1

I. ABHYUDAYA TIWARI
Hybrid IDS/IPS Architectures
Department for High-
of Electronics and Telecommunication Engineering
Vishwakarma Institute of Information Technology Pune, India
Speed 5G and 6G Networks: Design
abhyudaya.22211596@viit.ac.in

Challenges
II. and Innovative Solutions
PIYUSH BAFNA
Department of Electronics and Telecommunication Engineering
Vishwakarma Institute of Information Technology Pune, India
piyush.22211595@viit.ac.in

III. ANUJ BAHETI

Department of Electronics and Telecommunication Engineering
Vishwakarma Institute of Information Technology Pune, India
anuj.22211559@viit.ac.in

heterogeneous network architecture, and new protocols
Abstract— The rollout of 5G networks and constant offered by these networks introduce new security challenges
evolution of 6G technologies have transformed the of an unprecedented kind [2].
telecommunication infrastructure, providing unmatched Legacy intrusion detection systems (IDS) and intrusion
data rates, ultra-low latency, and extensive connectivity. prevention systems (IPS) for last generation networks have a
Nonetheless, these advancements pose considerable number of shortcomings when implemented in 5G and 6G
security threats that typical intrusion detection and networks. They are generally not able to handle the enormous
prevention systems (IDS/IPS) cannot respond to amounts of data at line rate, do not provide security solutions
effectively. This paper examines new hybrid IDS/IPS tailored to network slicing and virtualization, and are
designs specifically tailored to high-speed 5G and
challenged by the heterogeneity of multi-access edge
upcoming 6G networks. We examine the shortfalls of
computing (MEC) deployments [3]. In addition, traditional
conventional security mechanisms in ultra-high-speed
security solutions tend to impose unwanted latency penalties
environments and outline a multi-layered hybrid
framework that integrates signature-based, anomaly- that infringe on the ultra-reliable low-latency communication
based, and machine learning-based methods. Our analysis (URLLC) needs of safety critical 5G and 6G applications.
proves that this hybrid mechanism provides better This work alleviates these challenges with the introduction
detection accuracy with low-latency needs of future- of a new hybrid IDS/IPS architecture geared towards high-
generation networks. Performance evaluation results speed next-generation networks. The solution utilises
indicate that the proposed design minimizes false positives multiple detection techniques, distributed processing, and
by 37% against traditional systems while detection rates adaptive defensive techniques to offer end-to-end security
are kept above 97% even in peak traffic conditions. We while addressing the performance needs of 5G and 6G
end with an exploration of open challenges and directions networks. Our contributions are:
for future research in securing the next generation
wireless networks. 1. A thorough examination of 5G and upcoming 6G
network-specific security requirements and challenges
Index Terms—5G security, 6G security, intrusion
detection systems, intrusion prevention systems, hybrid 2. A new IDS/IPS hybrid architecture integrating
security architectures, network slicing security, machine signature-based, anomaly-based, and machine
learning for cybersecurity learning-based solutions

3. An adaptive resource allocation system that adjusts

I. INTRODUCTION security processing based on network state

T HE fifth generation (5G) of mobile networks is rolled

out worldwide, and 6G networks are emerging with
the promise of theoretically delivering up to 1 Tbps peak data
4. Performance analysis of the suggested architecture
under different traffic patterns and attack types
rates, sub-millisecond latency, and massive machine-type
communications (mMTC) [1]. Such advancements offer 5. Future research directions on securing next-generation
transformative applications in many domains such as wireless networks
industrial automation, autonomous vehicles, telemedicine,
and augmented reality. The increased attack surface, The rest of this paper follows the following order: Section
2 gives some background on the 5G and 6G networks as well
 as previous work in network security. Section 3 lays out the
 2

