NFV-driven intrusion detection system (IDS) that is integrated in our industrial-specific network services. As a result of the threat detection, the affected network service is put into quarantine via automatic network reconfiguration. We use the 5GTANGO service platform to deploy our developed network services on Kubernetes and to initiate the network reconfiguration. Our focus is on demonstrating the automatic network reconfiguration that is triggered by the IDS.

[1]  Holger Karl,et al.  Putting NFV into Reality: Physical Smart Manufacturing Testbed , 2019, 2019 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN).

[2]  Eduardo B. Fernandez,et al.  A Survey of Network Function Virtualization Security , 2018, SoutheastCon 2018.

[3]  Holger Karl,et al.  Prototyping and Demonstrating 5G Verticals: The Smart Manufacturing Case , 2019, 2019 IEEE Conference on Network Softwarization (NetSoft).

[4]  Georgios Xilouris,et al.  SHIELD: A novel NFV-based cybersecurity framework , 2017, 2017 IEEE Conference on Network Softwarization (NetSoft).

[5]  Cataldo Basile,et al.  Adding Support for Automatic Enforcement of Security Policies in NFV Networks , 2019, IEEE/ACM Transactions on Networking.

[6]  Holger Karl,et al.  Putting 5G into Production: Realizing a Smart Manufacturing Vertical Scenario , 2019, 2019 European Conference on Networks and Communications (EuCNC).

[7]  Daniel Behnke,et al.  5G as Key Technology for Networked Factories: Application of Vertical-specific Network Services for Enabling Flexible Smart Manufacturing , 2019, 2019 IEEE 17th International Conference on Industrial Informatics (INDIN).

[8]  Holger Karl,et al.  “Producing Cloud-Native”: Smart Manufacturing Use Cases on Kubernetes , 2019, 2019 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN).

[9]  Antonio Lioy,et al.  NFV-based network protection: The SHIELD approach , 2017, 2017 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN).

[10]  Wei Yang,et al.  A survey on security in network functions virtualization , 2016, 2016 IEEE NetSoft Conference and Workshops (NetSoft).

[11]  Holger Karl,et al.  NFV-driven intrusion detection for smart manufacturing , 2019, 2019 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN).

[12]  Cataldo Basile,et al.  A novel approach for integrating security policy enforcement with dynamic network virtualization , 2015, Proceedings of the 2015 1st IEEE Conference on Network Softwarization (NetSoft).

[13]  Dimosthenis Kyriazis,et al.  5Gtango: A Beyond-Mano Service Platform , 2018, 2018 European Conference on Networks and Communications (EuCNC).