{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,14]],"date-time":"2026-02-14T06:10:11Z","timestamp":1771049411885,"version":"3.50.1"},"reference-count":27,"publisher":"MDPI AG","issue":"1","license":[{"start":{"date-parts":[[2026,2,12]],"date-time":"2026-02-12T00:00:00Z","timestamp":1770854400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"This work is supported by The Applied Digital Transformation Laboratory (ADiT-LAB), through the Portuguese Foundation for Science and Technology","award":["UIDP\/06121\/2025 and DOI identifier https:\/\/doi.org\/10.54499\/UID\/06121\/2025"],"award-info":[{"award-number":["UIDP\/06121\/2025 and DOI identifier https:\/\/doi.org\/10.54499\/UID\/06121\/2025"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["JCP"],"abstract":"Network slicing is a core enabler of multi-tenant 5th Generation (5G) architectures, allowing heterogeneous services to coexist over shared infrastructure. However, ensuring effective isolation between slices remains a critical security challenge, as failures may enable cross-slice interference, data leakage, or cascading service disruption. This article analyses security vulnerabilities affecting 5G network slicing from a risk-oriented perspective, with particular emphasis on isolation weaknesses across orchestration, virtualization, network, and interface layers. Due to the technical immaturity and instability of current open-source slicing platforms, experimental validation of security mechanisms proved infeasible. These limitations are therefore treated as empirical evidence informing a structured vulnerability taxonomy and a qualitative risk assessment grounded in confidentiality, integrity, and availability. Building on this analysis, the article proposes a conceptual security framework that integrates defence-in-depth, zero-trust principles, continuous monitoring, and adaptive response mechanisms to enforce isolation dynamically. Aligned with established standards and regulatory references, the framework provides a coherent theoretical foundation for future experimental validation and the secure design of resilient 5G network slicing architectures.<\/jats:p>","DOI":"10.3390\/jcp6010035","type":"journal-article","created":{"date-parts":[[2026,2,12]],"date-time":"2026-02-12T14:06:16Z","timestamp":1770905176000},"page":"35","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Security Challenges in 5G Network Slicing: A Risk-Based Analysis and Conceptual Framework"],"prefix":"10.3390","volume":"6","author":[{"ORCID":"https:\/\/orcid.org\/0009-0009-0015-1283","authenticated-orcid":false,"given":"Jos\u00e9","family":"Dias","sequence":"first","affiliation":[{"name":"ESTG, Instituto Polit\u00e9cnico de Viana do Castelo, 4900-347 Viana do Castelo, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5274-3733","authenticated-orcid":false,"given":"Silvestre","family":"Malta","sequence":"additional","affiliation":[{"name":"ESTG, Instituto Polit\u00e9cnico de Viana do Castelo, 4900-347 Viana do Castelo, Portugal"},{"name":"ADiT-Lab, Instituto Polit\u00e9cnico de Viana do Castelo, 4900-347 Viana do Castelo, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2139-5414","authenticated-orcid":false,"given":"Ricardo","family":"Santos","sequence":"additional","affiliation":[{"name":"ESTG, Instituto Polit\u00e9cnico do Porto, 4610 Felgueiras, Portugal"},{"name":"CIICESI, Instituto Polit\u00e9cnico do Porto, 4610 Felgueiras, Portugal"}]}],"member":"1968","published-online":{"date-parts":[[2026,2,12]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","unstructured":"Tan, H., Wang, M., Shen, J., Vijayakumar, P., Moh, S., and Wu, Q.M.J. (2025). Blockchain-assisted conditional anonymous authentication and adaptive tree-based group key agreement for VANETs. IEEE Trans. Dependable Secur. Comput., 1\u201316.","DOI":"10.1109\/TDSC.2025.3628884"},{"key":"ref_2","doi-asserted-by":"crossref","first-page":"5535","DOI":"10.1109\/TVT.2020.2981934","article-title":"On the design of conditional privacy preserving batch verification-based authentication scheme for internet of vehicles deployment","volume":"69","author":"Sutrala","year":"2020","journal-title":"IEEE Trans. Veh. Technol."