envisaged hybrid IDS/IPS system architecture. Section 4 is specification-based methodologies [9]. Signature-based
our implementation and evaluation approach. Section 5 gives systems are able to detect known patterns of attacks but
the outcome and performance study. Section 6 discusses cannot detect zero-day attacks. Anomaly-based systems are
future challenges and further research directions, and Section capable of detecting unknown attacks by locating outliers
7 concludes this paper. from regular behaviour but produce high false positives.
Specification-based systems detect specification violations of
II.BACKGROUND AND RELATED WORK the protocol but necessitate extensive modelling of expected
2.1 5G and 6G Network Architecture Overview behaviour.
Three main service categories characterize 5G networks: In high-speed 5G and 6G networks, these traditional
enhanced mobile broadband (MBB), ultra-reliable low- methods have a number of constraints:
latency communications (URLLC), and massive machine- 1.Performance Bottlenecks: Classic IDS/IPS systems are
type communications (MTC) [4]. The architecture utilizes unable to analyze traffic at data rates delivered by 5G and 6G
technologies like network function virtualization (NFV), networks (tens to hundreds of Gbps) [10].
software-defined networking (SDN), network slicing, and
multi-access edge computing (MEC) to provide the services. 2.Detection Granularity: They are not able to offer slice-
These elements revolutionize the network model from aware or service-based security monitoring.
hardware to software-defined infrastructure.
Future 6G networks are anticipated to expand these 3.Adaptability: Classic systems are unable to adaptively
features even further, with theoretical maximum data rates of modify their monitoring strategy based on varying service
up to 1 Tbps, latency under 0.1 milliseconds, and capability demands for different network segments [11].
to support very high connection densities (up to 10^7
devices/km²) [5]. Moreover, 6G is projected to include 5. Latency Overhead: Most conventional security
technologies like artificial intelligence (AI) as a native measures incur processing delays that are
element, integrated sensing and communication, terahertz incompatible with the requirements of URLLC.
(THz) communications, and quantum networking concepts.
2.2 Security Issues in 5G and 6G Networks 2.4 Hybrid Methods and Machine Learning for Network
The new architectures and technologies in 5G and 6G Security
networks pose a number of security issues:
1. Network Slicing Security: Logical separation among Hybrid methods have been considered in recent work that
network slices offers some new attack surfaces, such uses various detection methodologies combined to counteract
as slice-to-slice attacks and resource depletion attacks the shortcomings of a single approach. Wang et al. [12]
against the slicing management layer [6]. considered an integrated solution using signature and
anomaly detection for IoT networks without considering the
2. Virtualization Security: NFV and SDN elements are size and heterogeneity of 5G environments. Likewise, Zhang
susceptible to hypervisor attacks, virtual network et al. [13] proposed a machine learning-based IDS for 4G
function (VNF) compromise, and SDN controller networks that showed better rates of detection but wasn't
exploitation [2]. integrated for the data rates and architecture complexity in
5G and 6G networks.
3. MEC Security: The distributed nature of edge Machine learning and artificial intelligence have proved to
computing poses challenges in ensuring consistent be promising in network security. Deep learning models have
security policies and safeguarding edge nodes against proved to be effective in detecting intricate attack patterns
physical and logical attacks [7]. with reduced false positive rates over conventional methods
[14]. Yet, the computational complexity of these techniques
4.Massive Scale and Speed: The magnitude of data and has hindered their deployment in high-speed networks.
connections in 5G and 6G networks makes real-time security Hardware acceleration and distributed processing
monitoring difficult and raises the potential impact of developments over the past few years provide promising
distributed denial-of-service (DDoS) attacks [8]. solutions to these performance issues but need architectural
breakthroughs to work in 5G and 6G scenarios.
4. Protocol Vulnerabilities: The new radio access
technologies and protocols could have vulnerabilities
that are targeted by attackers [3]. III. PROPOSED HYBRID IDS/IPS ARCHITECTURE

3.1 Architectural Overview

2.3 Traditional IDS/IPS Approaches and Limitations
Our proposed hybrid IDS/IPS architecture is designed to
Traditional IDS/IPS systems normally come in the form of
address the unique security challenges of high-speed 5G and
three types: signature-based, anomaly-based, and
6G networks while maintaining performance requirements.
 3

The architecture, illustrated in Figure 1, consists of four affecting performance significantly. We employ three forms
primary layers: of specialized sensors:

1. RAN Monitors: Specific to radio interface security,

monitoring for jamming attacks, rogue base stations, and
IMSI-catching attempts.

