{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,4,12]],"date-time":"2025-04-12T08:01:48Z","timestamp":1744444908412,"version":"3.40.3"},"publisher-location":"Cham","reference-count":51,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031514753"},{"type":"electronic","value":"9783031514760"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-51476-0_7","type":"book-chapter","created":{"date-parts":[[2024,1,10]],"date-time":"2024-01-10T07:02:29Z","timestamp":1704870149000},"page":"123-144","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Evaluating the\u00a0Security Posture of\u00a05G Networks by\u00a0Combining State Auditing and\u00a0Event Monitoring"],"prefix":"10.1007","author":[{"given":"Md Nazmul","family":"Hoq","sequence":"first","affiliation":[]},{"given":"Jia Wei","family":"Yao","sequence":"additional","affiliation":[]},{"given":"Suryadipta","family":"Majumdar","sequence":"additional","affiliation":[]},{"given":"Luis","family":"Su\u00e1rez","sequence":"additional","affiliation":[]},{"given":"Lingyu","family":"Wang","sequence":"additional","affiliation":[]},{"given":"Amine","family":"Boukhtouta","sequence":"additional","affiliation":[]},{"given":"Makan","family":"Pourzandi","sequence":"additional","affiliation":[]},{"given":"Mourad","family":"Debbabi","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,1,11]]},"reference":[{"key":"7_CR1","unstructured":"GSMA. The Mobile Economy 2022 (2022). https:\/\/www.gsma.com\/mobileeconomy\/wp-content\/uploads\/2022\/02\/280222-The-Mobile-Economy-2022.pdf. Accessed 24 May 2023"},{"key":"7_CR2","doi-asserted-by":"crossref","unstructured":"Zhao, L., Oshman, M.S., Zhang, M., Moghaddam, F.F., Chander, S., Pourzandi, M.: Towards 5G-ready security metrics. In: ICC 2021-IEEE International Conference on Communications, pp. 1\u20136. IEEE (2021)","DOI":"10.1109\/ICC42927.2021.9500349"},{"issue":"11","key":"7_CR3","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s42452-022-05193-8","volume":"4","author":"E Yocam","year":"2022","unstructured":"Yocam, E., Gawanmeh, A., Alomari, A., Mansoor, W.: 5G mobile networks: reviewing security control correctness for mischievous activity. SN Appl. Sci. 4(11), 1\u201317 (2022)","journal-title":"SN Appl. Sci."},{"key":"7_CR4","doi-asserted-by":"crossref","unstructured":"Frigault, M., Wang, L., Singhal, A., Jajodia, S.: Measuring network security using dynamic Bayesian network. In: Proceedings of the 4th ACM workshop on Quality of protection, pp. 23\u201330 (2008)","DOI":"10.1145\/1456362.1456368"},{"key":"7_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"98","DOI":"10.1007\/978-3-540-73538-0_9","volume-title":"Data and Applications Security XXI","author":"L Wang","year":"2007","unstructured":"Wang, L., Singhal, A., Jajodia, S.: Measuring the overall security of network configurations using attack graphs. In: Barker, S., Ahn, G.-J. (eds.) DBSec 2007. LNCS, vol. 4602, pp. 98\u2013112. Springer, Heidelberg (2007). https:\/\/doi.org\/10.1007\/978-3-540-73538-0_9"},{"issue":"5","key":"7_CR6","doi-asserted-by":"publisher","first-page":"1071","DOI":"10.1109\/TIFS.2016.2516916","volume":"11","author":"M Zhang","year":"2016","unstructured":"Zhang, M., Wang, L., Jajodia, S., Singhal, A., Albanese, M.: Network diversity: a security metric for evaluating the resilience of networks against zero-day attacks. IEEE Trans. Inf. Forensics Secur. 