DDoS Amplification Attack Mitigation in 5G/6G Networks: A ‎Taxonomy, Evaluation, and Defense Framework

  • Authors

    https://doi.org/10.14419/qvspkq08

    Received date: August 27, 2025

    Accepted date: October 1, 2025

    Published date: October 8, 2025

  • 5G Security; 6G Networks; DDoS Amplification Attacks; Network Slicing; Anomaly Detection; Mitigation Framework; Post-Quantum Cryptography.

  • Abstract

    The evolution of 5G and emerging 6G networks has introduced unprecedented opportunities for connectivity, but also expanded the attack ‎surface for Distributed Denial of Service (DDoS) amplification attacks. Service-Based Architecture (SBA), network slicing, and massive ‎IoT (mMTC) environments create new vectors for reflection and amplification, making conventional defenses inadequate. This paper proposes a novel layered defense framework that integrates edge filtering, AI-driven anomaly detection, slice isolation, cloud scrubbing, and quantum-safe cryptography to mitigate DDoS amplification attacks in 5G/6G environments.‎

    The framework is theoretically modeled through equations for amplification, mitigation efficiency, resilience, and defense cost, and evaluated experimentally using simulated signaling floods, IoT-driven amplification, slice-targeted floods, and hybrid attacks. Performance was ‎measured using detection rate, false alarm rate, service availability, resilience score, and resource overhead. Two algorithms—‎pseudonymous authentication with zero-knowledge proof (ZKP) and layered mitigation orchestration—were implemented to operationalize ‎the defense strategy.‎

    The results demonstrate that the proposed framework achieves a detection accuracy of 95–97%, reduces false positives to 2%, and maintains ‎a service availability of over 85% under prolonged amplification attacks. It scales efficiently in scenarios with up to 10,000 simulated IoT ‎devices, retaining 70–80% throughput, and maintains URLLC latency below 10 ms, outperforming baseline defenses (firewalls, scrubbing, ‎and AI-only) and state-of-the-art defenses from the literature. These findings validate the framework as a scalable, efficient, and future-ready ‎solution for mitigating amplification attacks in 5G/6G networks, with strong alignment with 3GPP, GSMA, and NIST post-quantum standards‎.