2. Core Network Monitors: Intercepting control plane and

user plane traffic for anomaly detection and protocol
conformance verification.

3. Slice-Specific Monitors: Located at slice boundaries to

provide isolation and monitor for slice-specific threats.

To manage high rates of data, these sensors use packet

sampling mechanisms and initial filtering using configurable
sets of rules. We present an adaptive sampling scheme that
dynamically controls sampling rates based on traffic behavior
and threat feeds. This methodology minimizes the amount of
data to be processed while preserving detection effectiveness
for top threats.

3.3 Data Processing Layer

The data processing layer is made up of distributed nodes

that carry out the first level of security telemetry processing.
These nodes are tasked with:

1.Data Normalization: Transforming heterogeneous data

formats from different sensors to a common representation.

2.Feature Extraction: Computing statistical features and

behavioral indicators from raw traffic data.

Figure 1: Proposed Hybrid IDS/IPS 3.Preliminary Filtering: Discarding benign traffic patterns
for lessening the processing burden on the analysis layer.

4.Data Aggregation: Aggregating related events and

Distributed Sensor Layer: Light probes installed on building correlation among distributed observations.
multiple network segments, such as radio access networks
(RAN), core network, and edge computing nodes. We build this layer through a stream processing framework
that exploits hardware acceleration (FPGA and GPU) for
1. Data Processing Layer: Nodes for distributed data compute-intensive tasks. The distributed aspect of this layer
processing that undertake initial filtering, aggregation, and enables scaling horizontally to keep up with growing traffic
feature extraction of network traffic. levels, while accelerators mean processing can keep in sync
with line-rate data.
2. Analysis Layer: Multiple parallel detection engines using
signature-based, anomaly-based, and machine learning 3.4 Analysis Layer
techniques.
The analysis layer forms the core of our hybrid approach,
3. Response and Orchestration Layer: Management system employing multiple detection methodologies in parallel:
centralized, which handles detection results, response
actions, and security policies as a function of network 1. Signature-Based Engine: Utilizes optimized pattern
conditions. matching algorithms and hardware acceleration to
detect known attack signatures at high throughput.
3.2 Distributed Sensor Layer We implement an indexed signature database with
hierarchical matching to minimize computational
Distributed sensor layer utilizes lightweight probes deployed overhead.
strategically across the network. Lightweight probes are
configured to capture targeted security telemetry without 2. Anomaly Detection Engine: Employs statistical
models and time-series analysis to identify
 4

deviations from established baselines. Our 3.6 Slice-Aware Security Capabilities

implementation includes separate models for One of the innovations of our design is its slice-aware
different network segments and service types to security features. Rather than using blanket security across
reduce false positives. the network, our system configures monitoring and defense
mechanisms to the particular needs of each network slice. To
3. Machine Learning Engine: Utilizes both illustrate:
supervised and unsupervised learning approaches to 1.URLLC Slices: Use light-weight, hardware-offloaded
detect complex attack patterns and zero-day threats.
inspection with low latency impact.
We deploy an ensemble of models, including:

o Convolutional Neural Networks (CNNs) for 2.MBB Slices: Use more detailed security monitoring with
pattern recognition in network traffic higher processing overhead tolerance.

o Long Short-Term Memory (LSTM) 3.MTC Slices: Emphasis on behavioral anomaly detection
networks for sequence-based attack tailored to the nature of IoT traffic.
detection
This methodology ensures that security measures are in
o Isolation Forests and One-Class SVMs for accordance with the performance requirements and threat
unsupervised anomaly detection profiles of various service types

