{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,2]],"date-time":"2026-05-02T00:39:23Z","timestamp":1777682363151,"version":"3.51.4"},"reference-count":24,"publisher":"SAGE Publications","issue":"2","license":[{"start":{"date-parts":[[2024,12,26]],"date-time":"2024-12-26T00:00:00Z","timestamp":1735171200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/journals.sagepub.com\/page\/policies\/text-and-data-mining-license"}],"content-domain":{"domain":["journals.sagepub.com"],"crossmark-restriction":true},"short-container-title":["Journal of High Speed Networks"],"published-print":{"date-parts":[[2025,5]]},"abstract":"\n \n \n \n Network slicing (NS) is a technique that enables network operators to create multiple virtual networks, each customized for specific clients, services, or applications, while still utilizing a shared physical network infrastructure. Although this approach provides benefits in terms of resource usage and flexibility, it also introduces new security risks, particularly in the form of DDoS attacks. These attacks can be targeted at specific slices, causing disruptions to the services provided by those slices, which may impact multiple clients or applications that rely on those services. To mitigate the security risks posed by NS, the paper proposes an intrusion detection system that is designed to safeguard network slices from DDoS attacks. The proposed system relies on statistical methods that use joint entropy and dynamic thresholds to analyze network traffic in real time. Based on the findings of the testbed conducted for network slices, the proposed system exhibited a remarkable level of effectiveness in identifying DDoS attacks directed targeting a specific slice. The detection rate was recorded at 99%, and the delay rate was extremely low at 0.32\u2005s. These results imply that the system can recognize and respond to attacks swiftly, which can aid in swiftly mitigating potential\n \n threats.\n <\/jats:p>","DOI":"10.1177\/09266801241305972","type":"journal-article","created":{"date-parts":[[2025,4,28]],"date-time":"2025-04-28T11:02:53Z","timestamp":1745838173000},"page":"145-158","update-policy":"https:\/\/doi.org\/10.1177\/sage-journals-update-policy","source":"Crossref","is-referenced-by-count":1,"title":["Statistical slice-level analysis for online detection of distributed denial-of-service (DDoS) attacks in network slicing environments"],"prefix":"10.1177","volume":"31","author":[{"given":"Suadad S","family":"Mahdi","sequence":"first","affiliation":[{"name":"College of Information Technology, University of Babylon, Hilla, Al-Najaf Road, P.O.B. 4, Babil, 51002, Iraq"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1485-2461","authenticated-orcid":false,"given":"Alharith A","family":"Abdullah","sequence":"additional","affiliation":[{"name":"College of Information Technology, University of Babylon, Hilla, Al-Najaf Road, P.O.B. 4, Babil, 51002, Iraq"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"179","published-online":{"date-parts":[[2024,12,26]]},"reference":[{"key":"e_1_3_3_2_2","doi-asserted-by":"crossref","unstructured":"Leonardi L Ashjaei M Fotouhi H et\u00a0al. A proposal towards software-defined management of heterogeneous virtualized industrial networks. In: Proceedings of the IEEE 17th international conference on industrial informatics (INDIN) Helsinki Finland 22\u201325 July 2019.","DOI":"10.1109\/INDIN41052.2019.8972223"},{"key":"e_1_3_3_3_2","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2024.3372083"},{"key":"e_1_3_3_4_2","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2024.3410295"},{"key":"e_1_3_3_5_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2024.3363162"},{"key":"e_1_3_3_6_2","doi-asserted-by":"publisher","DOI":"10.1109\/MCOMSTD.0001.2100041"},{"key":"e_1_3_3_7_2","doi-asserted-by":"crossref","unstructured":"Mahdi SS Abdullah AA. Survey on enabling network slicing based on SDN\/NFV. In: International conference on information systems and intelligent applications: ICISIA 2022 Kuala Lumpur Malaysia 1\u20132 July 2022. Cham: Springer International Publishing pp.733\u2013758.","DOI":"10.1007\/978-3-031-16865-9_59"},{"key":"e_1_3_3_8_2","doi-asserted-by":"crossref","unstructured":"Sadkhan SB Abbas MS Mahdi SS et\u00a0al. Software-defined network security-status challenges and future trends. In: 2022 IEEE muthanna international conference on engineering science and technology (MICEST) Samawah Iraq 16\u201317 March 2022.","DOI":"10.1109\/MICEST54286.2022.9790219"},{"key":"e_1_3_3_9_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2021.107871"},{"key":"e_1_3_3_10_2","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2023.3312349"},{"key":"e_1_3_3_11_2","first-page":"1542","article-title":"Entropy-based distributed denial of service attack detection in software-defined