11(5), 1071\u20131086 (2016)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"7_CR7","unstructured":"Github: Kubescape (2022). https:\/\/github.com\/kubescape\/kubescape"},{"key":"7_CR8","unstructured":"Falco. Falco (2022). https:\/\/github.com\/falcosecurity\/falco"},{"key":"7_CR9","unstructured":"LightBasin: a roaming threat to telecommunications companies (2022). https:\/\/www.crowdstrike.com\/blog\/an-analysis-of-lightbasin-telecommunications-attacks\/"},{"key":"7_CR10","unstructured":"NIST. SP 800\u201353 Rev. 5, Security and Privacy Controls for Information Systems and Organizations (2022). https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-53\/rev-5\/final. Accessed 14 May 2023"},{"key":"7_CR11","unstructured":"CSA. CSA Cloud Controls Matrix (CCM). https:\/\/cloudsecurityalliance.org\/research\/cloud-controls-matrix\/. Accessed 14 May 2023"},{"key":"7_CR12","unstructured":"5G Security Controls Matrix-ENISA. https:\/\/www.enisa.europa.eu\/publications\/5g-security-controls-matrix\/"},{"key":"7_CR13","unstructured":"free5GC. https:\/\/www.free5gc.org\/. Accessed 14 May 2023"},{"key":"7_CR14","unstructured":"K8s. Kubernetes. https:\/\/kubernetes.io\/. Accessed 14 May 2023"},{"key":"7_CR15","unstructured":"Towards5GS-helm (2022). https:\/\/github.com\/Orange-OpenSource\/towards5gs-helm. Accessed 16 May 2023"},{"key":"7_CR16","unstructured":"Ericsson. 5G Core (5GC) network: Get to the core of 5G (2022). https:\/\/www.ericsson.com\/en\/core-network\/5g-core. Accessed 24 May 2023"},{"key":"7_CR17","unstructured":"3GPP. TR 33.894 Study on zero-trust security principles in mobile networks (2022)"},{"key":"7_CR18","doi-asserted-by":"publisher","first-page":"400","DOI":"10.1007\/s11036-014-0554-3","volume":"20","author":"M Yang","year":"2015","unstructured":"Yang, M., et al.: Cross-layer software-defined 5G network. Mob. Netw. Appl. 20, 400\u2013409 (2015)","journal-title":"Mob. Netw. Appl."},{"key":"7_CR19","unstructured":"Taxonomy of attacker capabilities (2023). https:\/\/cloud.google.com\/blog\/products\/identity-security\/identifying-and-protecting-against-the-largest-ddos-attacks. Accessed 16 May 2023"},{"key":"7_CR20","doi-asserted-by":"crossref","unstructured":"Nadir, I., et al.: a1-an auditing framework for vulnerability analysis of IoT system. In: 2019 IEEE European Symposium on Security and Privacy Workshops (EuroS &PW), pp. 39\u201347. IEEE (2019)","DOI":"10.1109\/EuroSPW.2019.00011"},{"key":"7_CR21","unstructured":"Mitre. MITRE FiGHT. https:\/\/fight.mitre.org\/. Accessed 24 June 2023"},{"key":"7_CR22","unstructured":"Mitre. MITRE ATT &CK (2022). https:\/\/attack.mitre.org\/"},{"key":"7_CR23","unstructured":"Tamura, N.: Sugar: a SAT-based constraint solver (2022). https:\/\/cspsat.gitlab.io\/sugar\/. Accessed 14 May 2023"},{"key":"7_CR24","unstructured":"ISO\/IEC 27002:2022 Information security, cybersecurity and privacy protection-Information security controls (2022). https:\/\/www.iso.org\/standard\/75652.html. Accessed 14 May 2023"},{"key":"7_CR25","unstructured":"pgmpy. pgmpy 0.1.19 documentation (2022). https:\/\/pgmpy.org\/"},{"key":"7_CR26","unstructured":"NetworkX (2023). https:\/\/networkx.org\/. Accessed 16 May 2023"},{"key":"7_CR27","unstructured":"graphviz. Graphviz (2023). https:\/\/graphviz.org\/"},{"key":"7_CR28","unstructured":"Devlin, J., Chang, M.