TECHNICAL FIELD

This disclosure relates to methods, apparatuses, computer programs, carriers and computer program products. More particularly but non-exclusively, the disclosure relates to detecting an attack on a communications network, using a collaborative security process.

BACKGROUND

A communications network with distributed nodes may be subject to a variety of attacks such as zero-day attacks, Denial of Service (DoS) attacks and jamming attacks (amongst others). In zero-day attacks, unpatched vulnerabilities in a communications network are exploited to cause damage, steal data or otherwise disrupt the communications network. In a DoS attack, an attacker disrupts services provided over a communications network by rendering the services unavailable. In a jamming attack, compromised nodes deliberately cause interference in a network in order to block legitimate communication. Attack prevention and detection in a communications network comprising large numbers of nodes is an ongoing area of research.

In the paper entitled: “Multi-stage Jamming Attacks Detection using Deep Learning Combined with Kernelized Support Vector Machine in 5G Cloud Radio Access Networks”, IEEE Conference, 2020, the authors proposed an anomaly detection system based on deep learning and support vector machine learning algorithms to detect jamming attacks targeting the Cloud-Radio Access Network (C-RAN). The anomaly detection system is activated at baseband unit (BBU) level.

In the papers: “A Network Intrusion Detection Approach at the Edge of Fog”, IEEE Conference, 2021 , and “Attacks detection and decision framework based on generative adversarial network approach: Case of vehicular edge computing network”, Wiley Journal, 2020, the authors focus on protecting the edge computing and 5G core network from external attacks that aim to target the Radio Access Network (RAN) with the goal of penetrating the edge and core networks. They developed Al security solutions to detect and respond against network attacks (such as botnet and DDoS); where the attacks detection and response actions are performed at edge/fog nodes.

SUMMARY

As described above, the prevention of zero-day, DoS and jamming attacks in distributed networks is an ongoing area of interest. In the paper “Multi-stage Jamming Attacks Detection using Deep Learning Combined with Kernelized Support Vector Machine in 5G Cloud Radio Access Networks”, IEEE Conference, 2020, described in the Background, the detection system exhibits a high attack detection rate, however, a high computation overhead (i.e. , high latency) is generated by the proposed heavy learning algorithms during the learning and detection process to respectively determine the learning models and detect a jamming attack.

The proposed methods in the papers “A Network Intrusion Detection Approach at the Edge of Fog”, IEEE Conference, 2021 and “Attacks detection and decision framework based on generative adversarial network approach: Case of vehicular edge computing network”, Wiley Journal, 2020 described above in the background describe centralizing the Al security processes (i.e., attacks detection and response) at the edge/fog node which could degrade the network quality of service (i.e. , increase on the latency). Furthermore, attackers can focus on hacking the edge/fog node which can lead to an untrusted network.

In the literature, there are various trust-based collaborative Intrusion Detection Systems (IDS), see papers entitled: ’’Robust and scalable trust management for collaborative intrusion detection”, IEEE International Symposium on Integrated Network Management, 2009; “FACID: A trust-based collaborative decision framework for intrusion detection networks”, AdHoC, 2016; and “A Collaborative DDoS Defence Framework Using Network Function Virtualization”, IEEE Transactions on Information Forensics and Security, 2017).

The goal of these collaborative attack detection frameworks is to create a collaborative IDS environment to detect/prevent internal/external attacks, and also to assign trust levels to the monitoring IDS agents. However, there are various weaknesses of these collaborative detection frameworks. For example, a suspected IDS agent is removed directly (e.g., pushed to the blacklist) when it exhibits a malicious behavior, or its trust level is below a certain dynamic threshold. However, this approach is heavy-handed as the IDS agent could switch from malicious behavior to a normal behavior (even if its trust level is very low) and stay permanently (or in a long period) executing a normal behavior. By removing this suspected IDS, the false positive rate will increase and this rate will increase specifically when the number of suspected IDSs increases.

The collaborative detection/reaction process that the collaborative IDS frameworks (cited above) rely on is based on the fact that when an IDS agent suspects the occurrence of a zero-day attack or/and detects weak signals (that could allow a detection of a zero-day attack by carrying out more monitoring and detection), this IDS launches a collaborative detection/reaction process. However, in some cases local detection is sufficient to detect a zero-day attack. Thus, by executing a collaborative detection/reaction process, computation and communication overheads related to the IDS agents increase.

In addition, when the IDS determines new attack features it launches a cooperative reaction process with its neighboring IDS agents to exchange with them the relevant attack’s features. However, the IDS has no idea if the exchanged/broadcasted new attack’s features have already been determined by other IDS agents or not, and also which kind of attack features could be relevant for zero-day attacks detection by the neighborhood IDSs. Therefore, a high communication overhead can be generated by IDS agents that detect new attack features.

Itis an object of the disclosure herein is to enable an improved security process for use in a distributed communications network.

Thus, according to a first aspect herein there is a method performed by a second node in a communications network as part of a collaborative security process between the second node and a first node in the communications network. The collaborative security process is for detecting an attack on the communications network. The method comprises: i) determining a measure of effectiveness for the first node that indicates how effective the first node is at detecting attacks on the communications network; and ii) instructing the first node to switch between a first method of attack detection and a second method of attack detection depending on the measure of effectiveness.

According to a second aspect there is a method performed by a first node in a communications network as part of a collaborative security process between a second node and the first node in the communications network. The collaborative security process is for detecting an attack on the communications network. The method comprises using a first method of attack detection to detect a suspected attack performed by a first user equipment being monitored by the first node; sending a first message to the second node in the communications network, the first message comprising features relating to a suspected attack detected by the first node; and in response to the first message, receiving an instruction from the second node to switch from the first method of attack detection to a second method of attack detection.

According to a third aspect there is a second node in a communications network, for use as part of a collaborative security process between the second node and a first node in the communications network. The collaborative security process is for detecting an attack on the communications network. The second node comprises: a memory comprising instruction data representing a set of instructions; and a processor configured to communicate with the memory and to execute the set of instructions, wherein the set of instructions, when executed by the processor, cause the second node to: i) determine a measure of effectiveness for the first node that indicates how effective the first node is at detecting attacks on the communications network; and ii) instruct the first node to switch between a first method of attack detection and a second method of attack detection depending on the measure of effectiveness.

According to a fourth aspect there is a second node in a communications network, for use as part of a collaborative security process between the second node and a first node in the communications network. The collaborative security process is for detecting an attack on the communications network. The second node is configured to: i) determine a measure of effectiveness for the first node that indicates how effective the first node is at detecting attacks on the communications network; and ii) instruct the first node to switch between a first method of attack detection and a second method of attack detection depending on the measure of effectiveness.

According to a fifth aspect there is a first node in a communications network, for use as part of a collaborative security process between a second node and the first node in the communications network. The collaborative security process is for detecting an attack on the communications network. The first node comprising: a memory comprising instruction data representing a set of instructions; and a processor configured to communicate with the memory and to execute the set of instructions. The set of instructions, when executed by the processor, cause the first node to: use a first method of attack detection to detect a suspected attack performed by a first user equipment being monitored by the first node; send a first message to the second node in the communications network, the first message comprising features relating to a suspected attack detected by the first node; and in response to the first message, receive an instruction from the second node to switch from the first method of attack detection to a second method of attack detection.

According to a sixth aspect there is a first node in a communications network, for use as part of a collaborative security process between the first node and a second node in the communications network. The collaborative security process is for detecting an attack on the communications network. The first node is configured to: use a first method of attack detection to detect a suspected attack performed by a first user equipment being monitored by the first node; send a first message to the second node in the communications network, the first message comprising features relating to a suspected attack detected by the first node; and in response to the first message, receive an instruction from the second node to switch from the first method of attack detection to a second method of attack detection.

According to a seventh aspect there is a computer program comprising instructions which, when executed on at least one processor, cause the at least one processor to carry out the method of the first or second aspects. According to an eight aspect there is a carrier containing a computer program according to the seventh aspect, wherein the carrier comprises one of an electronic signal, optical signal, radio signal or computer readable storage medium.

