Exergetic analysis of elements of thermostating systems


DOI: 10.34759/trd-2021-121-12

Аuthors

Buzhin I. G.*, Antonova V. M.**, Mironov Y. B.***, Antonova V. A.****, Korchagina A. S.*****, Kanishcheva M. G.******

Moscow Technical University of Communications And Informatics, 8a, Aviamotornaya Str., Moscow, 111024, Russia

*e-mail: i.g.buzhin@mtuci.ru
**e-mail: xarti@mail.ru
***e-mail: i.b.mironov@mtuci.ru
****e-mail: varvara_zi@mail.ru
*****e-mail: alla-97@inbox.ru
******e-mail: margo.kan@list.ru

Abstract

AdaptiveMobile has identified a vulnerability in the of the Network Slicing mechanism implementation, which could disclose information about arbitrary network segments or cause a denial of service. The vulnerability was assigned the CVD-2021-0047 number. Federal Service for Technology and Export Control (FSTEC of Russia) introduced vulnerability to the bank of threats and determined the level of danger as medium. One of the trends for this vulnerability elimination in the 6G networks is formulation of the classification principles and filtering of the 6G transport network traffic for effective application of the Network Slicing mechanism.

The basic principles of collecting, filtering and traffic classification of the data transmission network are as follows:

  • Traffic filtering and classification is based on the analysis of the header fields of the data protocol units of L2 — L4 levels;
  • Each consumer and operator data protocol unit (PDU) should be subjected to filtering and classification;
  • The filter along with the the classifier represent a combination of certain fields of the header of the L2-L4 level PDU with ranges indication of their possible values;
  • The class may include the PDU that meets the criteria of different filters. The PDU satisfying one and the same filter may correspond to different classes. In the latter case, such PDU should be copied to the storage corresponding to the different classes;
  • PDU of different classes should be stored separately in data processing and storage centers;
  • Filtering policy forming, i.e. a specific set of filters and class attributes, corresponds to the function of the SDN controller applications, which can act as external applications for the SDN transport network controller;
  • Filtering and Classification policies delivery is being performed in the in_band mode in the transport network via VPN channels;
  • Regional (border) data processing and storage centers may add filtering rules to the filters of their domain, with the permission of the main data processing and storage center,;
  • The PDU network users gathering should be performed covertly for them;
  • The network services consumers should not receive any information about the monitoring system, which includes the traffic classification and filtering system by means of their data transmission network;
  • Filtering and classification policies may be dynamically changed, if necessary, by the monitoring system administrator in each of the regions, provided that the consistency of classifiers in different regions is maintained.

The proposed principles and ways of solving the filtering and monitoring problem are aimed at eliminating the dangerous CVD-2021-0047 vulnerability.

Keywords:

Network Slicing, traffic filtering, Software Defined Networking (SDN), 6G data transmission networks

