Télécom SudParis est une grande école publique d'ingénieurs reconnue au meilleur niveau des sciences et technologies du numérique. La qualité de ses formations est basée sur l’excellence scientifique de son corps professoral et une pédagogie mettant l’accent sur les projets d’équipes, l’innovation de rupture et l’entreprenariat. Télécom SudParis compte 1 000 étudiantes et étudiants dont 700 élèves ingénieurs et environ de 150 doctorantes et doctorants. Télécom SudParis fait partie de l’Institut Mines-Télécom, premier groupe d’école d’ingénieurs en France, et partage son campus avec Institut Mines-Télécom Business School. Télécom SudParis est co- fondatrice de l'Institut Polytechnique de Paris (IP Paris), Institut de Sciences et Technologies à vocation mondiale avec l’École polytechnique, l’ENSTA Paris, l’ENSAE Paris et Télécom Paris.
Network and function virtualization technologies (SDN/NFV) are considered enablers to 5G slices, that is virtual and physical resources are dynamically allocated and orchestrated by a network slice broker to fulfil the needs of a tenant or a service provider. 5G slicing could be vulnerable to a number of threats across time including information leakage at design time, policy tampering at deployment stage, or application vulnerability exploitation or denial of service during runtime. At the same time, those same enablers allow slice owners to specify security policies and constraints that would apply to their slice. Such policies and constraints are negotiated with infrastructure and service providers in the form of service-level agreements (SLA). Finally, these policies are deployed automatically and evaluated continuously so as to anticipate changes. Therefore, it is needed to quantify security indicators and deploy means to continuously monitor them. The slice owner or operator would gain insights on the security level of the slice and subsequently verify the
enforcement of security policies. This ultimately ensures that security is guaranteed throughout the slice lifecycle.
The objective of the proposed work is to develop a number of indicators of security to quantify the level of security of a system in order to gain situational awareness. This will enable operators to take informed decision on the security of the slice. What is more, we would like to assess different countermeasures, not only in terms of their efficiency to thwart the detected attacks, but also in terms of their (adverse) impact to the protected slice. Therefore, the candidate will pursue the following goals:
• develop an integrated model (e.g., a digital twin) to produce security decisions based on the previously developed indicators
• quantify risks related to cybersecurity
• quantify mitigation and detection systems in a dynamic 5G slicing system
• quantify the efficiency and collateral damages of automated countermeasures
The proposed work aims at securing 5G slices and verifying that deployed policies are compliant with what was specified by the slice owner in terms of slicing and security. From the metrics collected throughout the infrastructure, we will be able to gain insights on the state of the slice, and its security level.
Thus, we propose to define a model of the slice as a digital twin in order to quantify its risks. The security policies are often expressed in a domain-specific language, and together with the aforementioned model, we (ii) propose to quantify the coverage of mitigation and detection systems – by deriving security policies from the owner’s specifications (SLAs) to the implemented dataplane configurations – with respect to expected threats, through injection against the digital twin. Finally, we will (iii) improve on existing response quantification methodologies to adapt to 5G needs, to measure the trade off between the efficiency of the response and its potential collateral damages against the slice.
Compétences, connaissances et expériences indispensables
- Experience in modelling and/or simulation
- Knowledge in modelling langages and formalisms
- Knowledge in network virtualization and security
- English written and spoken
Compétences, connaissances et expériences souhaitables