Service Templates to Emulate Network Attacks in Cloud-Native 5G Infrastructures

Thanks to its cloud-native design, the 5G architecture can be easily deployed and operated with modern cloud paradigms. The availability of open-source implementations of both the 5GC and RAN are of paramount importance to investigate management, performance, and security issues that arise from this new operational model. However, such software usually does not include the necessary deployment scripts to easily and quickly run it in Kubernetes clusters. In this paper, we describe our set of service templates for emulating network attacks in (and against) 5G systems deployed in the cloud. Our contribution consists of the necessary automation workflows for building manifest files, setting up and running research testbeds in a matter of minutes. The templates include a scenario with broad applicability, namely attacks to Internet services from botnets in the \ac{RAN}, also taking into account the presence of traffic from licit users. Real-time scalability of the botnet and licit users allows to easily generate different workload conditions; additionally, different attacks can be reproduced by simply replacing the container images for the Internet service, licit clients, and botnet nodes. Evaluation considers the time to deploy the cloud-native application and verification of its correct operation.