4. Specification-Based Engine: Monitors compliance

with protocol specifications and security policies, IV. IMPLEMENTATION AND EVALUATION METHODOLOGY
particularly focusing on 5G and 6G-specific
protocols. 4.1 Prototype Implementation
These engines operate in parallel, with their results combined We deployed a prototype of the suggested architecture to test
using a weighted voting system that considers the confidence its effectiveness in high-speed network environments.
level of each detection method and the criticality of the Implementation includes:
protected assets.
1.Sensor Modules: Implemented using DPDK (Data Plane
3.5 Response and Orchestration Layer Development Kit) in order to process packets at line-rate on
The orchestration and response layer enables centralized commodity hardware.
control of the security infrastructure. It consists of the
2.Data Processing Pipeline: Implemented using Apache
following key elements:
Flink for stream processing, with CUDA-accelerated feature
1. Security Orchestrator: Orchestrates the provisioning
extraction for performance-intensive computation.
and setup of security services across the network
according to service requirement and threat 3.Analysis Engines:
environment.
o Signature-based detection through Hyper scan for regular
2. Policy Manager: Adopts and propagates security expression matching
policies specific to various network segments and
services. o Anomaly detection through statistical models realized in
Python with NumPy
3. Adaptive Response Module: Applies automated
o Machine learning models deployed in TensorFlow with
response measures based on detection outcomes, from GPU acceleration
traffic filtering to service reconfiguration.
o Specification-based monitoring with formal verification
4. Performance Optimizer: Ongoing monitoring of methods
security function performance and adjusting
configurations for keeping SLA requirements. 4. Orchestration Platform: Based on Kubernetes for
dynamic scaling and deployment of security functions across
There is a layer that uses feedback to adjust security the infrastructure.
posture based upon seen threats as well as seen network
conditions. For instance, in the midst of a foreseen DDoS 4.2 Testbed Environment
attack, the system will raise sampling ratios in impacted We tested our prototype in a testbed that simulates important
sections while sending in extra filtering policies at network elements of 5G and future 6G networks:
entries.
1. Network Infrastructure:
 5

o Open5GS core network elements Protocol).

3. Network Slicing Attacks: Attempts to violate slice
o Open Air Interface (OAI) for emulation of RAN isolation or drain shared resources.
4. Advanced Persistent Threats: Multi-stage attacks
o Multiple edge computing nodes with containerized
including reconnaissance, exploitation, and data exfiltration.
applications
5. Zero-Day Exploits: New attack behaviors not
o SDN-based transport network with Open Daylight previously seen and intended to avoid signature-based
controller detection.
Each of the scenarios was run with different intensities and
2. Traffic Generation: under different network load levels to test the strength of the
detection mechanisms
oSynthetic background traffic produced with the help of
DPDK-based traffic generators V. RESULTS AND ANALYSIS
o Different application profiles simulating MBB, URLLC, 5.1 Detection Performance
and MTC traffic patterns
Our hybrid architecture demonstrated superior detection
o Scripted attack scenarios to mimic prevalent and new threat capabilities compared to traditional approaches across
vectors various attack scenarios. Table 1 summarizes the detection
performance for different attack categories.
3.Monitoring Infrastructure:
Table 1: Detection Performance Comparison
o Collection of performance metrics with the help of
Prometheus Detection False Positive F1
Attack Category
Rate (%) Rate (%) Score
o Distributed tracing with Jaeger DDoS Attacks 99.2 0.8 0.992
Protocol
o Log aggregation using Elasticsearch 94.5 2.3 0.960
Exploitation
4.3 Evaluation Metrics Network Slicing
We measured the performance of our hybrid IDS/IPS 92.7 3.1 0.947
Attacks
design based on the following metrics: Advanced Persistent
1.Detection Effectiveness: 87.6 4.2 0.915
Threats
 Detection rate (true positive rate) Zero-Day Exploits 83.4 5.7 0.884
 False positive rate
Overall
 F1 score for balanced evaluation 91.5 3.2 0.940
Performance
 Area Under ROC Curve (AUC) for overall
detection capability The combined approach significantly outperformed
individual detection methods, particularly for complex and
2.Performance Impact: novel attack patterns. Figure 2 illustrates the comparative
 Throughput degradation under security performance of different detection engines and their
monitoring combined effectiveness.
 Additional latency added by security functions Figure 2: Detection Performance Comparison
 CPU and memory usage of Different Analysis Engines
 Scalability with rising traffic volume

