Machine Learning-based Generalizable and Efficient Cybersecurity Analysis

Feb 28, 2022, 10:00 am10:00 am



Event Description

Digital platforms worldwide face increasingly sophisticated malicious campaigns directed at them. Cyber analysts must always be on the lookout for adversarial actors. Machine learning (ML) has emerged as an effective tool for continuous cyber monitoring. In this thesis, we explore the generalizability and efficiency of ML methodologies on various digital platforms. In this seminar, we discuss the application of ML in analyzing the cyber threats in the emerging fifth-generation (5G) networks.

The core network architecture of telecommunication systems has undergone a paradigm shift in the 5G networks. 5G networks have transitioned to software-defined infrastructures, reducing their dependence on hardware-based network functions. New technologies, like network function virtualization and software-defined networking, have been incorporated in the 5G core network (5GCN) architecture to enable this transition. This has resulted in significant improvements in the networks' efficiency, performance, and robustness. However, this has also made the core network more vulnerable, as software systems are generally easier to compromise than hardware systems. We present a comprehensive security analysis framework for the 5GCN. The novelty of this approach lies in the creation and analysis of attack graphs of the software-defined and virtualized 5GCN through machine learning. This analysis points to 119 novel possible exploits in the 5GCN. We demonstrate that these potential exploits of 5GCN vulnerabilities generate five novel attacks on the 5G Authentication and Key Agreement protocol. We combine the network, protocol, and application layers to create complex attack vectors. We use these attack vectors to find four novel security loopholes in WhatsApp running on a 5G network in a case study.