According to a ninth aspect there is a computer program product comprising non transitory computer readable media having stored thereon a computer program according to the seventh aspect.

Thus, described herein are apparatuses and methods that can be used to secure distributed wireless networks operating collaborative security processes. The security frameworks herein request the security agents (e.g., operating on respective first or subsequent nodes) to execute/change their actions according to the effectiveness with which they detect attacks, e.g. request the security agent to switch its detection technique from signature based to machine learning based detection (to detect more attacks), or switching from security agent to an ordinary node (in case when the effectiveness is very low), etc... In this way, the actions of security agents oscillate over time with a goal to have at the end enough trusted and collaborative security agents that provide a high attacks detection and low false positive rates against the external attacks and malicious security agents. Thus, herein there is provided a lightweight and accurate Al security framework for distributed networks.

BRIEF DESCRIPTION OF THE DRAWINGS

For a better understanding and to show more clearly how embodiments herein may be carried into effect, reference will now be made, by way of example only, to the accompanying drawings, in which:

Fig. 1 illustrates an example method performed by a second node in some embodiments herein;

Fig. 2 illustrates an example method performed by a first node in some embodiments herein;

Fig. 3 illustrates an example collaborative security method according to some embodiments herein;

Fig. 4 illustrates an example collaborative security method according to some embodiments herein;

Fig. 5 shows a signal diagram;

Fig. 6 shows an example collaborative security method according to some embodiments herein;

Fig. 7 shows an example second node according to some embodiments herein; Fig. 8 shows an example first node according to some embodiments herein;

Fig. 9 shows an example carrier according to some embodiments herein; and Fig. 10 shows an example computer program according to some embodiments herein.

DETAILED DESCRIPTION

The disclosure herein relates to methods and apparatuses for use in a collaborative security process for detecting an attack on a communications network. A communications network or telecommunications network may comprise any one, or any combination of: a wired link (e.g. ASDL) or a wireless link such as Global System for Mobile Communications (GSM), Wideband Code Division Multiple Access (WCDMA), Long Term Evolution (LTE), New Radio (NR), WiFi, Bluetooth or future wireless technologies. The skilled person will appreciate that these are merely examples and that a communications network may comprise other types of links. A wireless network may be configured to operate according to specific standards or other types of predefined rules or procedures. Thus, a wireless network may implement communication standards, such as Global System for Mobile Communications (GSM), Universal Mobile Telecommunications System (UMTS), Long Term Evolution (LTE), and/or other suitable 2G, 3G, 4G, 5G, or future standards such as 6G; wireless local area network (WLAN) standards, such as the IEEE 802.11 standards; and/or any other appropriate wireless communication standard, such as the Worldwide Interoperability for Microwave Access (WiMax), Bluetooth, Z-Wave and/or ZigBee standards.

The disclosure herein relates to distributed and collaborative security process in communications networks whereby a collective of nodes in the network work together and share information to identify malicious nodes in the collective and thus prevent attacks. The collaborative security processes described herein are generally performed by two types of security agents. An agent may be any program or process (executed on a respective node) that monitors a specific target, such as another node, or user device, for the purpose of detecting an attack performed by the target. A security agent may be a software/program (e.g. embedded in a hardware component) to monitor and detect attackers. Herein, there are two types of security agents, referred to as first line of defence (FLD) agents and second line of defence (SLD) agents.

The FLD and SLD agents operate on nodes in the network. As used herein, the first line of defence (FLD) agent operates on what is referred to herein as a first node and the second (SLD) agent operates on what is referred to herein as a second node 301. It is noted that the terms first node and FLD may be used interchangeably herein. Also, the terms second node and SLD may also be used interchangeably.

FLD agents may for example, be executed at lower nodes. For example, the first node may be e.g., at Radio Unit (RU), Distributed Unit (DU) for instance. SLD agents may be executed at an upper node. For example, the second node 301 may be e.g., at Central Unit (CU) or edge server for instance. It is noted that the Al security framework described herein may also be run in a M EC network, where the first node could be at BBU level and the second node 301 could be an edge server.

Generally, the second node 301 (or the SLD agent operating thereon) coordinates a collaborative security process performed by a plurality of FLD agents operating on a plurality of nodes in the communications network. The second node 301 may generally, for example, gather data on suspected attacks detected by the FLD agents; independently verify the suspected attacks and/or initiate one or more actions in response to a detected attack. The second node 301 may be used to enact security policies in the communications network.

Fig. 1 shows a method 100 performed by a second node 301 in a communications network as part of a collaborative security process between the second node 301 and a first node 303 in the communications network, according to some embodiments herein. The collaborative security process is for detecting an attack on the communications network. Briefly, in a first step 102 the method 100 comprises: determining a measure of effectiveness for the first node that indicates how effective the first node 303 is at detecting attacks on the communications network. In a second step 104, the method comprises: instructing the first node 303 to switch between a first method of attack detection and a second method of attack detection depending on the measure of effectiveness.

As described in more detail below, different methods of attack detection have different levels of computational overhead for the first and second nodes, as well as different overheads on the network. The measure of effectiveness may be based on factors such as the reliability (or robustness) of the first node 303 at detecting attacks on the communications network, and/or the computational overhead associated with identifying or verifying a suspected attack on the communications network. As such, the method 100 may be used to robustly select an appropriate attack detection method for a node in a proactive manner, in real-time, dependent on the particular network conditions.

In more detail, as noted above, the second node 301 may be an upper node. For example, the second node 301 may be e.g., a central unit (CU), or a Core Access and Mobility Management Function (AMF). The first node may be a Radio Unit (RU), distributed unit (DU) or BBU. The first node may be a wireless device such as a user device (e.g. phone, tablet, or other equipment).

The first node may be one of a plurality of nodes operating FLD agents in a similar manner to the first node. The second node 301 may monitor the plurality of nodes and perform the method 100 in an iterative manner for each of the plurality of nodes. In some embodiments, the method 100 may be repeated in a continuous (or near continuous manner) for each node in the plurality of nodes, so as to maintain an appropriate attack detection method for each of the plurality of nodes. In other embodiments, the method 100 may be performed in response to a trigger. As noted below, a trigger may, for example, be receipt of a message from the first node reporting a suspected attack detected by the first node.

The first node 303, the second node 301 and the plurality of nodes (where applicable) may perform the collaborative security process in order to identify attacks on the communications network. The suspected attacks describe herein may be performed by user devices (e.g. Internet of Things (loT) devices; mobile phones, laptops, tablet computers, loT sensors, for example). A user device may perform an attack on a security agent (e.g. a security agent operating on the first or second node, or the FLD or SLD agents) with the goal of leading the infected/hacked security agent to act as a malicious agent. Thus, a node of the plurality of nodes in the collaborative security process may turn malicious if it has been attacked/hacked by an outside agent (e.g. person, hacker or malicious computer program). A malicious node may perform attacks, for example, such as zero-day, DoS or jamming attacks, as described above.

In step 102, the method 100 comprises determining a measure of effectiveness for the first node that indicates how effective the first node is at detecting attacks on the communications network. In other words, step 102 may comprise calculating (or updating) a value of an effectiveness parameter for the first node.

Generally, the measure of effectiveness (or effectiveness parameter) may be a parameter related to the robustness of attack detections made by the first node, the computational efficiency associated with making said attack detections, and/or the robustness with which the first node can detect zero-day attacks.

As an example, the measure of effectiveness may be an effectiveness parameter related to the reputation or robustness of the first node at detecting attacks. In some embodiments, the measure of effectiveness is based on the reputation level (RL) of the first node for correctly identifying attacks on the communications network. For example, the measure of effectiveness may be a weighted combination of the number of attacks correctly detected by the first node and the number of attacks incorrectly detected by the first node.

In some embodiments, step 102 may comprise determining or computing a robustness level of the first node (or the FLD agent on the first node) at detecting attacks. In other words, the Robustness Level (RL) of the first node may be set according to the detection quality that the first node provides.