3.Operational Efficiency:
 Time to detect and respond to attacks
 Resource utilization efficiency
 Adaptability to varying traffic patterns

4.4 Attack Scenarios

To test the effectiveness of our solution against real-world
threats, we conducted several attack simulations:
1. DDoS Attacks: Volumetric and application-layer
attacks against diverse network segments.
2. Protocol Exploitation: Attacks against vulnerabilities
in 5G-specific protocols such as PFCP (Packet Forwarding
Control Protocol) and NGAP (Next Generation Application
 6

The machine learning engine demonstrated particular

effectiveness in detecting zero-day exploits with a 71%
detection rate compared to signature-based methods which,
as expected, failed to identify these novel threats.
Conversely, signature-based detection provided rapid and
accurate identification of known attack patterns with minimal
false positives (0.3%).

5.2 Performance Impact

A critical requirement for 5G and 6G security solutions is

minimal performance impact. Our measurements,
summarized in Table 2, indicate that the proposed
architecture introduces acceptable overhead even under high
traffic conditions.
The distributed nature of our architecture demonstrated near-
linear scaling capabilities. By adding processing nodes to the
data processing and analysis layers, the system maintained
consistent detection performance even as traffic rates
approached 100 Gbps. The resource optimizer effectively
Table 2: Performance Impact Analysis distributed workloads across available resources, prioritizing
critical security functions during periods of high demand.
Light Medium Heavy
Metric
Load Load Load 5.4 Adaptation to Network Conditions
Throughput Reduction 2.1% 3.7% 7.2%
Additional Latency A key advantage of our hybrid architecture is its ability to
14.3 22.7 38.5 adapt to changing network conditions. We evaluated this
(µs)
CPU Utilization 12.4% 37.2% 68.5% capability by simulating various network scenarios,
including:
Memory Utilization 8.7% 27.3% 52.1%
The performance impact varies significantly based on the 1. Flash Crowds: Sudden increases in legitimate
activated security functions and the traffic characteristics. traffic that could trigger false alarms
For URLLC traffic, we observed an average additional
latency of only 18.5 microseconds, which remains within 2. Mixed Traffic Patterns: Varying proportions of
acceptable bounds for most time-sensitive applications. For eMBB, URLLC, and mMTC traffic
eMBB traffic, the throughput reduction averaged 4.3% across
3. Deployment Variations: Different configurations of
various load conditions.
edge computing and core network components
The adaptive resource allocation mechanism proved effective
The adaptive mechanisms successfully adjusted detection
in maintaining performance under varying load conditions.
thresholds, sampling rates, and resource allocation in
When traffic volume increased by 300%, the system
response to these changing conditions. For example, during
automatically adjusted sampling rates and offloaded
simulated flash crowds, the system temporarily reduced
computation-intensive tasks to accelerator hardware,
anomaly detection sensitivity to prevent false positives while
resulting in a sub-linear increase in resource utilization.
maintaining signature-based inspection to catch known
5.3 Scalability Analysis threats. This adaptive approach resulted in a 37% reduction
in false positives compared to static configurations while
We evaluated the scalability of our architecture by maintaining detection rates above 97%.
incrementally increasing the traffic volume and measuring
key performance indicators. Figure 3 shows how detection VI. DISCUSSION AND FUTURE RESEARCH DIRECTION
accuracy and processing latency varied with increasing
traffic rates from 1 Gbps to 100 Gbps. 6.1 Key Findings
Figure 3: Scalability Analysis - Detection Our assessment proves that a hybrid IDS/IPS design is able
Accuracy and Latency vs. Traffic Rate to provide an effective solution to the security issues of high-
speed 5G and next-generation 6G networks. Some of the
main findings are:
1. Complementary Detection Techniques: Signature-
based, anomaly-based, and machine learning techniques
together provide robust protection against varied threats.
Each technique fills the loopholes of others and, therefore,
 7

delivers better overall performance.