},{"key":"ref_3","doi-asserted-by":"crossref","unstructured":"Dias, J., Pinto, P., Santos, R., and Malta, S. (2025). 5G network slicing: Security challenges, attack vectors, and mitigation approaches. Sensors, 25.","DOI":"10.3390\/s25133940"},{"key":"ref_4","unstructured":"Hajizadeh, M., Phan, T.V., Nugraha, B., Jnanashree, A.V., Niehoff, T., Krause, O., Mieth, M., and Bauschert, T. (2024). 5G security landscape: Investigating attack vectors in 5G and beyond networks. KuVS Fachgespr\u00e4ch\u2013W\u00fcrzburg Workshop on 6G Networks (WueWoWAS\u201924), KuVS\/Universit\u00e4t W\u00fcrzburg."},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Gao, S., Lin, R., Fu, Y., Li, H., and Cao, J. (2024). Security threats, requirements and recommendations on creating 5G network slicing system: A survey. Electronics, 13.","DOI":"10.3390\/electronics13101860"},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"2753","DOI":"10.1007\/s11277-023-10402-7","article-title":"Survey on joint paradigm of 5G and SDN emerging mobile technologies: Architecture, security, challenges and research directions","volume":"130","author":"Kazmi","year":"2023","journal-title":"Wirel. Pers. Commun."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Jain, V., Chu, H.-T., Qi, S., Lee, C.-A., Chang, H.-C., Hsieh, C.-Y., Ramakrishnan, K.K., and Chen, J.-C. (2022). L25GC: A low latency 5G core network based on high-performance NFV platforms. Proceedings of the ACM SIGCOMM 2022 Conference, ACM.","DOI":"10.1145\/3544216.3544267"},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"36009","DOI":"10.1109\/ACCESS.2020.2975072","article-title":"Network slicing: Recent advances, taxonomy, requirements, and open research challenges","volume":"8","author":"Khan","year":"2020","journal-title":"IEEE Access"},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"108283","DOI":"10.1016\/j.comnet.2021.108288","article-title":"NFV security survey in 5G networks: A three-dimensional threat taxonomy","volume":"197","author":"Madi","year":"2021","journal-title":"Comput. Netw."},{"key":"ref_10","doi-asserted-by":"crossref","first-page":"595","DOI":"10.1109\/COMST.2024.3410295","article-title":"A Survey on Beyond 5G Network Slicing for Smart Cities Applications","volume":"27","author":"Rafique","year":"2024","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_11","first-page":"60","article-title":"5G Network Slicing: A Security Overview","volume":"4","author":"Olimid","year":"2020","journal-title":"IEEE Commun. Stand. Mag."},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"106984","DOI":"10.1016\/j.comnet.2019.106984","article-title":"5G network slicing using SDN and NFV: A survey of taxonomy, architectures and future challenges","volume":"167","author":"Barakabitze","year":"2020","journal-title":"Comput. Netw."},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"102867","DOI":"10.1016\/j.telpol.2024.102867","article-title":"Internet of Things, critical infrastructures, and the governance of cybersecurity in 5G network slicing","volume":"48","author":"Knieps","year":"2024","journal-title":"Telecommun. Policy"},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"653","DOI":"10.1016\/j.telpol.2018.05.005","article-title":"How disruptive is 5G?","volume":"42","author":"Cave","year":"2018","journal-title":"Telecommun. Policy"},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Thantharate, A., Sood, K., Sethi, P., Jha, D.K., Mohan, N., and Seshadri, R. (2020, January 6\u20138). Secure5G: A Deep Learning Framework Towards a Secure Network Slicing in 5G and Beyond. Proceedings of the 2020 10th Annual Computing and Communication Workshop