SmiLe Net: A Supervised Graph Embedding-based Machine Learning Approach for NextG Vulnerability Detection.

5G communication systems are a key component of current and future wireless networks, and their security has a direct impact on many critical areas, including personal communications, intelligent transportation, and industrial applications. With the softwarziation and virtualization, a new attack surface has been emerging levering the software vulnerabilities and unintended emergent behaviors. Fuzz testing based 5G vulnerability detection is a promising approach for revealing insights of potential exploits of vulnerabilities in the protocols and software stacks via providing random or guided-random inputs to the system to trigger anomalous behavior. However, the state of art fuzz testing approaches lack the capability of the root cause of the vulnerability in the system under consideration, but rather focus on detecting abnormal impacts. To close the loop by completing the missing deductive reasoning, in this paper, we develop a new approach, a Supervised Graph Embedding-based Machine Learning (SmiLe Net) approach for vulnerability detection in 5G. In particular, we utilize the skip-gram algorithm to convert the log files generated from the fuzz testing into vectors. Subsequently, a machine learning model is built to predict fuzzed locations to perform the root cause analysis in 5G vulnerability detection. Experimental results show that the proposed approach has a higher accuracy of approximately 97% in root cause analysis. In addition, the proposed SmiLe Net is a lightweight network and offers low computation complexity. Importantly, when compared with the conventional Convolutional Neural Network (CNN), Long Short-Term Memory (LSTM), and the Gated Recurrent Unit (GRU), the proposed SmiLe Net has minimum Multiply-Accumulate Operations (MACs). The project contributes novel approaches to exploit vulnerability across components and their chain effect in a 5G network, and respond to the activated vulnerabilities for system resilience in real-time; meanwhile, the generated synthetic knowledge will provide back-end architects and security engineers for further strategy development.