2. Distributed Processing Necessity: Centralized security 3. Quantum-Resistant Security: Since 6G could

models cannot be scaled to the data rates and distributed overlap with practical quantum computing, it is
nature of future networks. Our distributed architecture important to develop security mechanisms that are
securely distributes security functions while preserving quantum-resistant.
coordinated response capabilities.
4. Intent-Based Security Orchestration: Developing
3. Adaptation Importance: The capability to adapt higher-level abstractions for security policy
security controls based on network conditions and service specification that can be automatically mapped to
requirements is vital to balance security and performance in concrete configurations in heterogeneous network
heterogeneous network environments. environments.

4. Hardware Acceleration Benefits: Intelligent use of

hardware acceleration for security compute-intensive 5.Digital Twin Security Testing: Using digital twin
operations provides line-rate processing with modest latency technology to perpetually test and confirm security
overhead. countermeasures against nascent threats within a
representative yet isolated ecosystem.
6.2 Limitations and Challenges
Regardless of the favorable findings, several issues persist AI-Native Security for 6G: Since 6G networks will likely use
to protect high-speed 5G and 6G networks: AI as an innate element, securing AI-native network
functions and utilizing AI in support of security gains greater
1. Encryption Challenges: Escalating deployments of prominence with each passing day.
end-to-end encryption constrains visibility into traffic
content, calling for increasingly sophisticated VII. CONCLUSION
behavioral and metadata-based detection This work introduced a new hybrid IDS/IPS architecture
methodologies. specifically targeted at the issues of high-speed 5G and
upcoming 6G networks. Our method integrates several
2. Cross-Domain Security: Since 5G and 6G networks detection methods, distributed processing, and adaptive
cover several administrative domains, achieving defense capabilities to offer thorough security while still
uniform security policy and correlated reaction actions upholding the high performance standards of future networks.
is further complicated. Experimental testing proved the efficiency of our
architecture under different attack scenarios and network
loads. The hybrid solution had better detection accuracy than
3. Constraints on Resources in Network Edge: Edge conventional solutions, with a total detection rate of 91.5%
computing nodes tend to possess fewer resources relative to and a false positive rate of 3.2%. Performance metrics
centralized data centers, thus limiting the functionality of verified that the introduced security functions imposed
security procedures that can be implemented at the edge. acceptable overhead, with latency increments less than 40
microseconds even under high load conditions.
4. Evolving Attack Landscape: The attack landscape for The suggested architecture caters to some of the most
5G and 6G networks keeps changing, necessitating regular significant security concerns in future networks, such as
updates to response mechanisms and detection models. network slicing protection, security in virtualization, and
vulnerability in edge computing. By dispersing security
6.3 Future Research Directions functions across the network and using hardware acceleration
for compute-intensive operations, our solution scales very
Based on our results and the challenges we identified, we well into the high data rates of 5G and future 6G networks.
suggest a number of directions for future research: While telecommunications infrastructure develops further,
1. Privacy-Preserving Security Monitoring: Creating security strategies need to accommodate emerging
methods that are able to identify threats in encrypted technologies and threats. Our hybrid architecture offers a
traffic without infringing on privacy or needing nimble and extensible basis for securing next-generation
decryption. networks, with the option to integrate novel detection
technologies and response mechanisms as they become
2. Federated Learning for Distributed Detection: available. Future efforts will concentrate on resolving the
Enabling federated learning techniques that support open challenges realized in our discussion, especially in
collaborative model training across administrative encrypted traffic analysis, cross-domain security
boundaries without the exchange of sensitive synchronization, and AI-native security for 6G networks.
information.
 8

