|In the world of service delivery, an efficient and scalable monitoring system is mandatory for the continuity of services and identification and troubleshooting of various incidents. 5G core networks deployed in complex models such as cloud-native or hybrid infrastructures, supported by orchestration and automation capabilities, pose a challenge for the legacy monitoring systems to operate and function as expected due to increased performance scaling and architectural demands. This requires a novel approach that can provide isolation of the collected data and multi-tenancy support for each network slice separately, by collecting relevant data from the core network functions based on the principle of scalability so that the monitoring system can adapt to any number of existing or newly provisioned network slices and their associated core functions. In this thesis, one of the main objectives is to identify the limitations of legacy monitoring systems and design a new monitoring framework for 5G networks based on cloud-native principles. 5G predicts two functions for this case, referred to as NWDAF (Network Data Analytics Function) and UDSF (Unstructured Data Storage Function). The UDSF should be designed in such a way that it will be able to collect and store unstructured data from the network control plane for the sake of using it from an optimization perspective, based on the AI/ML functionality provided in the NWDAF function. Some of the features should be as follows:
a. Dynamic architecture support, which forms a flexible structure to enable the monitoring via variable monitoring solution that can re-configure and scale accordingly.
b. Provisioning the data collection functions as a service. Telco operators should be provided with the possibility to choose what kind of data should be collected, as well as how to incorporate this data for different use cases (cybersecurity, system optimization, dynamic network control, etc.)
c. Capturing data at network functions from relevant protocols in a technology-agnostic manner.
d. Data collection from control and user plane for enabling machine learning and artificial intelligence analytics. Data can be collected at the control plane or user plane. Data originating from the user plane is the information that flows from specific users through the 5G network like application data. The control plane data is what the system transmits for the sake of enabling connectivity using various protocols at different network layers.
e. Data aggregation and presentation with the support of multi-tenancy in a cloud-native environment.
f. Data integrity and privacy to ensure confidentiality via data isolation and anonymization in case of monitoring multiple network slices served by the same 5G network.
g. Data should be anonymized to protect the user privacy while enabling network analytics based on the collected information.
The final goal of the thesis is to implement the data collection framework in a cloudified 5G facility of the Oslo Metropolitan University, identify the monitoring points for the 5G core network functions and propose a solution for metrics associated to detect and evaluate anomalies in the traffic within the core and between network slices. This shall consequently provide better insight into the security of the 5G core and pave the way for designing mitigation methods for various cyberattacks on 5G core networks as well as conditions for self-organizing network capabilities.