-W., Lee, K., Toutanova, K.: BERT: pre-training of deep bidirectional transformers for language understanding (2019)"},{"key":"7_CR29","unstructured":"BERT-base-NER (2023). https:\/\/huggingface.co\/dslim\/bert-base-NER"},{"key":"7_CR30","unstructured":"PyDotPlus Homepage (2023). https:\/\/pydotplus.readthedocs.io\/"},{"key":"7_CR31","unstructured":"Open Source Cloud Computing Infrastructure - OpenStack (2023). https:\/\/www.openstack.org\/. Accessed 16 May 2023"},{"key":"7_CR32","unstructured":"3GPPspace. Inside TS 23.501: AMF Load Balancing (2021)"},{"key":"7_CR33","unstructured":"Ou, X., Govindavajhala, S., Appel, A.W., et al.: Mulval: a logic-based network security analyzer. In: USENIX security symposium, Baltimore, MD, vol. 8, pp. 113\u2013128 (2005)"},{"key":"7_CR34","unstructured":"Shafayat Oshman, M.: Assessing security in the multi-stakeholder premise of 5G: a survey and an adapted security metrics approach. Ph.D. thesis, Carleton University (2022)"},{"key":"7_CR35","doi-asserted-by":"crossref","unstructured":"Nie, S., Zhang, Y., Wan, T., Duan, H., Li, S.: Measuring the deployment of 5G security enhancement. In: Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks (2022)","DOI":"10.1145\/3507657.3528559"},{"key":"7_CR36","doi-asserted-by":"crossref","unstructured":"Bartoletti, S., et al.: Uncertainty quantification of 5G positioning as a location data analytics function. In: 2022 Joint European Conference on Networks and Communications & 6G Summit (EuCNC\/6G Summit), pp. 255\u2013260. IEEE (2022)","DOI":"10.1109\/EuCNC\/6GSummit54941.2022.9815708"},{"key":"7_CR37","unstructured":"Ericsson. 5G security for public and hybrid cloud deployments (2022). https:\/\/www.ericsson.com\/en\/reports-and-papers\/further-insights\/5g-security-for-hybrid-cloud"},{"key":"7_CR38","unstructured":"Spirent. Keeping Pace with the Requirements of 5G Security (2022). https:\/\/www.spirent.com\/assets\/white-paper-keeping-pace-with-the-requirements-of-5g-security"},{"key":"7_CR39","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3005714","volume":"49","author":"M Pendleton","year":"2016","unstructured":"Pendleton, M., Garcia-Lebron, R., Cho, J.-H., Xu, S.: A survey on systems security metrics. ACM Comput. Surv. (CSUR) 49, 1\u201335 (2016)","journal-title":"ACM Comput. Surv. (CSUR)"},{"key":"7_CR40","unstructured":"Xie, M., May, R.A.: Network security framework based scoring metric generation and sharing. US Patent 10,791,146 (2020)"},{"key":"7_CR41","doi-asserted-by":"publisher","first-page":"2517","DOI":"10.1109\/TDSC.2021.3062204","volume":"19","author":"S Majumdar","year":"2021","unstructured":"Majumdar, S., et al.: ProSAS: proactive security auditing system for clouds. IEEE Trans. Dependable Secure Comput. 19, 2517\u20132534 (2021)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"issue":"2","key":"7_CR42","doi-asserted-by":"publisher","first-page":"882","DOI":"10.1109\/JIOT.2019.2945921","volume":"7","author":"K Huang","year":"2019","unstructured":"Huang, K., et al.: EVA: efficient versatile auditing scheme for IoT-based datamarket in jointcloud. IEEE Internet Things J. 7(2), 882\u2013892 (2019)","journal-title":"IEEE Internet Things J."},{"key":"7_CR43","doi-asserted-by":"publisher","first-page":"5312","DOI":"10.1109\/TNSM.2022.3188930","volume":"19","author":"G Apruzzese","year":"2022","unstructured":"Apruzzese, G., Vladimirov, R., Tastemirova, A., Laskov, P.: Wild networks: exposure of 5G network infrastructures to adversarial examples. IEEE Trans. Netw. Serv. Manage. 19, 5312\u20135332 (2022)","journal-title":"IEEE Trans. Netw. Serv. Manage."