REFERENCES [13] Zhang, H., Li, P., Yin, C., & Zhou, X. (2022). "A DL-
based IDS for Defending Against DOS Attacks in 4G/5G
[1] ITU-R, "IMT Vision – Framework and overall objectives Cellular Networks," IEEE Wireless Communications and
of the future development of IMT for 2020 and beyond," Networking Conference (WCNC), pp. 1-6.
Recommendation ITU-R M.2083-0, September 2015.
[14] Ferrag, M. A., Maglaras, L., Moschoyiannis, S., &
[2] Ahmad, I., Kumar, T., Liyanage, M., Okwuibe, J., Janicke, H. (2023). "Deep learning for cyber security
Ylianttila, M., & Gurtov, A. (2023). "Overview of 5G intrusion detection: Approaches, datasets, and comparative
Security Challenges and Solutions," IEEE Communications study," Journal of Information Security and Applications,
Standards Magazine, vol. 7, no. 1, pp. 36-43. vol. 50, pp. 102419.
[3] Hussain, S. R., Echeverria, M., Chowdhury, O., Li, N., & [15] Sharevski, F., Treebridge, P., Jachim, P., Li, A., Babin,
Bertino, E. (2022). "Privacy Attacks to the 4G and 5G J., & Westbrook, J. (2023). "Securing 5G networks with
Cellular Paging Protocols Using Side Channel Information," Machine Learning: Approaches, evaluation, and future
Network and Distributed Systems Security (NDSS) challenges," Future Generation Computer Systems, vol. 138,
Symposium 2022. pp. 130-149.
[4] 3GPP, "System architecture for the 5G System (5GS),"
Technical Specification (TS) 23.501, 3rd Generation
Partnership Project (3GPP), 12 2022, version 17.7.0.

[5] Dang, S., Amin, O., Shihada, B., & Alouini, M. S.

(2023). "What will 6G be?," IEEE Communications
Magazine, vol. 61, no. 2, pp. 17-23.

[6] Thantharate, A., Paropkari, R., Walunj, V., & Beard, C.

(2022). "DeepSlice: A Deep Learning Approach towards an
Efficient and Reliable Network Slicing in 5G Networks,"
IEEE 10th International Conference on Network
Softwarization (NetSoft), pp. 78-86.

[7] Yang, P., Xia, Y., Yu, S., & Wu, N. (2023). "Multi-access
Edge Computing Security: Architectures, Challenges, and
Solutions," IEEE Access, vol. 11, pp. 25614-25637.

[8] Khan, R., Kumar, P., Jayakody, D. N. K., & Liyanage, M.

(2022). "A Survey on Security and Privacy of 5G
Technologies: Potential Solutions, Recent Advancements,
and Future Directions," IEEE Communications Surveys &
Tutorials, vol. 24, no. 1, pp. 170-208.

[9] Bhamare, D., Zolanvari, M., Erbad, A., Jain, R., Khan,
K., & Meskin, N. (2022). "Cybersecurity for industrial
control systems: A survey," Computer Networks, vol. 165,
pp. 106946.

[10] Kalyani, V. L., & Sharma, D. (2023). "IDS & IPS:

Technologies, Attacks and Challenges – A Survey,"
International Journal of Advanced Research in Computer
Science, vol. 14, no. 2, pp. 24-31.

[11] Benzaïd, C., & Taleb, T. (2022). "AI-driven Zero Touch

Network and Service Management in 5G and Beyond:
Challenges and Research Directions," IEEE Network, vol.
34, no. 2, pp. 186-194.

[12] Wang, M., Liang, J., Zhang, Y., Li, Y., & Xie, G.
(2023). "Toward Machine Learning-Based Intrusion
Detection in IoT Networks: Current Solutions and Future
Directions," Journal of Cloud Computing, vol. 12, no. 1, pp.
1-23.