Skip to content
Home » News » RIGOUROUS Newsletter 8

RIGOUROUS Newsletter 8

    December 2024

    Pictured: RIGOUROUS at Research Night Friday
    Header: 4th Cyberhot Summer School Workshop

    Project Highlights

    With the holiday season fast approaching, it is also time for another update on project RIGOUROUS! Work has been proceeding smoothly, and the team is getting ready for a new year of research and innovation. To finish off 2024, we have a deliverable from WP5 – which is responsible for Integration, testing and validation – coming soon, which we will be showcasing in this edition of our RIGOUROUS Newsletter.

    Our Progress So Far

    Deliverable D5.2 focuses on Platform Integration and In-Lab Testing and follows up on the foundations laid out on the previous deliverable, D5.1. Whereas D5.1 focused on detailing the RIGOUROUS toolkit assets, D5.2 provides an in-depth view of how these assets are developed, deployed and integrated into a cohesive system, and outlines how the solution is to be validated through in-lab testing.

    Given that the complete toolkit is still under development, the integration activities have been divided into two phases, and right now we are focusing on the first phase, centered on a specific subset of assets, named Prototype 1. It includes components demonstrated at the EuCNC event, which was showcased in RIGOUROUS Newsletter #6, back in June.

    Prototype 1 is built upon a subset of assets from the RIGOUROUS architecture, each providing an essential feature in order to enable RIGOUROUS functionality:

    Human-Centric Privacy risk management for DevSecOps

    Aligned with the principles of privacy-first software development, the Privacy Quantifier (PQ) component is being integrated to empower individuals with control over their data. Following this human-centric design approach, the PQ provides a privacy score based on a report with privacy guidelines during software development, categorizes data into privacy-based categories, identifies security threats, and detects malicious applications. The framework aims to enhance the privacy level of applications before their deployment on OpenSlice network services.

    Onboarding Tools

    The Onboarding Tools enable users to onboard network applications in a user-friendly, human-centric manner. Once onboarded, applications become accessible in the service catalog, where users can browse and order them. Applications can also be categorized based on their security and privacy levels, with appropriate tags for easy identification. Additionally, some applications are customizable by end users — such as choosing specific encryption schemes or enforcing log redaction for auditing in PPDR scenarios — enhancing their adaptability to various use cases.

    Trust Evaluation & Enabler

    On detection of any violations, the Trust Manager analyses the logs of the affected network functions and detects the source and destination, as well as the severity, of the attack. Then, based on the severity and repetition of the attack, the trust manager generates trust scores. The Trust Manager will notify the decision engine when the trust score of a network entity is below a certain threshold, triggering it to take mitigation action.

    AI-based Orchestration

    The Security Orchestrator is in charge of deploying configuration to enablers from the application of policies. It communicates with other related components that help in the application of those configurations, such as the Intent-based Security Manager (Which is in charge of translating medium-level policies into low-level configuration messages and check if any policy creates a conflict with any other policy), or the System Model, that provides a database for storing information related to the application of configurations in the target components. It also communicates with most of the other RIGOUROUS components, in order to select a suitable configuration based on data such as trust scores, which is then sent to be applied on the target components.

    Slice Manager

    The SM is a core component of the RIGOUROUS project architecture, developed as a functional prototype to enable E2E network slicing in multi-tenant, multi-domain 5G and 6G infrastructures. Its main goal is to offer an adaptive, interoperable, and flexible network slicing solution for multi-domain 6G deployments, with a focus on isolating harmful traffic in a low-priority slice to protect legitimate users and services from cyber-attacks.

    Network Self-Protection

    The NSP is a software-based flow agent designed to provide advanced traffic classification and control within the software data path segment of 5G and beyond multi-tenant networks. This segment connects virtual networks across shared physical infrastructure, making it essential for multi-tenant environments.

    Holistic Security & Privacy Framework

    The Holistic Security and Privacy Framework (HSPF) is a Federated Learning-based framework to perform network anomaly detection over any application in cloud-native environments.

    Privacy-preserving Federated AI for Anomaly Detection

    The main functionalities/capabilities of this asset are the following:

    • Anomaly Detection capability: Using a deep autoencoder, each flow is targeted as anomalous or not based on a certain error threshold calculated in the training phase. The flow features are sent to the Attack Classification Engine if it is detected as anomalous.
    • Attack Classification capability: Each flow received by the Anomaly Detection Engine is classified as one of the known attacks from the training datasets used. If the confidence falls below a certain threshold, which can be specified in the configuration, the flow is classified as Unknown, indicating the possibility of a zero-day attack (to be assessed later by a human security administrator).
    • Standard reporting capability: For each flow detected as anomalous and classified into an attack class, the asset generates an alert containing all critical information.
    • Automatic deployment and configuration capability: Each module of the asset can be launched automatically and can be automatically configured. This allows the Security Orchestrator to seamlessly orchestrate each of them based on the infrastructure needs at any given time.

    AI-Driven Decision Making

    The AID module plays a critical role in the RIGOUROUS architecture by providing advanced threat assessment and decision-making capabilities. It acts as a central component in analyzing security threats and orchestrating response actions based on real-time risk assessments. The AID module receives threat indicators and probability metrics from external classifiers and refines this information into actionable decisions, enhancing the architecture’s capability to detect and mitigate potential security risks dynamically.

    Threat Risk Assessor

    The current version of the TRA, in prototype 1, calculates a risk score directly related to a single anomaly object that concerns a network asset containing one or more vulnerabilities – hence the corresponding CVEs. As work in progress, heuristic methods for threat risk score are being assessed. In this way the TRA would do a best effort to yield a risk score even in the absence of a CVE related to a threat.

    SOAR Solution – Resource Inventory, Security Detection & Planner

    The UWS Security, Automation, Orchestration, and Response (SOAR) asset, comprising three software components aimed at establishing a cognitive self-protection loop for 5G/6G multi-tenant network infrastructures under cyberattacks, such as botnet-driven DDoS attacks. The SOAR components have three main responsibilities: Attack Detection, Holistic Infrastructure View and E2E Path Calculation.

    Encryption as a Service (EaaS)

    Within the RIGOUROUS architecture, EaaS’ primary role is to facilitate cryptographic processes, particularly for resource-constrained devices. EaaS ensures secure communication and data confidentiality across the integrated system by providing robust encryption services. The framework enables secure communication between IoT devices, microservices, and back-end systems, and integrates with other security-focused assets.

    What happened recently

    Follow & Contact Us

    [email protected]

    https://rigourous.eu

    linkedin.com/company/6gsns-rigourous

    Tags:

    Leave a Reply