Research On Network Function Security And Reliability Under Service Based Architecture Of 5G Core Network

5G core network leverages the SBA(Service-Based Architecture)and introduces cloud computing and virtualization technologies to meet the needs of various business scenarios of future mobile communications.The introduction of new architectures and technologies improves the flexibility and maintainability of 5G core network deployment.However,it brings new security issues to the 5G core network,such as man-in-the-middle attacks on signaling messages,backdoor attacks on general-purpose hardware,and side-channel attacks against resource sharing,etc.Current research on 5G core network security focuses on communication security under the SBA and core network endogenous security.However,as the 5G core network is a complex software system,the reliability and attack resistance of its internal NF(Network Function)software design are also worthy of study.The main researches are as follows:1.In view of the security problems such as large granularity of internal resource access control and unreasonable service division in the current NF software design,the idea of DDD(Domain-Driven Design)is introduced to model the NF business domain logic.The user interface layer,scheduling layer,and transaction layer inside NF are abstracted into different Actor objects.The data resources accessed by atomic operations in each process of the transaction layer are determined by their business scenarios,which realizes resource access control within NF,and improves the reliability and attack resistance of NF.The idea of micro-services is introduced.Internal functions of NF are divided into services according to their business attributes.The NF service management policy function is decoupled from the NF business logic,and is implemented using a independent Topo micro-service module,which improves the maintainability of NF.2.In view of the security risk of NF traffic overload in the 5G core network in the massive connection scenario,a service discovery mechanism based on NRF is considered to solve it.Firstly,a service discovery strategy based on parameter filtering and service discovery result storage is proposed to relieve the load pressure of NRF.Secondly,aiming at the decision-making problem of the service discovery result set in the above service discovery strategy,a load balancing strategy with dynamic weight adjustment of load parameters is proposed to realize the load balancing between NFs in the 5G core network,which maintain the overall security and stability of the core network.Finally,the deployment methods of Topo microservice in different networking are analyzed and designed.3.Interactions between the NF service management strategy microservice Topo and other NFs are designed and implemented in the 5G core network environment.The security analysis of the above-mentioned security strategy based on load mitigation is performed.Experiments and analysis show that the NF service management strategy microservice proposed can meet the needs of massive connections in 5G networks in terms of service discovery performance and load balancing performance.