References

  1. 5G Network Slicing Security in 5G Core Networks. URL: https://info.adaptivemobile.com/5g-network-slicing-securityhs _cos_ wrapper_dnd__form-module-2
  2. Samouylov K.E., Shalimov I.A., Buzhin I.G., Mironov Y.B. Model of functioning of telecommunication equipment for software-configurated networks, Modern Information Technologies and IT-Education, 2018, vol. 14, no. 1. DOI:10.25559/SITITO.14.201801.013-026
  3. Tsvetkov V.K., Oreshkin V.I., Buzhin I.G.,. Mironov Y.B. Model of Restoration of the Communication Network Using the Technology of Software Defined Networks, 2019 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering, ELCONRUS, 2019, pp. 1559-1563. DOI: 10.1109/EIConRus.2019.8656723
  4. Buzhin I.G., Mironov Y.B. Evaluation of telecommunication equipment Delays in Software Defined Networks, Systems of Signals Generating and Processing in the Field of on Board Communications, 2019, pp. 8706825. DOI: 10.1109/SOSG.2019.8706825
  5. ONF TR-502: SDN Architecture. URL: https://www.opennetworking.org/images/stories/downloads/sdn-resources /technical-reports/TR_SDN_ARCH_1.0_06062014.pdf
  6. Metodika modelirovaniya ugroz bezopasnosti informatsii (proekt), Federal’naya sluzhba po tekhnicheskomu i eksportnomu kontrolyu (FSTEK Rossii), 2020 g. URL: https://fstec.ru/component/attachments/download/2727
  7. Kontseptsiya sozdaniya i razvitiya setei 5G/IMT-2020 v Rossiiskoi Federatsii, utverzhdena prikazom Minkomsvyazi Rossii № 923 ot 27.12.2019 g. URL: https://digital.gov.ru/uploaded/files/kontseptsiya-sozdaniya-i-razvitiya-setej-5g-imt-2020.pdf
  8. Spyros Denazis, Evangelos Haleplidis, Kostas Pentikousis, Jamal Hadi Salim. RFC 7426: Software-Defined Networking (SDN): Layers and Architecture Terminology, 2015, 35 pp. URL: https://www.researchgate.net/publication/280554784_RFC_7426_Software-Defined_Networking_SDN_Layers_and_Architecture_Terminology
  9. Technical Specification SDN Security Considerations in the Data Center. ONF Solution Brief, 2013, URL: https://opennetworking.org/wp-content/uploads/2013/05/sb-security-data-center.pdf
  10. GOST R 51275-2006. Zashchita informatsii. Ob»ekt informatizatsii. Faktory, vozdeistvuyushchie na informatsiyu, utverzhden prikazom Federal’nogo agentstva po tekhnicheskomu regulirovaniyu i metrologii (GOST R 51275 Information security. Object of informatization. Factors affecting information. General Provisions), 2006, no. 374-st. URL: https://docs.cntd.ru/document/1200057516
  11. Threat Analysis for the SDN Architecture 1.0 Technical Specification, Open Networking Foundation, 2016, URL: https://opennetworking.org/wp-content/uploads/2014/10/Threat_Analysis_for_the_SDN_Architecture.pdf
  12. Mahmoud Said Elsayed, Nhien-An Le-Khac, Soumyabrata Dev, Anca Delia Jurcut. Machine-Learning Techniques for detecting Attacks in SDN, arXiv:1910.00817v1 [cs.CR], 2 Oct 2019. URL: https://arxiv.org/pdf/1910.00817.pdf
  13. Volkov S.S., Kurochkin I.I. International Journal of Open Information Technologies, 2019, vol. 7, no. 11, pp 49-58.
  14. 3GPP, System architecture for the 5G system, 3rd Generation Partnership Project (3GPP), Technical Specification (TS) 23.501, Aug. 2020, v 16.5.1. URL: https://portal.3gpp.org/desktopmodules/Specifications/SpecificationDetails.aspx?specificationId=3144
  15. 3GPP, «Common API Framework for 3GPP northbound APIs», 3rd Generation Partnership Project (3GPP), Technical Specification (TS) 23.222, July 2020, v 17.1.0. URL: https://portal.3gpp.org/desktopmodules/Specifications/SpecificationDetails.aspx?specificationId=3337
  16. 3GPP, Architecture enhancements for 5G System (5GS) to support network data analytics services, 3rd Generation Partnership Project (3GPP), Technical Specification (TS) 23.288, July 2020, v 16.4.0. URL: https://portal.3gpp.org/desktopmodules/Specifications/SpecificationDetails.aspx?specificationId=3579
  17. Antonova V.M., Kondrashova D.A., Sukhorukova N.A. // Solloquium-journal, 2021, no. 1-1(88), pp. 57-60. DOI: 10.24412/2520-2480-2021-188-57-60
  18. Antonova V.M., Bogomolova N.E., Kuzichev D.M. Modelirovanie protsessov organizatsii soedinenii v sisteme mobil’noi svyazi pyatogo pokoleniya v srede MATLAB (Modeling of connection organization processes in the fifth-generation mobile communication system in the MATLAB environment), Moscow, MGTU im. N.E. Baumana, 2021, 48 p.
  19. Antonova V.M., Zakhir B.M., Kuznetsov N.A. Modelirovanie grafov s razlichnymi vidami dostizhimosti s pomoshch’yu yazyka Python // Informatsionnye protsessy. 2019. T. 19. № 2. C. 159-169.
  20. Kazak P.G., Shevtsov V.A. Trudy MAI, 2021, no. 118. URL: http://trudymai.ru/eng/published.php?ID=158239. DOI: 10.34759/trd-2021-118-06
  21. Borodin V.V., Petrakov A.M., Shevtsov V.A. Elektrosvyaz’, 2016, no. 11, pp. 41-45.
  22. Volkov A.S., Baskakov A.E. Trudy MAI, 2021, no. 118. http://trudymai.ru/eng/published.php?ID=158240. DOI: 10.34759/trd-2021-118-07


Download

mai.ru — informational site MAI

Copyright © 2000-2024 by MAI

 Вход