As an example, the second node 301 may confirm or verify attack detections made by the first node 303. If the second node verifies that a detected attack is real, then the first node’s effectiveness (e.g RL) is increased, otherwise it is decreased. In addition, the RL of the first node, where the FLD is activated is evaluated, and can increase and decrease depending on the normal and malicious behaviors of the monitored first node by the second node.

Thus, in some embodiments, the method 100 may further comprise the second node 301 verifying an attack identification made by the first node 303. For example, the first node may send, in a first message, features (e.g. parameter values, or signatures) relating to a suspected attack to the second node for verification. The second node 301 may receive the first message from the first node 303, the first message comprising the features related to the suspected attack detected by the first node. The second node may then verify whether the suspected attack is a real attack, using the received features, and in response to receiving the first message, perform (or repeat) steps i) and ii), using the output of the step of verifying to determine the measure of effectiveness.

In embodiments where the measure of effectiveness is a reputation level (RL), RL may be determined according to the following formula: and R~ are defined respectively as good and bad reputations, respectively; where = ^NflDi and R~ = ^{NpLDl + NTaraetl} . Here N _FLDi ⁺ and N _FLDi ~ are respectively the numbers of NFLD ^N FLD correct and false detections provided by FLD i and confirmed by SLD, N _Targeti ~ is the number of times that SLD detects the target node (where FLD i is activated) as malicious and N _FLD is the number of FLD agents that interact with SLD. a _± and a _± e]0, l]are weights parameters.

The weights parameters may be configurable and set by a security expert (e.g. a Configuration Manager or System Engineer) according to the security requirements of the communications network. E.g., the weights may be set dependent on the relative priorities of factors such as: having a security system that exhibits a high detection rate, or having a security system that exhibits a low false positive rate.

It will be appreciated that this is merely one example way in which reputation may be calculated and that a variety of other measures may equally be used.

In other embodiments, the measure of effectiveness may be a weighted combination of the efficiency and computational overhead of the first node at detecting attacks. For example, the measure of effectiveness may be a weighted combination of the number of attacks correctly detected by the first node, the number of attacks incorrectly detected by the first node, a measure of the computational overhead associated with the first node detecting the suspected attack and/or the computational overhead associated with the second node performing the step of verifying whether the suspected attack is a real attack.

In other embodiments, the measure of effectiveness may be a weighted combination of the number of attacks detected by the first node and the number of zero-day attacks detected by the first node. As described above, a zero-day attack is a new type of attack exploiting a previously unknown, or known but unpatched vulnerability.

Before the occurrence of a zero-day attack, the attacker exhibits a specific behaviour defined as a weak signal. For instance, before an execution of zero-day attack launched by a malicious device, the attacker performs an investigation to determine which target (e.g. which node in the plurality of nodes in the collaborative security process) is to be hacked, with the goal of not being detected by the security agent(s) in the collaborative security process. This investigation operation corresponds to the weak signal. With the help of attacks detection system based on ML algorithms, the weak signal of the zero-day attack is detected and hence the zero-day attack is detected.

Put another way, a weak signal is a traffic pattern caused by a malicious device when determining which node in the collaborative security process to attack or hack in order to perform a zero-day attack. The aim is to select a node that can be hacked with the lowest likelihood of detection by a security agent.

Thus, if the measure of effectiveness is calculated based on the number of zero-day attacks (correctly) predicted by the first node, or the number of weak signal detections, this measure may be used to estimate the ability of the first node at detecting zero-day attacks. Zero-day attacks may be better detected through collaborative attack detection methods where information on weak signals can be shared between a plurality of nodes. However, this increases the signal overhead associated with the sensing. Thus, as described below, the methods herein allow the attack detection method to be switched between collaborative sensing and local sensing methods dependent on the effectiveness of the individual node at detecting weak signals/zero-day attacks locally compared to the computational overhead associated with detecting weak signals/ zero-day attacks in a collaborative manner.

Thus, in some embodiments, the measure of effectiveness is an Efficiency Level (EL) related to the first node (or more generally, the lower security agent /). As an example, EL may be computed as follows:

Where D Attack s D weak-signal ’ D Attack arid D weak-signal are respectively the attacks detection, weak signal detection, false attack (i.e, false positive and false negative) detection and false weak signal (i.e, false positive and false negative) detection rates. O is the proportion of information (related to the new attack or weak signal detections) that is shared by security agent i with its neighboring security agents as part of the collaborative security process (in cases when the collaboration process is launched). O is equal to 1 (100%) when all features(information) related to this new attack or weak signal are shared and O is equal to 0, if there is no shared information. O' _R is the required computation overhead that the security agent i requires for the local new attack detection and O' _E is the estimated computation overhead computed by the upper security agent for the local new attack detection (by its lower security agent i). N _Attack and Nweak-signai ^are respectively the number of attacks and weak signals detections by the security agent i.

Turning back to Fig. 1 , in step 104, the method comprises: (ii) instructing the first node to switch between a first method of attack detection and a second method of attack detection depending on the measure of effectiveness.

Thus, once the measure of effectiveness has been calculated or determined for the first node, (which may, for example be one of the parameters RL or EL above), an appropriate attack detection method is then chosen for the first node.

For example, step 104 may comprise the second node 301 instructing the first node to switch between a signature-based attack method and a machine-learning based method. In other words, the first method of attack detection may be a signature-based attack detection method, and the second method of attack detection may be a machine learning (ML)-based attack detection method.

Signature-based attack methods may comprise a set of rules, such as a plurality of if-then statements, that are used by the first node to monitor traffic from other node(s) in the plurality of nodes, in order to determine whether the monitored node(s) are performing an attack. As an example, a rule may comprise a threshold number of packets, above which a node may be classed as performing an attack. The skilled person will be familiar with signature-based attack detection methods, further examples of which are given in the paper by Hichem Sedjelmaci, Sidi-Mohammed Senouci, & Mohammed Feham entitled: “Intrusion detection framework of cluster-based wireless sensor network” . ISCC 2012: 857- 861.

ML-based attack detection methods use one or more models that have been trained using machine learning processes to identify attacks. The skilled person will be familiar with the use of ML models to identify attacks. For example, a ML model, such as a neural network may be trained to take as input a set of features comprising measured parameters, or other data emanating from a node or monitored device, and output an indication of whether the node is performing an attack or not.

As an example, a binary machine learning model, based on a lightweight Support Vector Machine (SVM) learning algorithm may be used to classify a node as performing an attack (e.g. malicious) or non-malicious. An example SVM is described in the paper: “Multiclass and Binary SVM Classification: Implications for Training and Classification Users”, IEEE Geoscience and Remote Sensing Letter, 2008. This is merely an example, however and the skilled person will appreciate that many different types of ML-based attack detection methods are also possible.

Signature-based attack detection methods typically have lower computational overhead than ML-based attack methods. Signature-based attack methods may have less sensitivity e.g. be less accurate at detecting attacks compared to ML-based attack methods. In other words, a signature-based method may have a lower computational overhead and/or a lower detection sensitivity than a machine-learning based attack detection method.

In step 104, different actions may be taken depending on the calculated measure of effectiveness (e.g. depending on the value of RL or EL).

For example, step ii) may comprise: instructing the first node to switch from the first method of attack detection to the second method of attack detection if the measure of effectiveness falls below a first threshold. For example if the measure of effectiveness is RL, the second node 301 may suspect the first node of carrying out a malicious action if it provides a couple of false detection and the RL for the first node falls below a first threshold. In this scenario, the second node 301 may request the first node to switch from a signature (e.g. rules)-based detection attack method to a machine learning detection method in order to detect more attacks.

In some embodiments, the method 100 may further comprise removing the first node from the communication network; or deactivating a first security agent on the first node, if the measure of effectiveness falls below a second threshold. For example, if the RL measure falls below a second threshold the decision may be taken to deactivate the security agent on the first node and thus remove it from the collaborative security process. If the RL value falls further, below a third threshold, then the first node may be deactivated completely (e.g. removed from the communications network).

