By 2020, Gartner says there will be 20.4 billion IoT devices. That rounds out to almost three devices per person on earth. As a result, IoT devices will show up in just about every aspect of daily life. While IoT devices promise benefits such as improved productivity, longevity and enjoyment, they also open a Pandora’s box of security issues for mobile service providers.
This flood of IoT devices, combined with the onset of 5G networks to support it, is creating an atmosphere ripe for mobile network attacks. This threat landscape requires mobile service providers to alter their approach to network security or suffer dire consequences. The same old tools are no longer enough.
Battle Increased Complexity with Automation
For years, security teams have struggled with the proliferation of data from dozens of security products, outpacing their ability to process it. This same problem applies to mobile service providers regarding the aforementioned issues surrounding 5G and IoT devices.
Security threats and anomalies within mobile network traffic are growing faster than security teams can detect and react to them. All the security threats we see now on enterprise networks are a harbinger of what’s to come on 5G networks. The introduction of 5G adds significant complexities to mobile networks that require next-generation security solutions.
Automation is key to better identification and mitigation of these threats for mobile service providers. Machine-learning based DDoS mitigation solutions enable real-time detection and mitigation of DDoS attacks. Through behavioral analysis, bad traffic can then be identified and automatically blocked before any damage is done.
Automation Across the Security Architecture
For mobile service providers, automation must expand across all layers of the security architecture. First and foremost, the network must be leveraged as a sensor, a digital cyberattack tripwire. In 5G networks, network elements are distributed at the edge and virtualized. The network’s endpoints can be used as detection spots to send messages back to a centralized control plane (CCP).
The CCP serves as the brain of the network, compiling all the inputs from its telemetry feeds to deploy the best way to apply mitigation policies.
The myriad amount of CCP data can be put to work via Big Data. As 5G pushes network functions and data to the cloud, there’s an opportunity to use this information to better protect against attacks with the help of artificial intelligence (AI) and deep learning.
This is where the “big” in “big data” comes into play. Because 5G virtual devices live on the edge of the network in small appliances, there isn’t enough computing power available to identify evolving attack traffic from within. But by feeding traffic through an extra layer of protection at large data centers, it is possible to efficiently compile all the data to identify attacks.
Large data centers can be prohibitively expensive to house and maintain. Ideally, these data centers are housed and maintained by the mobile service provider’s DDoS mitigation vendor, which leverages its network of cloud-based scrubbing centers (and the massive volumes of threat intelligence it collects) to process this information and automatically feed it back to the mobile service provider.
A Game of Probability
In the end, IoT and 5G security will come down to being a game of probability, however, automation and AI stack the odds heavily in favor of mobile service providers.
The new network technology has the speed and capacity to enable AI with data from 50 billion connected devices. AI requires huge amounts of data to sift through and create neural networks where anomalies can be detected, with emphasis on good data. Bad or poisoned data will lead to biased models and false negatives. The more good data, the better the outcomes in this high-stakes game of probability.
As all this traffic is fed through the scrubbing centers at data centers around the world, AI can help inform security algorithms to detect protocol anomalies and flag issues. The near real-time process is complicated. Like an FBI watch list, a register of attack information goes to a mobile network’s control plane. The result is a threat intelligence feed that uses the power of machine learning to identify and prevent attacks.
The best place to populate AI and deep learning systems is from crowdsourcing and global communities where large numbers of enterprises and networks contribute data. Bad data will find its way in, but the good data will significantly outnumber the bad data to make deep learning possible.
Ultimately, the threats from botnets, web scraping, and IoT zombies is dynamic and increasingly complex. With 5G on the horizon, it’s critical that mobile service providers are proactive and make plans now to protect their networks against evolving security threats by turning to machine learning and AI.