计算机工程与应用 ›› 2024, Vol. 60 ›› Issue (5): 291-298.DOI: 10.3778/j.issn.1002-8331.2210-0248

• 网络、通信与安全 • 上一篇    下一篇

基于数字孪生的5G网络安全推演

马宇威,杜海涛,粟栗,安宁宇   

  1. 中国移动通信有限公司研究院 安全技术研究所,北京 100053
  • 出版日期:2024-03-01 发布日期:2024-03-01

5G Network Security Deduction Based on Digital Twin

MA Yuwei, DU Haitao, SU Li, AN Ningyu   

  1. Security Technology Research Institute, China Mobile Research Institute, Beijing 100053, China
  • Online:2024-03-01 Published:2024-03-01

摘要: 为了对5G网络可能遭受的攻击及缓解攻击的措施进行研究,提出针对5G网络的安全推演模型。模型通过数字孪生技术将物理网络映射至孪生网络中,并依据模型构建虚实结合的网络推演环境;依据设计的推演场景在孪生网络中进行攻防推演,并将推演结果应用于物理网络中。结果表明利用孪生技术进行推演可减少对物理网络的影响,其得到的推演结果也可以无差别地应用于物理网络中,且具有一致的防御效果。

关键词: 5G网络, 安全推演, 数字孪生, 蜜网系统, 数据联动, 攻击模型, 专家系统

Abstract: In order to study the possible attacks on 5G network and the measures to mitigate the attacks, a security deduction model for 5G network is proposed. The model maps the physical network to the twin network through digital twin technology, and builds a virtual-real network deduction environment based on it. According to the designed deduction scenarios, the attack and defense deductions are performed in the twin network and the deductions’ results are applied to the physical network. The results show that the deductions using the twin technology can reduce the impact on the physical network, and the results can be applied to the physical network indiscriminately and have consistent defense effects.

Key words: 5G network, security deduction, digital twin, honeynet system, data linkage, attack model, expert system