Securing elastic radio access networks – Year two

G networks have emerged as a promising solution for Mobile Network Operators (MNOs) to offer ultra-fast mobile broadband and ultra-low latency services with exceptional reliability for consumers. By leveraging softwarization, Software-Defined Networking (SDN) and Network Function Virtualization (NFV), MNOs can offset the high capital and operational expenditures incurred due the additional deployment of legacy equipment. Cloud Radio Access Network (C-RAN) is a novel mobile network architecture that offers centralized operation of BaseBand Units (BBUs), and scalable deployment of lightweight Remote Radio Heads (RRHs). Elastic-RAN (E-RAN), Ericsson’s implementation of C-RAN, leverages SDN and NFV to offer flexible and elastic 5G network slicing to meet the different end-users QoS. Though virtualization facilitates flexible coordination between BBUs and RRHs, it introduces new security vulnerabilities in E-RAN. For instance, a Distributed Denial of Service (DDoS) attack can cause severe degradation of the QoS/QoE by compromising the availability of resources and the integrity of data. In this proposal, we: 1) employ Machine Learning (ML) to develop novel techniques for anomaly-based DDOS detection, 2) devise mitigation measures to protect against DDoS attacks and zero-day threats using ML, and leverage the flexibility offered by NFV and SDN to automatically reconfigure network slices across the multi-tenant E-RAN infrastructure.

Faculty Supervisor:

Raouf Boutaba


Hyame Alameddine


Ericsson Canada


Computer science



University of Waterloo



Current openings

Find the perfect opportunity to put your academic skills and knowledge into practice!

Find Projects