Mitigation actions may be defined that describe/indicate the action that should be taken depending on the ca I cu I ated/d etermined measure of effectiveness. For example, if the measure of effectiveness is the RL, then the following mitigation actions may be defined:

In this way, the action taken is proportionate to the effectiveness or reliability of the first node in the collaborative security process. When the second node 301 performs the method 100 on each of the plurality of nodes operating in the collaborative security process, e.g. monitoring and changing the attack detection methods and manner in which each node collaborates in the collaborative security process, this results in a trusted collaboration whereby each node operates and contributes to the security process according to its reliability.

It will be appreciated that the first, second and third thresholds may be dynamic. For example, the method may comprise reducing the first threshold, the second threshold and/or the third threshold if the first node has a detection rate below a first threshold detection rate. As another example the method may comprise increasing the first threshold, the second threshold and/or the third threshold if the first node has a computational overhead above a first threshold computational overhead. As another example, the method may comprise increasing the first threshold, the second threshold and/or the third threshold if the first node has a level of false positive detections above a false positive detection threshold and/or computational power below a threshold computational power.

In other embodiments, in step 104, the method 100 may comprise the second node 301 instructing the first node to switch between a local method of attack detection and a collaborative method of attack detection. In this sense, a local method of attack detection is one performed by the first node in isolation and a collaborative attack detection method is one performed by the first node in coordination with one or more other nodes (e.g. from the plurality of nodes in the collaborative security process). In other words, the first attack detection method may be a local attack detection method performed by the first node, and the second method of attack detection may be a collaborative attack detection method, performed by the first node in collaboration with one or more other nodes

Local attack detection methods have low network overhead as the detections are made by the first node without needing to send information to any other node. In collaborative attack detection methods, information is sent between different nodes to decide collectively whether a node is exhibiting malicious behaviour. Local attack detection methods thus result in lower latency compared to collaborative attack detection methods. However, collaborative attack detection methods can be better at detecting weak signals associated with zero-day attacks as a plurality of nodes can share their data on the weak signal in order to come to a decision.

Thus, in some embodiments, to decrease the communication and computation overheads, while still reacting efficiently against suspected attacks or/and suspected weak- signals (which may be used to detect zero-day attacks, i.e., attack prediction) an updated and appropriated hybrid (i.e., local or collaborative) reaction strategy may be selected for the first node. Here, the second node 301 (e.g the upper security agent or SLD) requests the first node (e.g. the lower security agent or FLD) to execute the appropriate reaction strategy according to the effectiveness of the first node at detecting weak signals (e.g. zero-day attacks) locally and the computational overhead associated with an alternative, collaborative approach to attack detection.

For example, if the measure of effectiveness EL is above a fourth threshold and/or the number of positive weak signal detections is higher than the false-positive weak signal detections, then step 104 of the method 100 may comprise the second node 301 instructing the first node to perform a local attack detection method. This would be appropriate as the first node is already doing a good job at detecting weak signals associated with zero-day attacks and thus the computational overhead associated with collaborative processes is not necessary.

If the measure of effectiveness (e.g. EL) is above a fifth threshold, the fifth threshold being lower than the fourth threshold, then step 104 of the method 100 may comprise the second node 301 instructing the first node to perform a collaborative attack detection method.

Where the measure of effectiveness is the parameter EL described above, a local or collaborative attack detection method may be chosen depending on a set of rules, such as the following:

Strateg 1: Local attacks reaction (e. g. switch from ML based to signature based) ag ainst detected attack, EL > 0.8 and L)^~ _A ^ _ack » D Attack

Strategy2\ Collborative attacks detection is launched, where the second node selects the cooperative lower security agents,

EL > 0.7 and D weak-signal » D weak-signal

Strategy 3: Local zero day attack detection,

EL > 0.7 and D weak-signal D weak-signal tt d O > 0.6

Strategy 4: Local attack detection,

O' _R

EL > 0.7 and D Attack » E Attack ttnd < 0.4 U E

Strategy 5: Collaborative zero day attack detection,

EL < 0.6 and D Weak-signal D weak-signal nd O < 0.6

Strategy N

In strategy 1 , the second node instructs the first node to switch from signature-based detection to ML to reduce the computation overhead. When this condition is reached the signature-based detection can accurately detect the attacker (and thus the additional overhead of ML is not needed). D ⁺ _Attack » D~ _Attack means the attack detection rate is higher than the false attack (i.e, false positive and false negative) detection rate. Thus, the signature based strategy is working well. Strategy 2 is launched when strategy 1 (local attacks reaction) is insufficient to provide an accurate detection against, for instance, zero -day attacks. In this scenario, collaborative attack detection is used to allow for better detection of weak signals indicative of a zero-day attack (as described above).

Strategy 3 is activated when the security agent requires only a local monitoring and detection (i.e. , cooperative detection is no needed) to detect accurately the zero-day attack.

Strategy 4 is activated when the security agent notice that a lightweight detection technique (without any collaboration with other security agents) is sufficient to detect the attack.

Strategy 5 is activated when the security agent determines that a collaborative detection between its neighbors security agents is required to detect accurately the zero day attack.

In this way, the second node (e.g the upper security agent) can determine over time appropriate dynamic and hybrid reaction strategies for the security agent /, depending on ELi and the parameters. 0

— ; (described above) where the goal is to react efficiently against the known and unknown ⁰ E

(zero-day) attacks, taking into account the issues of computation and communication overheads.

It will be appreciated that this sequence of thresholds is merely an example and other strategies may be set according to the requires of the system. The strategies may be configurable, for example, by an Engineer. Furthermore, other implementations are also possible. For example, the numerical values of the thresholds may be determined so as to satisfy a trade-off between detection, false positive and false negative rates. The combination of parameters and thresholds may be set so as to enable determination of the best (or optimal) strategy (local, collaborative, signature based, ML based). This could be performed by the agent to ensure this trade-off. E.g. the agent may perform an optimization process to select a strategy that optimizes accuracy and overhead.

Generally, the method 100 may comprise instructing 104 the first node to switch between a first method of attack detection comprising a local method of attack detection and a second method of attack detection comprising a collaborative attack detection method if: the measure of effectiveness indicates the first node is correctly identifying zero-day attacks below a first zero-day attack detection threshold; or the overhead associated with the collaborative attack detection method is below a threshold overhead or threshold overhead ratio. As described above, the first zero-day attack detection threshold may be based on a comparison of D ⁺ _Wea k-signai and D weak-signal- ^For example, the first zero-day attack detection threshold may be a threshold ratio of D ⁺ _Weak-signal /D~ _Weak-signal .

0 R

The threshold overhead may for example be based on the ratio For 0 E

0 R example, if is greater than a threshold overhead ratio then this may indicate that a 0 E collaborative attack detection method should be used in preference to a local attack o detection method. Whereas if — is less than the threshold overhead ratio then this may indicate that a collaborative attack detection method should be used in preference to a local attack detection method.

Thus, herein, there is described a security framework in a collaborative security system operating on a second node that requests security agents in the collaborative security system (e.g., FLD and SLD) to execute/change its actions according to the number of suspected attacks detected by the respective security agent and its computed Robustness Level (RL), e.g. request the security agent to switch its detection technique from signature based to machine learning based detection (to detect more attacks), or switching from security agent to an ordinary node (in case when the RL is very low), etc... Therefore, the actions of security agents oscillate over time with a goal to have at the end enough trusted and collaborative security agents that provide a high attacks detection and low false positive rates against the external attacks and malicious security agents.

Turning now to Fig. 2, there is a method 200 performed by a first node in a communications network as part of a collaborative security process between a second node 301 and the first node in the communications network. The first node performs corresponding operations to the second node 301 as described with respect to Fig. 1 and the method 100.