  • References

    1. A. Abhishta, R. D. van der Mei, and L. J. M. Nieuwenhuis, “Understanding the impact of DDoS attacks on internet service providers,” J. Internet Serv. Appl., vol. 10, no. 1, pp. 1–17, 2019.
    2. K. Kalkan and S. Zeadally, “Securing Internet of Things (IoT) with software defined networking (SDN),” IEEE Commun. Mag., vol. 56, no. 9, pp. 186–192, Sep. 2018. https://doi.org/10.1109/MCOM.2017.1700714.
    3. ENISA, Threat Landscape for 5G Networks, European Union Agency for Cybersecurity, 2023.
    4. R. Hussain, S. H. Ahmed, S. Kim, and D. He, “5G security: Concepts and challenges,” IEEE Access, vol. 7, pp. 138200–138217, 2019.
    5. GSMA, 5G Security Guide (FS.40 v3.0), GSM Association, 2024.
    6. W. Saad, M. Bennis, and M. Chen, “A vision of 6G wireless systems: Applications, trends, technologies, and open research problems,” IEEE Netw., vol. 34, no. 3, pp. 134–142, 2020. https://doi.org/10.1109/MNET.001.1900287.
    7. ITU, IMT-2030 Framework for 6G, International Telecommunication Union, 2023.
    8. M. S. Farash and H. R. Nielson, “Towards secure 5G networks: A survey,” Comput. Netw., vol. 191, p. 107960, 2021.
    9. Akamai, State of the Internet: DDoS Attacks Report, 2023.
    10. R. Khan, P. Kumar, D. N. K. Jayakody, and M. Liyanage, “A survey on security and privacy of 5G technologies: Potential solutions, recent ad-vancements, and future directions,” IEEE Commun. Surveys Tuts., vol. 22, no. 1, pp. 196–248, 2020. https://doi.org/10.1109/COMST.2019.2933899.
    11. L. M. Ferrag, H. Derdour, and M. Mukherjee, “Blockchain and AI-based solutions to combat DDoS attacks in 6G networks,” IEEE Netw., vol. 35, no. 2, pp. 124–131, 2021.
    12. N. Papernot, P. McDaniel, and I. Goodfellow, “Practical black-box attacks against machine learning,” in Proc. ACM Asia CCS, 2017, pp. 506–519. https://doi.org/10.1145/3052973.3053009.
    13. NIST, Post-Quantum Cryptography Standards (FIPS 203/204/205), U.S. National Institute of Standards and Technology, 2024.
    14. A. Abhishta, R. D. van der Mei, and L. J. M. Nieuwenhuis, “Understanding the impact of DDoS attacks on Internet service providers,” J. Internet Serv. Appl., vol. 10, no. 1, pp. 1–17, 2019.
    15. M. S. Farash and H. R. Nielsen, “Towards secure 5G networks: A survey,” Comput. Netw., vol. 191, p. 107960, 2021.
    16. R. Hussain, S. H. Ahmed, S. Kim, and D. He, “5G security: Concepts and challenges,” IEEE Access, vol. 7, pp. 138200–138217, 2019.
    17. R. Khan, P. Kumar, D. N. K. Jayakody, and M. Liyanage, “A survey on security and privacy of 5G technologies: Potential solutions, recent ad-vancements, and future directions,” IEEE Commun. Surveys Tuts., vol. 22, no. 1, pp. 196–248, 2020. https://doi.org/10.1109/COMST.2019.2933899.
    18. ENISA, Threat Landscape for 5G Networks, European Union Agency for Cybersecurity, 2023.
    19. Akamai, State of the Internet: DDoS Attacks Report, 2023.
    20. GSMA, 5G Security Guide (FS.40 v3.0), GSM Association, 2024.
    21. W. Saad, M. Bennis, and M. Chen, “A vision of 6G wireless systems: Applications, trends, technologies, and open research problems,” IEEE Netw., vol. 34, no. 3, pp. 134–142, 2020. https://doi.org/10.1109/MNET.001.1900287.
    22. ITU, IMT-2030 Framework for 6G, International Telecommunication Union, 2023.
    23. A. Fadlullah, F. Tang, and N. Kato, “Threats to AI-driven 6G networks: Adversarial learning and defense strategies,” IEEE Wireless Commun., vol. 29, no. 5, pp. 114–121, 2022.
    24. A. Patel, M. Taghavi, K. Bakhtiyari, and J. Celestino Júnior, “An intrusion detection and prevention system in cloud computing: A systematic re-view,” J. Netw. Comput. Appl., vol. 36, no. 1, pp. 25–41, 2013. https://doi.org/10.1016/j.jnca.2012.08.007.
    25. Z. Yu, Y. Tian, and M. A. Orgun, “A survey on DDoS attacks and defense mechanisms in cloud computing,” Future Gener. Comput. Syst., vol. 80, pp. 682–697, 2018.