},{"key":"7_CR44","doi-asserted-by":"crossref","unstructured":"Boeira, F., Asplund, M., Barcellos, M.: Provable non-frameability for 5G lawful interception. In: ACM WiSec (2023)","DOI":"10.1145\/3558482.3581780"},{"key":"7_CR45","doi-asserted-by":"crossref","unstructured":"Ors\u00f3s, M., Kecsk\u00e9s, M., Kail, E., B\u00e1n\u00e1ti, A.: Log collection and SIEM for 5G SOC. In: 2022 IEEE 20th Jubilee World Symposium on Applied Machine Intelligence and Informatics (SAMI), pp. 000147\u2013000152. IEEE (2022)","DOI":"10.1109\/SAMI54271.2022.9780759"},{"issue":"10","key":"7_CR46","doi-asserted-by":"publisher","first-page":"8403","DOI":"10.1109\/TWC.2022.3165888","volume":"21","author":"A Brighente","year":"2022","unstructured":"Brighente, A., Mohammadi, J., Baracca, P., Mandelli, S., Tomasin, S.: Interference prediction for low-complexity link adaptation in beyond 5G ultra-reliable low-latency communications. IEEE Trans. Wireless Commun. 21(10), 8403\u20138415 (2022)","journal-title":"IEEE Trans. Wireless Commun."},{"key":"7_CR47","doi-asserted-by":"publisher","first-page":"101825","DOI":"10.1016\/j.cose.2020.101825","volume":"93","author":"CJ Mitchell","year":"2020","unstructured":"Mitchell, C.J.: The impact of quantum computing on real-world security: a 5G case study. Comput. Secur. 93, 101825 (2020)","journal-title":"Comput. Secur."},{"key":"7_CR48","unstructured":"ETSI. Network Functions Virtualisation (NFV) Release 4 Security; Security Management Specification (2021)"},{"key":"7_CR49","unstructured":"3GPP. TS 23.288 architecture enhancements for 5G System (5GS) to support network data analytics services v17.4.0 (2022-03) (2022)"},{"issue":"1\u20132","key":"7_CR50","first-page":"137","volume":"6","author":"AR Prasad","year":"2018","unstructured":"Prasad, A.R., Arumugam, S., Sheeba, B., Zugenmaier, A.: 3GPP 5G security. J. ICT Stand. 6(1\u20132), 137\u2013158 (2018)","journal-title":"J. ICT Stand."},{"key":"7_CR51","doi-asserted-by":"crossref","unstructured":"Hamlet, J.R., Lamb, C.C.: Dependency graph analysis and moving target defense selection. In: Proceedings of the 2016 ACM Workshop on Moving Target Defense, pp. 105\u2013116 (2016)","DOI":"10.1145\/2995272.2995277"}],"container-title":["Lecture Notes in Computer Science","Computer Security \u2013 ESORICS 2023"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-51476-0_7","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,1,10]],"date-time":"2024-01-10T07:03:53Z","timestamp":1704870233000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-51476-0_7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031514753","9783031514760"],"references-count":51,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-51476-0_7","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"11 January 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ESORICS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"European Symposium on Research in Computer Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"The Hague","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"The Netherlands","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25 September 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29 September 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"esorics2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/esorics2023.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"478","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"93","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"19% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3-4","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"10","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}