Briefly, the collaborative security process is for detecting an attack on the communications network. The method 200 comprises in a first step 202 using a first method of attack detection to detect a suspected attack performed by a first user equipment being monitored by the first node. In a second step 204, the method comprises sending a first message to the second node 301 in the communications network, the first message comprising features relating to a suspected attack detected by the first node. In a third step 206, the method then comprises, receiving an instruction from the second node 301 to switch from the first method of attack detection to a second method of attack detection.

In step 202, a first method of attack detection may be, for example, a local or collaborative method of attack detection, as described above with respect to the method 100. The first method of attack detection may be a signature-based attack detection method or a machine learning-based attack detection method, as described above with respect to the method 100.

Step 202 may comprise collecting features (e.g. parameter values or other data) about another node in the collaborative security process or a user device monitored by the first node and using the first method of attack detection on the features to determine whether the other node is performing a suspected attack.

In step 204, the features are sent to the second node 301, along with any other information about the suspected attack. The second node 301 may then verify whether the suspected attack is a real attack, and perform the method 100 as described above, for the first node. As part of the method 100, the second node 301 may determine to switch the method of attack detection of the first node, as described above with respect to the method 100. In this case, from the perspective of the first node, in step 206, the first node receives an instruction from the second node 301 to change the method of attack detection. The first node then changes its method of attack detection accordingly. The skilled person will appreciate that many of the details described above with respect to the method 100 apply equally to the method 200.

Turning now to Fig. 3 which shows an example embodiment according to a method herein. In this embodiment, there is a second node 301 , a first node 303 and another node 305. Nodes 301 ; 303; 305 operate a collaborative security process orchestrated by the second node 301.

In this embodiment, the second node 301 runs a SLD security agent 302 comprising a data monitoring module 302a, a Reinforcement Learning-based detection 302b and a Response and mitigation actions component 302c.

In this embodiment, the first node 303 runs a FLD agent 304 comprising a data monitoring module 304a, a rule-based attack detection engine 304b and a binary machine learning based detection module 304c. The other node 305 (and any subsequent FLD nodes involved in the collaborative security process) may have its own FLD agent (306) similar to that illustrated for the first node 303.

It will be appreciated that the modules illustrated for the first and second nodes are merely examples and that other combinations of modules that perform similar functionality are also possible to those illustrated herein.

The proposed Al security framework is thus made up of two hierarchical security agents, FLDs 304; 306 and a SLD 302 that cooperatively focus to monitor, detect, and react against internal and external attacks. The main strength of the Al security framework in Fig. 1 is the flexibility of security agent deployments, e.g., the following configurations are possible: (1) FLDs 304; 306 and SLD 302 could be deployed respectively at DUs and CU, (2) FLDs 304; 306 and SLD 302 could be deployed respectively in RUs and DU, (3) FLDs 304; 306 and SLD 302 could be deployed respectively at BBUs and edge server.

The FLD agent 304 on the first node 303 monitors loT devices (e.g. UEs) located within its range, using its Data Monitoring module 304a. This monitors the behavior of the loT devices in its range by determining the values of monitored features.

Here, there may be two kind of features: (1) Extracted features, corresponding to the features that are extracted from the captured packets, for example, IP addresses, the protocol types (TCP, UDP, etc...), time to leave, jitter, etc... (2) Computed features, corresponding to the features that the FLD security agents 304; 306 compute when monitoring the target loT nodes, for example, packets dropping and packets sending rates and number of altered packets to detect DoS/Botnet attacks, and signal strength intensity to detect jamming attack. Afterward, these features are sent to Rules-based attacks detection component 304b for the detection process. This detection component executes a set of detection rules (defined by a security expert) to verify if the monitored loT device is malicious or not. In case when the malicious loT device is detected, the FLD agent 304 sends an Alert message 307 (which includes the identity of malicious devices, the features of rule that are used to detect the attack, detection time) to SLD 302 for further detection.

As noted above, the SLD agent 302 on the second node 301 is equipped with three security components: Data monitoring 302a, Reinforcement learning-based detection 302b, and Response and Mitigation actions components 302c. Data monitoring 302a focuses on computing and extracting relevant features from the lower monitored node (e.g, DU if SLD is activated at CU, RU if SLD is activated at DU or BBU if SLD is activated at edge server); in addition Data monitoring extracts the relevant features from the Alert message 307 send by FLD. These computed and extracted features are send to the Reinforcement learning-based detection component 302b which verifies whether the features should be classed as part of an attack and/or predicts appropriate actions that should be taken e.g. the reinforcement learning module may predict which method of attack prediction should be used by the first node 303. Any updates to the models used by the first node 303 are sent back to the first node 303 in response message 308. If the reinforcement learning module predicts that the first node 303 should switch from its current method of attack detection to a different (e.g. second) method of attack detection then this may be sent in a mitigation message 309.

In this embodiment, the reinforcement learning algorithm is a semiunsupervised algorithm, where the detection component in the training phase builds the training models. There may be three training models: Normal, DoS/Botnet and Jamming training models. It is noted that other attacks training models could be added; where new attacks’ features related to each attack training model should be defined. To obtain accurate training models, in the beginning of training phase, the cyber security expert feeds the detection component with Normal, DoS/Botnet and Jamming training models; afterward these training models will be updated depends on the attacks detected at FLD and SLD levels, i.e. , without the human intervention (the data are not labeled by human expert). In the detection phase, the detection component categorizes its target (e.g., RU, DU or BBU) according to the current training models into Normal, DoS/Botnet or Jamming attacks.

The main strength of using a reinforcement learning algorithm in module 302b is that it can correct its training models when a false detection is provided by SLD. This is illustrated in Fig. 4 which shows how the second node 301 (and the SLD 302 thereon) can interact with a Security Information Management System (SIEM) 402 to update its models and the models used by the first node 303. Here, when SLD 302 detects a new attack that FLD 304 has never detected before, the SLD 302 sends a Correction message 406 (that includes the information related to the attack training model used to detect this new attack) to the Security Information Management System (SIEM) 402 that collects all the Correction messages 406 from SLD 302 (and any other SLDs operating in the communication system) and uses a robust supervised deep learning algorithm handled by the security experts. The SIEM periodically updates in message 404 the models on the SLD 302. The message 404 may be an online update comprising new normal, DoS/Botnet and/or Jamming models. In cases where the SIEM does not agree with a attack detection provided by SLD, the SIEM also sends 408 back to the related SLD new training models to update the SLD’s training models during the training phase as shown in Fig. 4. The SIEM 402 may also send a message 410 to the first node 303 to update the detection methods used by the ML model(s) and/or detection rules of any signature based detection methods used by the first node 303. This process allows reinforcement of the training at SLD level, correct detection and detection of new attacks (e.g. zero-day attack). For more detail on appropriate reinforcement learning and deep learning algorithms may be found, in the papers: “Reinforcement learning model, algorithms and its application”, IEEE International Conference on Mechatronic Science, Electric Engineering and Computer (MEC), 2011 ; and “Review of Deep Learning Algorithms and Architectures”, IEEE Access, 2019.

In the detection phase, SLD agent 302 carries out a further detection on the malicious loT devices detected by FLD agent 304 by running the detection process of the reinforcement learning algorithm, and uses as inputs the information extracted from the Alert message send by FLD. In this embodiment, the Response and mitigation actions component 302c performs step 102 of the method 100 described above and evaluates the Robustness Level (RL) of FLD 304 according to the detection that FLD 304 provides, i.e., in case when SLD 302 confirms the detection of FLD 304, the FLD’s RL is increased, otherwise it will be decreased. In addition, the RL of the FLD 304, where the FLD is activated is evaluated, and could increase and decrease depending on the normal and malicious behaviors of the monitored node by SLD. The RL is computed at SLD as shown in Eq. (1).

