Modern mobile communication networks and new service applications are deployed on cloud-native platforms. Kubernetes (K8s) is the de facto distributed operating system for container orchestration, and the extended version of the Berkeley Packet Filter (eBPF)- in the Linux (and MS Windows) kernel- is fundamentally changing the approach to cloud-native networking, security, and observability. In this paper, we introduce what eBPF is, its potential for Telco cloud, and review some of the most promising pricing and billing models applied to this revolutionary operating system (OS) technology. These models include schemes based on a data source usage model or the number of eBPF agents deployed on the network, linked to specific eBPF modules. These modules encompass network observability, runtime security, and power dissipation monitoring. Next, we present our eBPF platform, named Sauron in this work, and demonstrate how eBPF allows us to write custom code and dynamically load eBPF programs into the kernel. These programs enable us to estimate the energy consumption of cloud-native functions, derive performance counters and gauges for transport networks, 5G applications, and non-access stratum protocols. Additionally, we can detect and respond to unauthorized access to cloud-native resources in real-time using eBPF. Our experimental results demonstrate the technical feasibility of eBPF in achieving highly performant monitoring, observability, and security tooling for current mobile networks (5G, 5G Advanced) as well as future networks (6G and beyond).

eBPF: A New Approach to Cloud-Native Observability, Networking and Security for Current (5G) and Future Mobile Networks (6G and Beyond) / Soldani, David; Nahi, Petrit; Bour, Hami; Jafarizadeh, Saber; Soliman, Mohammed F.; DI GIOVANNA, Leonardo; Monaco, Francesco; Ognibene, Giuseppe; Risso, Fulvio. - In: IEEE ACCESS. - ISSN 2169-3536. - ELETTRONICO. - 11:(2023), pp. 57174-57202. [10.1109/ACCESS.2023.3281480]

eBPF: A New Approach to Cloud-Native Observability, Networking and Security for Current (5G) and Future Mobile Networks (6G and Beyond)

Leonardo Di Giovanna;Francesco Monaco;Giuseppe Ognibene;Fulvio Risso
2023

Abstract

Modern mobile communication networks and new service applications are deployed on cloud-native platforms. Kubernetes (K8s) is the de facto distributed operating system for container orchestration, and the extended version of the Berkeley Packet Filter (eBPF)- in the Linux (and MS Windows) kernel- is fundamentally changing the approach to cloud-native networking, security, and observability. In this paper, we introduce what eBPF is, its potential for Telco cloud, and review some of the most promising pricing and billing models applied to this revolutionary operating system (OS) technology. These models include schemes based on a data source usage model or the number of eBPF agents deployed on the network, linked to specific eBPF modules. These modules encompass network observability, runtime security, and power dissipation monitoring. Next, we present our eBPF platform, named Sauron in this work, and demonstrate how eBPF allows us to write custom code and dynamically load eBPF programs into the kernel. These programs enable us to estimate the energy consumption of cloud-native functions, derive performance counters and gauges for transport networks, 5G applications, and non-access stratum protocols. Additionally, we can detect and respond to unauthorized access to cloud-native resources in real-time using eBPF. Our experimental results demonstrate the technical feasibility of eBPF in achieving highly performant monitoring, observability, and security tooling for current mobile networks (5G, 5G Advanced) as well as future networks (6G and beyond).
2023
File in questo prodotto:
File Dimensione Formato  
eBPF_A_New_Approach_to_Cloud-Native_Observability_Networking_and_Security_for_Current_5G_and_Future_Mobile_Networks_6G_and_Beyond.pdf

accesso aperto

Tipologia: 2a Post-print versione editoriale / Version of Record
Licenza: Creative commons
Dimensione 5.86 MB
Formato Adobe PDF
5.86 MB Adobe PDF Visualizza/Apri
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11583/2981306