AI, the Mandatory Element of 5G Mobile Security | Threatpost

THE HAGUE, Netherlands – Artificial intelligence will be a requirement for securing carrier 5G networks – which is shaping up to be a technology juggernaut that presents unique challenges unlike any ever seen in the world of telecom until now.

That was the assessment at the GSMA Mobile 360 Security for 5G conference, taking place here this week.

To understand the challenges and the drivers for artificial intelligence (AI), it’s important to understand that existing telecom networks, even today’s 4G LTE networks, are built from a hardware-centric perspective, using the vertical-stack Open Systems Interconnection (OSI) model. Features include a heavy reliance on hardware big routers and switches with device-specific software to run them. Functions are hard-coded and largely siloed. Extensive operations support systems/business support systems (OSS/BSS) are relied upon to carry out management and orchestration functions and to provide subscriber management and billing.

5G, in contrast, is architected to provide an exponentially greater amount of agility and flexibility, taking a page from the world of enterprise IT and the cloud, according to Brian Wagner, head of security, risk and compliance for EMEA at Amazon Web Services.

5G’s flat, software-centric architecture.

“Security is no longer a silo that sits in a separate area,” he said, during a keynote at the conference. Security is not compliance anymore, and vice-versa. These networks will consist of largely commoditized technology. So, you have to upgrade your tools, take a risk-based approach and be transparent.”

For instance, 5G hardware consists of commodity servers that are abstracted from the software; all functions are virtualized; and a packet core network at the heart of it all is software-defined and programmable – and able to make changes to services on-demand, Wagner noted. As a result, 5G will be capable of supporting literally billions of endpoints, all generating data, all served with potentially customized network services.

Carriers deploying 5G are thus finding themselves in need of a way to achieve visibility into a vastly different, vastly more complex environment than they have ever had to deal with in the past, according to Nils Ahrlich, head of end-to-end security solutions at equipment-supplier Nokia.

“Given the huge amount of devices that the networks will have to handle – the 5G environment will be far too agile to apply required processes without automation,” he noted. “It will be mandatory.”

The 5G ecosystem will also represent an institutional change, according to Philip Celestini, chief security and risk officer at Syniverse: “The open architecture of 5G supports more players coming into the ecosystem,” he said, speaking on a panel this week. “So, everyone is a known bad until proven otherwise. Carriers are bringing in third parties to perform network services and functions. It creates new vulnerabilities, the possibility of rogue elements getting into the service chain (as opposed to the supply chain), and so it will create an even greater impetus for validation and authentication.”

All of this adds up to one thing: An overwhelming amount of complexity, in an environment where things are shifting and evolving all the time, said Anu Puhakainen, director of product management for security solutions at telecom equipment giant Ericsson.

“The production network will be very virtualized and dynamic – you will have network slices and different types of use cases, and the service will be changing and evolving and we have to manage that,” he explained. “Security as a result also can never be static, which radically affects network operations. We will need intelligent, adaptive security management and automation, because a human can’t manage all of that.”

While the sheer scale and complexity of 5G will likely require AI deployment, another aspect that will drive AI for 5G security is the workforce skills shortage.

“We are struggling to find security skills. It’s a massive problem – we’ll be 3 million people short in the industry in 2021,” said Pedro Pablo Perez, CEO and global security vice president at global communications provider Telefonica, which operates in 20 countries. “We have a cyber-academy and training programs and agreements with universities. We also need more women – we have launched a practice to attract this demographic too. So, we’re taking a lot of measures, and still not covering the gap.”

It’s also worth noting that becoming software-centric will necessitate software-centric security practices — which will further stretch carriers’ already limited human resources.

“We don’t do well in even managing legacy security, so this is going to be a challenge,” said Mark Kneppers, chief security officer at Telus, the Canadian telco and mobile operator, speaking on a roundtable panel. “We’re shifting to a software approach, a ‘Patch Tuesday’ approach that will make us ask, do I want dynamic updates into my network? Am I set up for that? The technical shift to software represents a big challenge for us. The individual elements will come from a lot of different sources too. You’re going to need to implement bug bounties and other approaches from the software community.”

AI can address the skills issue partially – though its use will need to be carefully designed, according to Nokia’s Ahrlich.

“We have a workforce shortage and automation can help fill the gap – but you have to train the algorithm right and make sure it hasn’t been poisoned,” he said. “There needs to be visibility for security but also the core network and radio. The AI needs to be able to look at the whole context and can make an educated decision.”

Martin Borrett, CTO and distinguished engineer at IBM Security, said that in working with Watson, the company’s AI platform, it has become clear that a large amount of information must be used to train the algorithm.

Borrett talks AI.

“You have to teach the system the vernacular, which means feeding it a massive corpus of security knowledge,” he explained. “You want cognitive adaptation, not just knowledge. A properly trained AI can adapt and think in unconventional ways. And it doesn’t have the notion of bias. It will read, digest and understand the alarms and incident information coming in, then offer a hypothesis to the analyst. Security analysts then work with the tool to triage security events.”

AI tools will complement human resources.

While AI will continue to be a key part in designing 5G security approaches, Telus’ Kneppers pointed out that its efficacy won’t really be clear until the rubber hits the road on commercial deployments, which are expected later this year and beyond.

“Where I think the challenges are going to be in 5G security are mostly around complexity in implementation,” he said. “We typically see breakdowns in operations. Technology may be secure in theory, but when we deploy, that’s where we’ll see issues. 5G security success will come down to how we implement and operate it, including AI.”

He added, “the truth is that 5G isn’t done. It’s slowly becoming more concrete. But there’s some stuff to still figure out.”