⁺ and R~ are defined respectively as good and bad reputations, respectively; where R ⁺ = ^N FLDi ⁺ . _D - ^N FLDi + Nrargeti ₊

- and K = - . Here N _FLDi and N _FLDi are respectively the numbers NFLD ^N FLD of correct and false detections provided by FLD / and confirmed by SLD, N _Tar g _et is the number of times that SLD detects the target node (where FLD / is activated) as malicious and N _FLD is the number of FLD agents that interact with SLD. e]0, l]are the weights parameters, as described above with respect to Fig. 100 and step 102.

Step 104 of the method 100 is then performed by the Response and mitigation actions module 302c, which, based on the determined value of RL, determines whether the FLD 304 on the first node 303 should change its method of attack detection. If it determines that the method of attack detection should be changed, then module 302c instructs the first node 303 to switch accordingly.

Generally, the SLD 302 will perform the method 100 in an iterative manner, e.g. in response to different alerts 307 raised by the FLD 304. In some embodiments, the module 302c may select an action based on the as shown in Eq. (2) below, depending on the computed RL related to FLD i (and the node where FLD i is activated). As shown in Eq. (2), In Mitigation action 1, SLD suspects FLD has carried out a malicious action, since it has provided a couple of false detection. In this case SLD requests FLD to switch from signatures(rules)-based detection to binary machine learning detection to detect more attacks. Here, the binary machine learning is based on a lightweight Support Vector Machine (SVM) learning algorithm, as described above. This algorithm is a supervised one, where the cyber experts feed periodically the algorithm with binary training models (i.e., normal and attacker models) during the training process. In case when RL of FLD i is above to 0.8, the detection process switches from machine learningbased detection to signatures-based detection and all the relevant features determined by the SVM algorithm is forwarded to signatures database as illustrated in Figure 1. In Mitigation action 2, the FLD i is categorized by SLD as agent that could be infected by the attackers; and all the detections that FLD i send (Alert message) to SLD is ignored by this latter during the decision-making. However, when RL of FLD i increases to 0.6, the SLD consider the detections of FLD i , during the decision-making. In Mitigation action 3, the target i is detected by SLD as malicious and this target device is removed from the network. In Mitigation action 4, FLD i is totally deactivated from the target /. It is noted that, all the thresholds that are defined in Eq .(2) could be updated by the cyber security experts depend on the level of security (i.e., high detection and low false positive rates)that the experts would like to achieve and network constraints ( such as computation overhead, data storage, bandwidth for instance) that should be considered. In the following, some examples of implementation:

In the first case: security agent (e.g., FLD) generates a high false positive and this FLD is activated in a node that has a constraint of communication and computation overheads. To avoid more computation overhead (only signature-based detection technique is activated) and communication overhead (reducing the amount of relevant information exchanged between the security agents) by FLD and avoid generation of high false positive, the trust level thresholds are increased.

In the second case: security agent (e.g., FLD) generate a low detection rate. To improve the accuracy of detection, the trust level thresholds are decreased.

In the third case: the security agents provide a high accuracy attacks detection; however, high computation overheads are generated by the security agents. To reduce further the computation overheads, the trust level thresholds related to these security agents are increased and hence the detection techniques of these agents switch from machine learning based detection to lightweight signature-based detection. The response action corresponds to the Response message 308 that is send by SLD 302 to FLD 304, this message includes the new information (new features) of attacks that are detected by the SLD 302. The goal here is to update signatures database (when rules-based attacks detection is activated) or features database (when binary machine learning-based detection is activated).

These mitigation actions are illustrated in Fig. 5. which shows a possible escalating response to a FLD agent 304 in the event that the RL of the FLD agent 304 decreases over time. In this example, FLD 304 sends a message 502 to SLD 302 indicating a suspected attack. SLD agent 302 performs the method 100 and determines a measure of effectiveness of the FLD 304, based on whether the suspected attack in message 502 is verified as a real attack or not. In this example, in response to the suspected attack, SLD sends message 504 and instructs 104 the first node 303 to switch from its current method of attack detection to a second method of attack detection which in this example is a binary machine learning based detection method. FLD 304 detects another suspected attack and sends message 506 to SLD 302. If this is not verified by SLD 302 then the RL of FLD 304 is decreased further and SLD 304 sends message 508 instructing FLD 304 to switch from an attack detection method to an idle mode. If the RL of FLD 304 decreases further, e.g. if response to an attack detection reported in message 510, then the SD 302 may instruct FLD 304 in message 512 to deactivate entirely.

Thus, this example demonstrates how the method 100 may be performed in an iterative manner, whereby the parameter RL is re-calculated in response to each suspected attack detection made by FLD 304 and used to set the method of attack detection used by FLD 304.

In other embodiments, as described above, the parameter EL might be used as the measure of effectiveness in the method 100. For example, to decrease the communication and computation overheads; and react efficiently against suspected attacks or/and suspected weak-signals (possibility indicative of a zero-day attack, i.e., attack prediction) an updated and appropriated hybrid (i.e., local or collaborative) reaction strategies are adopted by the distributed security agents (e.g., FLD and SLD). Here, the upper security agent (e.g., SLD) requests its lower security agent (e.g., FLD) to execute the appropriate reaction strategy. The upper security agent computes a Efficiency Level (EL) related to its lower security agent i . EL is computed as shown in Eq. (3) respectively th© attacks detection, weak signal detection, false attack (i.e, false positive and false negative) detection and false weak signal (i.e, false positive and false negative) detection rates. O is the proportion of information (related to the new attack or weak signal detections) that is shared by security agent i with its neighboring security agents as part of the collaborative security process (in cases when the collaboration process is launched). O is equal to 1 (100%) when all features(information) related to this new attack or weak signal are shared and O is equal to 0, if there is no shared information. O' _R is the required computation overhead that the security agent i requires for the local new attack detection and O' _E is the estimated computation overhead computed by the upper security agent for the local new attack detection (by its lower security agent i). N _At tack and Nweak-signai are respectively the number of attacks and weak signals detections by the security agent i.

As shown in Eq. (4), there may be different dynamic reaction strategies requested by the upper security agent to its low security agent / depending the computed ELj. r Strategy 1: Local attacks reaction (e. g. switch from ML based to signature — based) against detected attack, EL 0.8 and L) Attack » Attack

Strategy!: Coolborative curity agent selects

EL > 0 0.6

< _ O'

Strategy 4: Local attack detection, EL > 0.7 and D ⁺ Attack » D Attack ^an d ~r < 0-4 ° E Strate

EL < 0.6 0.6

I Strategy N

(4)

From Eq. (4) the upper security agent determines over time other dynamic and hybrid reaction strategies for the security agent /, depending on ELt and the following parameters: the goal is to react efficiently against the known and unknown (zero-day) attacks taken into account the issues of computation and communication overheads. To better provide an accurate and efficient reaction strategies against the detected attacks (and weak signals), the reinforcement learning algorithm could be used by the upper security agent to determine what is the right reaction strategy that should request to its lower security agent. Here, the main relevant features used by the reinforcement learning algorithm for reaction strategies determination are: ELi and RL _t , and the following parameters:

Turning now to other embodiments, it is noted that the SLD agent and the respective node (e.g., DU, CU or edge server for instance) where this agent is activated could be a subject of cyber-attacks, as illustrated by the attacker 602 in Fig. 6. Therefore, in some embodiments, the distributed FLD agents 304; 306 monitor the behaviour of SLD 302 (e.g., DU, CU or edge server for instance) and the response and mitigation actions send by the SLD, as illustrated in Fig. 6. In this case when a FLD agent i detects that its upper node exhibits for instance DoS/Botnet attack or/and the Response message that SLD sends to FLD is suspect (i.e. , the FLD find that out the features that are extracted from the Response message dot not allow the detection of new attack at FLD level, on the contrary the use of these features could lead the FLD on providing a false detection) a reaction is raised by FLD agent i. Among the attacks detection mechanisms that could be used to detect the network attacks such as DoS and Botnet, and malicious security agents, we cite:

The distributed hierarchal attacks detection and prevention mechanism based on Generative Adversarial Network (GAN) algorithm, such as that described in: “Multi-stage Jamming Attacks Detection using Deep Learning Combined with Kernelized Support Vector Machine in 5G Cloud Radio Access Networks”, IEEE Conference, 2020.; where the FLD could play the role of generator and SLD could play the role of discriminator. The main detection/p revention goal of this mechanism is to detect the malicious security agent and prevent the occurrence of DoS attack.

