Internet of Things (IoT) coupled with 5G and upcoming pre-6G networks will provide the scalability and performance required to deploy a wide range of new digital services in Smart Cities. This new digital services will undoubtedly contribute to an improvement in the quality of life of citizens. However, security is a major concern in IoT where low-powered constrained devices are a target for attackers who identify them as a vulnerable entry point to exploit the network weaknesses. This concern is exacerbated in Smart Cities where it is expected to deploy millions of heterogeneous yet unattended and vulnerable IoT devices throughout vast urban areas. A security breach in a Smart City allows attackers to target critical services such as the power grid network or the road traffic control or to expose sensitive health data to intruders. Thus, the security and privacy of citizens could be seriously compromised. Honeynets are an effective security mechanism to distract attackers from legitimate targets and collect valuable information on how they operate. Meanwhile, current honeynets lack functionality to protect the real and lure networks from large-scale volumetric Distributed Denial of Service (DDoS) attacks. This paper provides a novel solution to empower honeynet security tools with Network Slicing capabilities as an innovative way to isolate and minimize the network resources available from attackers. The proposed system supports the ambitious IoT scalability requirements associated to 5G networks and the forthcoming 6G networks. The solution has been empirically evaluated in a emulated testbed where promising results have been achieved when dealing with mMTC and eMBB traffic profiles. In mMTC scenarios where scalability is a challenge, the solution is able to deal with up to 1000 slices and 1 Million IoT devices sending traffic simultaneously. In eMBB use cases, the solution is able to cope with up to 19 Gbps of combined bandwidth. The gathered results demonstrate that the proposed solution is suitable as a security tool in 5G IoT multi-tenant infrastructures as those expected in Smart Cities deployments.

中文翻译：

---

通过网络切片增强基于蜜网的保护，以实现大规模 Pre-6G 物联网智能城市部署


物联网 (IoT) 与 5G 和即将推出的 6G 之前的网络相结合，将提供在智慧城市中部署各种新型数字服务所需的可扩展性和性能。这种新的数字服务无疑将有助于提高公民的生活质量。然而，安全性是物联网中的一个主要问题，其中低功率受限设备成为攻击者的目标，攻击者将其识别为利用网络弱点的易受攻击的入口点。这种担忧在智慧城市中更加严重，预计将在广阔的城市地区部署数百万个异构但无人值守且易受攻击的物联网设备。智能城市中的安全漏洞使攻击者能够针对关键服务（例如电网或道路交通控制）或将敏感的健康数据暴露给入侵者。因此，公民的安全和隐私可能会受到严重损害。蜜网是一种有效的安全机制，可以分散攻击者对合法目标的注意力，并收集有关其运作方式的有价值的信息。同时，当前的蜜网缺乏保护真实网络和诱饵网络免受大规模分布式拒绝服务（DDoS）攻击的功能。本文提供了一种新颖的解决方案，为蜜网安全工具提供网络切片功能，作为隔离和最小化攻击者可用网络资源的创新方法。拟议的系统支持与 5G 网络和即将推出的 6G 网络相关的雄心勃勃的物联网可扩展性要求。该解决方案已在模拟测试台中进行了实证评估，在处理 mMTC 和 eMBB 流量配置文件时取得了可喜的结果。 在可扩展性成为挑战的 mMTC 场景中，该解决方案能够处理多达 1000 个切片和 100 万个物联网设备同时发送流量。在 eMBB 使用案例中，该解决方案能够处理高达 19 Gbps 的组合带宽。收集的结果表明，所提出的解决方案适合作为 5G IoT 多租户基础设施中的安全工具，正如智能城市部署中所预期的那样。