networking","volume":"27","author":"Kareem MI","year":"2022","unstructured":"Kareem MI, Jasim MN. Entropy-based distributed denial of service attack detection in software-defined networking. Indones J Electr Eng Comput Sci 2022; 27: 1542\u20131549.","journal-title":"Indones J Electr Eng Comput Sci"},{"key":"e_1_3_3_12_2","doi-asserted-by":"publisher","DOI":"10.11591\/eei.v11i3.3688"},{"key":"e_1_3_3_13_2","doi-asserted-by":"crossref","unstructured":"D\u2019Angelo G Farsimadan E Palmieri F. Recurrence plots-based network attack classification using CNN-autoencoders. In: 2023 international conference on computational science and its applications Athens Greece 3\u20136 July 2023. Cham: Springer Nature Switzerland pp.191\u2013209.","DOI":"10.1007\/978-3-031-37108-0_13"},{"key":"e_1_3_3_14_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2023.05.021"},{"key":"e_1_3_3_15_2","doi-asserted-by":"crossref","unstructured":"Sattar D Matrawy A. Towards secure slicing: using slice isolation to mitigate DDoS attacks on 5G core network slices. In: 2019 IEEE conference on communications and network security (CNS) Washington DC 10\u201312 June 2019 pp.82\u201390.","DOI":"10.1109\/CNS.2019.8802852"},{"key":"e_1_3_3_16_2","doi-asserted-by":"publisher","DOI":"10.1002\/spe.2800"},{"key":"e_1_3_3_17_2","doi-asserted-by":"crossref","unstructured":"Thantharate A Paropkari R Walunj V et\u00a0al. Secure5G: a deep learning framework towards a secure network slicing in 5G and beyond. In: 2020 IEEE 10th annual computing and communication workshop and conference (CCWC) Las Vegas NV USA 6\u20138 January 2020 pp.0852\u20130857.","DOI":"10.1109\/CCWC47524.2020.9031158"},{"key":"e_1_3_3_18_2","doi-asserted-by":"publisher","DOI":"10.1109\/TVT.2022.3193074"},{"key":"e_1_3_3_19_2","doi-asserted-by":"publisher","DOI":"10.1109\/LWC.2021.3133479"},{"key":"e_1_3_3_20_2","doi-asserted-by":"crossref","unstructured":"Bousalem B Silva VF Langar R et\u00a0al. Deep learning-based approach for DDoS attacks detection and mitigation in 5G and beyond mobile networks. In: 2022 IEEE 8th international conference on network softwarization (NetSoft) Milan Italy 27 June\u20131 July 2022 pp.228\u2013230.","DOI":"10.1109\/NetSoft54395.2022.9844053"},{"key":"e_1_3_3_21_2","unstructured":"Sherwood R Gibb G Yap KK et\u00a0al. FlowVisor: a network virtualization layer. OpenFlow Switch Consortium Technical Report 2019-1-132. http:\/\/OpenFlowSwitch.org\/downloads\/technicalreports\/openflow-tr-2009-1-flowvisor.pdf"},{"key":"e_1_3_3_22_2","doi-asserted-by":"crossref","unstructured":"Mahdi SS Abdullah AA. Implementation of network slicing for multi-controller environment based on FlowVisor. In: International conference on new trends in information and communications technology applications Baghdad Iraq 16\u201317 November 2022. Cham: Springer Nature Switzerland pp.173\u2013188.","DOI":"10.1007\/978-3-031-35442-7_10"},{"key":"e_1_3_3_23_2","doi-asserted-by":"crossref","unstructured":"Nakashima T Sueyoshi T Oshima S. Early DoS\/DDoS detection method using short-term statistics. In: International conference on complex intelligent and software intensive systems Krakow Poland 15\u201318 February 2010 pp.168\u2013173.","DOI":"10.1109\/CISIS.2010.53"},{"key":"e_1_3_3_24_2","unstructured":"Bavaud F Chappelier JC Kohlas J. An introduction to information theory and applications. Version 2.04-20050309-UniFr course. https:\/\/www.fon.hum.uva.nl\/rob\/Courses\/InformationInSpeech\/CDROM\/Literature\/LOTwinterschool2006\/diuf.unifr.ch\/tcs\/courses\/it04-05\/script\/information-theory.pdf"},{"key":"e_1_3_3_25_2","unstructured":"\u201cIDS 2017 | Datasets | Research | Canadian Institute for Cybersecurity |UNB.\u201d https:\/\/www.unb.ca\/cic\/datasets\/ids-2017.html (accessed 6 September 2022)."}],"container-title":["Journal of High Speed Networks"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/journals.sagepub.com\/doi\/pdf\/10.1177\/09266801241305972","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/journals.sagepub.com\/doi\/full-xml\/10.1177\/09266801241305972","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/journals.sagepub.com\/doi\/pdf\/10.1177\/09266801241305972","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,4,29]],"date-time":"2026-04-29T08:42:39Z","timestamp":1777452159000},"score":1,"resource":{"primary":{"URL":"https:\/\/journals.sagepub.com\/doi\/10.1177\/09266801241305972"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,12,26]]},"references-count":24,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2025,5]]}},"alternative-id":["10.1177\/09266801241305972"],"URL":"https:\/\/doi.org\/10.1177\/09266801241305972","relation":{},"ISSN":["0926-6801","1875-8940"],"issn-type":[{"value":"0926-6801","type":"print"},{"value":"1875-8940","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,12,26]]}}}