The cooperative attacks detection mechanism to secure the edge servers form the DoS and botnet attacks described in: “A Network Intrusion Detection Approach at the Edge of Fog”, IEEE Conference, 2021. This mechanism could be based on hybrid attacks detection (i.e., combining between the signature-based detection and anomaly-based detection techniques) to detect with a high accuracy the zero-day DoS and botnet attacks.

Hierarchical machine learning algorithms based on deep learning and support vector machine learning algorithms to detect the cooperative external attacks targeting the wireless communications (e.g. between UE and GnodeB, and between UE and edge server) “Attacks detection and decision framework based on generative adversarial network approach: Case of vehicular edge computing network”, Wiley Journal, 2020. Here, FLD i informs the other FLD agents about this detected misbehavior at the upper node or/and at SLD level; by sending Warning message 604 (that includes the attack’s features related to detected attack, the infected upper node or/and infected SLD agent, and detection time) as shown in Fig. 6. It is noted that, it is assumed that the lower nodes 303; 305 (e.g, Dlls if SLD is activated at CU, RUs if SLD is activated at DU or BBUs if SLD is activated at edge server) where the FLDs 304; 306 are activated can communicate between each other via a secure wired network using Transport Layer Security (TLS) protocol. When FLD i receives the Warning messages from more than two FLD agents, the FLD i activates its binary machine learning-based detection (in case when this technique is not active) to verify the malicious behaviors of the upper node or/and SLD agent; and in case when the FLD i confirms the malicious behavior(s), it in turn sends the Warning message 606 to other FLD agents. The distributed FLD agents execute Vote mechanism 304d for the final decision making toward the suspected upper node or/and SLD agent. This mechanism could involve the number of times where the FLD agents suspect the upper node or/and SLD agent as malicious over the total number of FLD agents. When this ratio is high (e.g. over 50% of FLDs suspect misbehaviors at the upper node or/and SLD agent level), one of FLD agents take the role of SLD and the remaining FLDs interact with this new elected FLD as SLD agent. The election of FLD i as a new SLD agent depends on the TL of FLD, i.e. , the FLD that has a high TL is elected as new SLD agent. It is noted that, each FLD i has TLs of the other FLD agents since the SLD agent broadcasts (before suspension as a malicious agent) the computed TL related to each FLD agent to all FLD agents within network.

There are various advantages to the methods 100 and 200 described above which may be summarized as follows:

As described in the Background and Summary sections, current distributed and cooperative attacks detection, response and mitigation frameworks exhibit certain drawbacks which are: (i) the direct ejection of suspected security agent (e.g., pushed it to a blacklist) could increase the false positive and false negative rates. And (ii) the reaction strategies are based on a static/rigid data (no updated data for new attacks reactions), while the reactions are executed with partial relevant knowledge sharing (e.g., without having the knowledge if the cooperative monitoring/detection could be accurate against the zero-day attack as compared to the local monitoring/detection), which could impact the reaction efficiency (e.g., this is the right suspected zero-day attack that should be blacklisted) and an increase on the computation and communication overheads (e.g., only a local monitoring detection is sufficient to detect the zero-day attack). To address these security and network issues, thanks to the computed Robustness Level (RL) and Efficiency Level (EL), we force the security agents (e.g., FLD and SLD) to perform correct detections and allow the security agents to adopt an appropriate hybrid (i.e., local or/and collaborative) and updated reaction strategies.

Centralizing the Al security process in one node (e.g. at CU, edge server) will introduce single-point of failure security issues in the system. This could exhibit two drawbacks: (i) Security drawback: The attackers use all their capabilities to launch the attacks against this Hot point (e.g. CU, edge server) and hence the Al security process will be infected, which leads to unsecured network, (ii) Network drawback: Centralize al the security process could incur a high computation overhead and hence the attack response’s time and end-to-end latency will be increased. To address these security and network drawbacks, the proposed Al security framework relies on a Secure, Distributed and Collaborative attacks Detection, Response and Mitigation approaches that aims to ensure a tradeoff between high level of security (i.e., high detection rate and low false positive rate) and lower network cost (i.e., low computation overhead).

These security and network drawbacks are addressed thanks to the proposed Trusted Defense Load Balancing:

-Lightened the attacks detection process. Here the detection techniques executed by the security agents depend on the number of suspected attacks and the trust levels of security agents. For instance, the SLD requests the FLD to switch from the lightweight detection technique (such as signature-based detection) to machine learning based detection in case when the number of detected attacks (occurred in the in the neighborhood of FLD) by SLD agent is high or/and the trust level of FLD is low. Furthermore, it is not wise to execute in a permanent way an attack detection technique based on a heavy detection algorithm (such as deep learning) since the attacker does not exhibit their new misbehaviors all the time (e.g., zero-day attack); thereby in some cases the lightweight detection technique is sufficient for the know attacks detection.

-Ensuring a high level of security by executing the defense actions (detection, response and mitigation) in wireless network (e.g. Cloud-RAN, MEC network), while considering the network constraint (such as computation and communication overheads).

- FLDs and SLDs could be infected by attacker and provide false detections. However, it is not wise to remove directly the FLD or SLD agents when it exhibits a malicious behavior (or its trust level is below a certain threshold) as proposed by the current cyber defense frameworks since they could switch from malicious behaviors to normal/legitimate behaviors. However, the goal of this IvD is to give the chance of suspected security agents to switch from suspect behaviors to normal/legitimate behaviors, by forcing these security agents to change their actions/roles depend on the number of suspected attacks (occur within the neighborhood of agents) and their trust levels. As results the detection against the external attacks and malicious security agents is reinforced, i.e., increase of accuracy attacks detection rate.

-Hybrid (collaborative or/and local) attacks detection, response and mitigation actions are executed between the security agents (e.g., FLD agents and SLD agent) to detect the attacks accurately and react promptly and efficiently against the detected attacks. This hybrid security processes are executed in a vertical way (between FLDs and SLD) and horizontally way (between FLDs, in case when SLD is suspected as malicious).

Turning now to other embodiments, in some embodiments there is a second node 301 for use as part of a collaborative security process between the second node and a first node 303 in the communications network, wherein the collaborative security process is for detecting an attack on the communications network, as illustrated in Fig. 7. The second node 301 is configured (e.g. adapted, operative, or programmed) to perform the method 100 described above.

The second node 301 comprises a memory 704 comprising instruction data representing a set of instructions 706. The second node 301 further comprises a processor configured to communicate with the memory and to execute the set of instructions. The set of instructions, when executed by the processor, cause the second node to: i) determine a measure of effectiveness for the first node 303 that indicates how effective the first node 303 is at detecting attacks on the communications network; and ii) instruct the first node 303 to switch between a first method of attack detection and a second method of attack detection depending on the measure of effectiveness.

Determining a measure of effectiveness was described in detail above with respect to step 104 of the method 100 and the detail therein will be understood equally to the second node 301. Instructing the first node 303 to switch between a first method of attack detection and a second method of attack detection depending on the measure of effectiveness was described in detail above with respect to step 104 of the method 100 and the detail therein will be understood equally to the second node 301.

The second node 301 herein comprises a processor (e.g. processing circuitry or logic) 702. The processor 702 may control the operation of the second node 301 in the manner described herein. The processor 702 can comprise one or more processors, processing units, multi-core processors or modules that are configured or programmed to control the second node 301 in the manner described herein. In particular implementations, the processor 702 can comprise a plurality of computer programs and/or hardware modules that are each configured to perform, or are for performing, individual or multiple steps of the functionality of the second node 301 as described herein.