    26. L. M. Ferrag, H. Derdour, and M. Mukherjee, “Blockchain and AI-based solutions to combat DDoS attacks in 6G networks,” IEEE Netw., vol. 35, no. 2, pp. 124–131, 2021.
    27. N. Papernot, P. McDaniel, and I. Goodfellow, “Practical black-box attacks against machine learning,” in Proc. ACM Asia CCS, 2017, pp. 506–519. https://doi.org/10.1145/3052973.3053009.
    28. K. Kalkan and S. Zeadally, “Securing Internet of Things (IoT) with software defined networking (SDN),” IEEE Commun. Mag., vol. 56, no. 9, pp. 186–192, 2018. https://doi.org/10.1109/MCOM.2017.1700714.
    29. X. Xu, X. Wang, and Y. Zhang, “A blockchain-based DDoS mitigation framework in 6G,” in Proc. IEEE GLOBECOM, 2021, pp. 1–6.
    30. S. Singh and I. Chana, “QoS-aware autonomic resource management in cloud computing: A systematic review,” ACM Comput. Surveys, vol. 48, no. 3, pp. 1–46, 2016. https://doi.org/10.1145/2843889.
    31. R. Hussain et al., “Edge–cloud collaboration for resilient 6G security services,” IEEE Commun. Mag., vol. 61, no. 2, pp. 88–95, 2023.
    32. NIST, Post-Quantum Cryptography Standards (FIPS 203/204/205), U.S. NIST, 2024.
    33. D. Kreutz, F. Ramos, P. E. Veríssimo, C. E. Rothenberg, S. Azodolmolky, and S. Uhlig, “Software-defined networking: A comprehensive survey,” Proc. IEEE, vol. 103, no. 1, pp. 14–76, 2015. https://doi.org/10.1109/JPROC.2014.2371999.
    34. 3GPP TS 33.501, “Security architecture and procedures for 5G system,” 3rd Generation Partnership Project, 2023.
    35. M. S. Farash and H. R. Nielsen, “Towards secure 5G networks: A survey,” Comput. Netw., vol. 191, p. 107960, 2021.
    36. K. Kalkan and S. Zeadally, “Securing Internet of Things (IoT) with software defined networking (SDN),” IEEE Commun. Mag., vol. 56, no. 9, pp. 186–192, 2018. https://doi.org/10.1109/MCOM.2017.1700714.
    37. L. M. Ferrag, H. Derdour, and M. Mukherjee, “Blockchain and AI-based solutions to combat DDoS attacks in 6G networks,” IEEE Netw., vol. 35, no. 2, pp. 124–131, 2021.
    38. GSMA, 5G Security Guide (FS.40 v3.0), GSM Association, 2024.
    39. NIST, Post-Quantum Cryptography Standards (FIPS 203/204/205), U.S. NIST, 2024.
    40. Akamai, State of the Internet: DDoS Attacks Report, 2023.
    41. 3GPP TS 23.501, System architecture for the 5G system, 3rd Generation Partnership Project, 2023.
    42. Z. Yu, Y. Tian, and M. A. Orgun, “A survey on DDoS attacks and defense mechanisms in cloud computing,” Future Gener. Comput. Syst., vol. 80, pp. 682–697, 2018.
    43. M. S. Farash and H. R. Nielsen, “Towards secure 5G networks: A survey,” Comput. Netw., vol. 191, p. 107960, 2021.
    44. J. Camenisch and A. Lysyanskaya, “An efficient system for non-transferable anonymous credentials with optional anonymity revocation,” in Proc. EUROCRYPT, 2001, pp. 93–118. https://doi.org/10.1007/3-540-44987-6_7.
    45. Akamai, State of the Internet: DDoS Attacks Report, 2023.
    46. Z. Yu, Y. Tian, and M. A. Orgun, “A survey on DDoS attacks and defense mechanisms in cloud computing,” Future Gener. Comput. Syst., vol. 80, pp. 682–697, 2018.
    47. L. M. Ferrag, H. Derdour, and M. Mukherjee, “Blockchain and AI-based solutions to combat DDoS attacks in 6G networks,” IEEE Netw., vol. 35, no. 2, pp. 124–131, 2021.
    48. X. Xu, X. Wang, and Y. Zhang, “A blockchain-based DDoS mitigation framework in 6G,” in Proc. IEEE GLOBECOM, 2021, pp. 1–6.
    49. GSMA, 5G Security Guide (FS.40 v3.0), GSM Association, 2024.
    50. N. Papernot, P. McDaniel, and I. Goodfellow, “Practical black-box attacks against machine learning,” in Proc. ACM Asia CCS, 2017, pp. 506–519. https://doi.org/10.1145/3052973.3053009.
    51. NIST, Post-Quantum Cryptography Standards (FIPS 203/204/205), U.S. National Institute of Standards and Technology, 2024.

  • Downloads

  • How to Cite

    Al-Balasmeh, H. (2025). DDoS Amplification Attack Mitigation in 5G/6G Networks: A ‎Taxonomy, Evaluation, and Defense Framework. International Journal of Basic and Applied Sciences, 14(6), 139-151. https://doi.org/10.14419/qvspkq08