Common use of STA Clause in Contracts

STA. In this demo, the STA is in charge to collect different types of data in one Security Management Domain (SMD) as part of a secure slice deployed to apply analytics. The STA collects relevant network related packets in the 5G Core service. In this case the AI/ML capability provides the identification of cryptomining activities in one software component concealed over encrypted HTTPS communications, as a Security Analytics Engine component. Once it is detected it reports the information to the domain Decision Engine, to take actions to mitigate the threat. Additionally, this information is provided in parallel to the Trust Reputation Manager to decrease the trustworthiness level of the slice and component. In Demo1, a specific implementation of the enabler described in Section 3.1.2 will be performed. In particular, we aim to integrate the misbehaviour detection capabilities of our enabler towards the overarching goal of anomaly detection in Demo1 storyline. Figure 35 illustrates the core components of the enabler, i.e., Security Data Collector, Security Analytics Engine and Decision Engine, and their interactions within the HLA components. Security data collector performs the fusion of V2X network traces that are streamed from the data plane using VMs, in which VMs emulate the representation of vehicles within the RAN. These V2X traces are based on an open-source vehicular anomaly-detection dataset [23]. The incoming streaming vehicular data reports are sequentially analysed within the Security Analytics Engine based on the mobility patterns parameters such as position, velocity, and acceleration, to instruct an RL algorithm for the detection of misbehaviour patterns. The issued security policy is expressed using MSPL. Upon detection of misbehaviour, the detection framework in the decision engine provides the verdict to Security Orchestrator to apply the pre-determined security policy, i.e., misbehaving data source to be isolated, dropped, or blocked.

STA. In this demo, the STA is in charge to collect different types of data in one Security Management Domain (SMD) SMD as part of a secure slice deployed to apply analytics. The STA collects relevant network related packets in the 5G Core service. In this case the AI/ML capability provides the identification of cryptomining activities in one software component concealed over encrypted HTTPS communications, as a Security Analytics Engine component. Once it is detected it reports the information to the domain Decision Engine, to take actions to mitigate the threat. Additionally, this information is provided in parallel to the Trust Reputation Manager to decrease the trustworthiness trustability level of the slice and component. In Demo1, a specific implementation of the enabler described in Section 3.1.2 will be performed. In particular, we aim to integrate the misbehaviour detection capabilities of our enabler towards the overarching goal of anomaly detection in Demo1 storyline. Figure 35 illustrates the core components of the enabler, i.e., Security Data Collectorsecurity data collector, Security Analytics Engine security analytics engine and Decision Enginedecision engine, and their interactions within the HLA components. Security data collector performs the fusion of V2X network traces that are streamed from the data plane using VMs, in which VMs emulate the representation of vehicles within the RAN. These V2X traces are based on an open-source vehicular anomaly-detection dataset [23]. The incoming streaming vehicular data reports are sequentially analysed within the Security Analytics Engine security analytics engine based on the mobility patterns parameters such as position, velocity, and acceleration, to instruct an RL algorithm for the detection of misbehaviour patterns. The issued security policy is expressed using MSPL. Upon detection of misbehaviour, the detection framework in the decision engine provides the verdict to Security Orchestrator SO to apply the pre-determined security policy, i.e., misbehaving data source to be isolated, dropped, or blocked.