As 5G networks transition away from centralized, hardware-based cores toward Software-Defined Networking (SDN) and Network Function Virtualization (NFV), they unlock incredible flexibility and performance. However, this shift also creates a massive, distributed attack surface that traditional firewalls simply cannot fully protect.
To help researchers, students, operators, and developers design and build secure networks, we are thrilled to announce the release of two powerful new security tools within the IEEE 5G/6G Innovation Testbed: the Intrusion Detection System (IDS) and the Rogue UE Monitor.
These new features provide a much-needed experimental platform to study 5G‑native security threats under realistic traffic conditions, offering real-time detection and automated mitigation.
Real-Time Intrusion Detection System (IDS)
Located directly within the Testbed’s Security tab, the new IDS provides fine-grained visibility into both the control and data planes.
- Protocol-Aware Monitoring: The IDS actively monitors live core traffic for anomalies across crucial 5G protocols, including NGAP, SCTP, and GTP (data plane).
- Severity Classification: When an attack or traffic storm is detected, the system automatically generates alerts classified by severity—Yellow, Red, or Critical—based on configurable thresholds.
- Actionable Dashboard: Users can filter active alerts by plane or protocol, and easily manage security events.
Rogue UE Monitoring
Unauthorized or compromised devices can wreak havoc on a 5G network by overwhelming the control plane. Our new Rogue UE Monitoring tool allows users to detect and neutralize these threats.
- Dynamic Threat Tracking: The monitor provides a clear status indicator (Green for safe, Red for under attack) and actively updates a “Block List” with previously detected rogue UEs.
- Registration Flood Detection: If a malicious device attempts an NGAP attack to trigger a registration flood, the system immediately flags the rogue UEs and blocks them, returning the network status to green once the threat is neutralized.
Visualize and Simulate Attacks
Security research requires controlled, observable experimentation. To fully leverage these new tools, users can utilize the Testbed’s built-in DDoS Attack Tool to safely simulate NGAP, SCTP, or GTP attacks against their network.
As the simulated attack ramps up, users can launch the integrated Grafana dashboard to observe the security event through clear, real-time, time-series visualizations. This allows engineers to accurately analyze traffic spikes, evaluate detection thresholds, and study attack patterns as they happen.
Take Control of Your 5G Security Today
Testing 5G security responses requires a platform that allows you to observe, analyze, and mitigate threats safely and reproducibly. With the introduction of the IDS and Rogue UE Monitor, the IEEE 5G/6G Innovation Testbed continues to provide the most comprehensive, cloud-based sandbox for telecom innovation.
Ready to build a more secure network? Reach out to us today to request a meeting and a free trial. Discover firsthand how becoming a subscriber can help you accelerate your 5G/6G security testing!