The second node 301 comprises a memory 704. In some embodiments, the memory 704 of the second node 301 can be configured to store a computer program 706 with program code or instructions that can be executed by the processor 702 of the second node 301 to perform the functionality described herein. Alternatively, or in addition, the memory 704 can be configured to store any requests, resources, information, data, signals, or similar that are described herein. The processor 702 may be configured to control the memory 704 to store any requests, resources, information, data, signals, or similar that are described herein.

It will be appreciated that the second node 301 may comprise one or more virtual machines running different software and/or processes. The second node 301 may therefore comprise one or more servers, switches and/or storage devices and/or may comprise cloud computing infrastructure or infrastructure configured to perform in a distributed manner, that runs the software and/or processes.

It will be appreciated that the second node 301 may comprise other components in addition or alternatively to those indicated in Fig. 7. For example, in some embodiments, the second node 301 may comprise a communications interface. A communications interface may be for use in communicating with other apparatuses e.g. via a communications network, (e.g. such as other physical or virtual computing nodes). For example, the communications interface may be configured to transmit to and/or receive from nodes or network functions requests, resources, information, data, signals, or similar. The processor 702 may be configured to control such a communications interface to make/receive such transmissions.

Generally, the second node 301 may be implemented in any node/network device of a communications network. For example, the second node 301 may comprise any component or network function (e.g. any hardware or software) in a communications network suitable for performing the functions described herein. Examples of nodes include but are not limited to core network functions such as, for example, core network functions in a Fifth Generation Core network (5GC). It is realized that the second node 301 may be included as a node/device in any future network, such as a future 3GPP (3 ^rd Generation Partnership Project) sixth generation communication network, irrespective of whether the second node 301 would there be placed in a core network or outside of the core network.

In some embodiments there is a first node 303 for use as part of a collaborative security process between the second node and a first node in the communications network, wherein the collaborative security process is for detecting an attack on the communications network, as illustrated in Fig. 8. The first node 303 is configured (e.g. adapted, operative, or programmed) to perform the method 200 described above.

The first node 303 comprises a memory 804 comprising instruction data representing a set of instructions 806. The first node 303 further comprises a processor 802 configured to communicate with the memory 804 and to execute the set of instructions. The set of instructions, when executed by the processor, cause the first node to: use a first method of attack detection to detect a suspected attack performed by a first user equipment being monitored by the first node; send a first message to the second node in the communications network, the first message comprising features relating to a suspected attack detected by the first node; and in response to the first message, receive an instruction from the second node to switch from the first method of attack detection to a second method of attack detection.

Using a first method of attack detection to detect a suspected attack performed by a first user equipment being monitored by the first node, was described in detail above with respect to step 202 of the method 200 and the detail therein will be understood equally to the first node 303. Sending a first message to the second node in the communications network, the first message comprising features relating to a suspected attack detected by the first node was described in detail above with respect to step 204 of the method 200 and the detail therein will be understood equally to the first node 303. Receiving an instruction from the second node to switch from the first method of attack detection to a second method of attack detection was described in detail above with respect to step 206 of the method 200 and the detail therein will be understood equally to the first node 303.

The first node 303 herein comprises a processor (e.g. processing circuitry or logic) 802. The processor 802 may control the operation of the first node 303 in the manner described herein. The processor 802 can comprise one or more processors, processing units, multi-core processors or modules that are configured or programmed to control the first node 303 in the manner described herein. In particular implementations, the processor 802 can comprise a plurality of computer programs and/or hardware modules that are each configured to perform, or are for performing, individual or multiple steps of the functionality of the first node 303 as described herein.

The first node 303 comprises a memory 804. In some embodiments, the memory 804 of the first node 303 can be configured to store a computer program 806 with program code or instructions that can be executed by the processor 802 of the first node 303 to perform the functionality described herein. Alternatively, or in addition, the memory 804 can be configured to store any requests, resources, information, data, signals, or similar that are described herein. The processor 802 may be configured to control the memory 804 to store any requests, resources, information, data, signals, or similar that are described herein.

It will be appreciated that the first node 303 may comprise one or more virtual machines running different software and/or processes. The first node 303 may therefore comprise one or more servers, switches and/or storage devices and/or may comprise cloud computing infrastructure or infrastructure configured to perform in a distributed manner, that runs the software and/or processes. It will be appreciated that the first node 303 may comprise other components in addition or alternatively to those indicated in Fig. 8. For example, in some embodiments, the first node 303 may comprise a communications interface. A communications interface may be for use in communicating with other apparatuses e.g. via a communications network, (e.g. such as other physical or virtual computing nodes). For example, the communications interface may be configured to transmit to and/or receive from nodes or network functions requests, resources, information, data, signals, or similar. The processor 802 may be configured to control such a communications interface to make/receive such transmissions.

Generally, the first node 303 may be implemented in any node/network device of a communications network. For example, the first node 303 may comprise any component or network function (e.g. any hardware or software) in a communications network suitable for performing the functions described herein. Examples of nodes include but are not limited to core network functions such as, for example, core network functions in a Fifth Generation Core network (5GC). It is realized that the first node 303 may be included as a node/device in any future network, such as a future 3GPP (3 ^rd Generation Partnership Project) sixth generation communication network, irrespective of whether the first node 303 would there be placed in a core network or outside of the core network.

Turning now to other embodiments, there is also provided a computer program product comprising a computer readable medium, the computer readable medium having computer readable code embodied therein, the computer readable code being configured such that, on execution by a suitable computer or processor, the computer or processor is caused to perform the method or methods described herein.

Thus, it will be appreciated that the disclosure also applies to computer programs, particularly computer programs on or in a carrier, adapted to put embodiments into practice. The program may be in the form of a source code, an object code, a code intermediate source and an object code such as in a partially compiled form, or in any other form suitable for use in the implementation of the method according to the embodiments described herein.

It will also be appreciated that such a program may have many different architectural designs. For example, a program code implementing the functionality of the method or system may be sub-divided into one or more sub-routines. Many different ways of distributing the functionality among these sub-routines will be apparent to the skilled person. The sub-routines may be stored together in one executable file to form a self-contained program. Such an executable file may comprise computer-executable instructions, for example, processor instructions and/or interpreter instructions (e.g. Java interpreter instructions). Alternatively, one or more or all of the sub-routines may be stored in at least one external library file and linked with a main program either statically or dynamically, e.g. at run-time. The main program contains at least one call to at least one of the sub-routines. The sub-routines may also comprise function calls to each other.

Fig. 9 shows a carrier 900 containing a computer program 706;808. A carrier may be an electronic signal, optical signal, radio signal or computer readable storage medium.

The carrier of a computer program may be any entity or device capable of carrying the program. For example, the carrier may be or include a computer readable storage medium, such as a ROM, for example, a CD ROM or a semiconductor ROM, or a magnetic recording medium, for example, a hard disk. Furthermore, the carrier may be a transmissible carrier such as an electric or optical signal, which may be conveyed via electric or optical cable or by radio or other means. When the program is embodied in such a signal, the carrier may be constituted by such a cable or other device or means. Alternatively, the carrier may be an integrated circuit in which the program is embedded, the integrated circuit being adapted to perform, or used in the performance of, the relevant method.

Fig. 10 shows a computer program product 1000 comprising non transitory computer readable media 1002 having stored thereon a computer program 706; 806 as described above.

Variations to the disclosed embodiments can be understood and effected by those skilled in the art in practicing the claimed invention, from a study of the drawings, the disclosure and the appended claims. In the claims, the word "comprising" does not exclude other elements or steps, and the indefinite article "a" or "an" does not exclude a plurality. A single processor or other unit may fulfil the functions of several items recited in the claims. The mere fact that certain measures are recited in mutually different dependent claims does not indicate that a combination of these measures cannot be used to advantage. A computer program may be stored/distributed on a suitable medium, such as an optical storage medium or a solid-state medium supplied together with or as part of other hardware, but may also be distributed in other forms, such as via the Internet or other wired or wireless telecommunication systems. Any reference signs in the claims should not be construed as limiting the scope.