and Conference (CCWC), Las Vegas, NV, USA.","DOI":"10.1109\/CCWC47524.2020.9031158"},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"14048","DOI":"10.1109\/ACCESS.2021.3051940","article-title":"Adaptive Network Slicing in Multi-Tenant 5G IoT Networks","volume":"9","author":"Escolar","year":"2021","journal-title":"IEEE Access"},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"104068","DOI":"10.1016\/j.jnca.2024.104068","article-title":"Optimizing 5G network slicing with DRL: Balancing eMBB, URLLC, and mMTC with OMA, NOMA, and RSMA","volume":"234","author":"Malta","year":"2025","journal-title":"J. Netw. Comput. Appl."},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"12","DOI":"10.1109\/MITP.2017.9","article-title":"Technologies for 5G networks: Challenges and opportunities","volume":"19","author":"Alani","year":"2017","journal-title":"IT Prof."},{"key":"ref_19","unstructured":"Nerini, M., and Palma, D. (2021, January 17\u201321). 5G Network Slicing for Wi-Fi Networks. Proceedings of the 2021 IFIP\/IEEE International Symposium on Integrated Network Management (IM), Bordeaux, France."},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"3988","DOI":"10.1109\/TNSM.2024.3416418","article-title":"Blockchain-based secure authentication and authorization framework for robust 5g network slicing","volume":"21","author":"Wijethilaka","year":"2024","journal-title":"IEEE Trans. Netw. Serv. Manag."},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"152","DOI":"10.54216\/FPA.160111","article-title":"Personal data protection model in IOMT-blockchain on secured bit-count transmutation data encryption approach","volume":"16","author":"Almotairi","year":"2024","journal-title":"Fusion Pract. Appl."},{"key":"ref_22","unstructured":"(2026, February 08). 3rd Generation Partnership Project (3GPP). TS 23.501; System Architecture for the 5G System (5GS). 3GPP: Sophia Antipolis, France, 2020. Available online: https:\/\/www.3gpp.org\/ftp\/Specs\/archive\/23_series\/23.501\/."},{"key":"ref_23","unstructured":"European Telecommunications Standards Institute (ETSI) (2026, February 08). GS NFV-MAN 001; Network Functions Virtualisation (NFV): Management and Orchestration. ETSI: Sophia Antipolis, France, 2014. Available online: https:\/\/www.etsi.org\/deliver\/etsi_gs\/NFV-MAN\/001_099\/001\/01.01.01_60\/gs_NFV-MAN001v010101p.pdf."},{"key":"ref_24","unstructured":"Rose, S., Borchert, O., Mitchell, S., and Connelly, S. (2020). National Institute of Standards and Technology (NIST) SP 800-207."},{"key":"ref_25","unstructured":"European Union (2026, February 08). Directive (EU) 2022\/2555; on Measures for a High Common Level of Cybersecurity Across the Union. Available online: https:\/\/eur-lex.europa.eu\/eli\/dir\/2022\/2555\/oj."},{"key":"ref_26","unstructured":"European Union Agency for Cybersecurity (ENISA) (2026, February 08). Security Guidelines for 5G Networks, Available online: https:\/\/www.enisa.europa.eu\/publications\/5g-cybersecurity-standards."},{"key":"ref_27","doi-asserted-by":"crossref","unstructured":"Bazzi, A., Bomfin, R., Mezzavilla, M., Rangan, S., Rappaport, T., and Chafii, M. (2025). Upper mid-band spectrum for 6G: Vision, opportunity and challenges. arXiv.","DOI":"10.32388\/XNRU0A"}],"container-title":["Journal of Cybersecurity and Privacy"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2624-800X\/6\/1\/35\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,2,14]],"date-time":"2026-02-14T05:29:36Z","timestamp":1771046976000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2624-800X\/6\/1\/35"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,2,12]]},"references-count":27,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2026,2]]}},"alternative-id":["jcp6010035"],"URL":"https:\/\/doi.org\/10.3390\/jcp6010035","relation":{},"ISSN":["2624-800X"],"issn-type":[{"value":"2624-800X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,2,12]]}}}