Eric Keller

The proliferation of 5G networks around the world presents an attractive opportunity for U.S. government organizations, nongovernmental humanitarian aid organizations, and private sector enterprises to take advantage of indigenous 5G networks to eliminate the costs of installing and maintaining an alternate communications infrastructure. However, in many areas of the world, 5G networks are deployed and operated by organizations that are untrusted and potentially hostile to the U.S. In these environments, new security technologies are needed to secure operations. The 5G Hidden Operations through Securing Traffic (GHOST) project provides four layers of security. First, GHOST protects against end-user and networking devices from being compromised by a hostile network. Second, GHOST anonymizes individual identities and obscures user locations. Third, GHOST prevents traffic analysis that could reveal operational plans and activities by anonymizing communication connections and introducing “GHOST” traffic into the network to maintain a constant level of activity. Finally, the GHOST project will further obfuscate traffic analysis by injecting “false flag” traffic that models real operations to confuse and mislead analysis. The GHOST technology will enable organizations ranging from the U.S. military to private entities to securely operate over indigenous 5G networks, regardless of the politics of the network operators.

The GHOST project addresses the core intellectual challenge of providing secure communications resistant to penetration and traffic analysis over untrusted networks. The GHOST project considers the network as a black box that is assumed to be operated by a hostile agent. Addressing the challenge will yield four intellectual benefits to the research and operational communities. (i) First, the GHOST project will deliver technology that will protect end-user devices and non-indigenous networking equipment from penetration and compromise. The technology secures devices at the hardware level through the use of Trusted Execution Environments (TEEs). The idea behind a TEE is that anything coming from outside the chip boundary is untrusted. TEEs enforce this trusted boundary by implementing integrity verification of data and code and encrypting them once they cross the trusted boundary. (ii) Second, the GHOST project will deliver technology to anonymize or disguise end-user identities, locations, and communications endpoints. End-user identities will be protected using software defined credentials. Locations are protected using geo-spatial identity management. Communications connections are protected by peer-to-peer anonymization. (iii) Third, the GHOST project will deliver technology to overlay normal traffic with “GHOST” traffic — essentially network white noise — to obfuscate traffic analysis. (iv) Fourth, the GHOST project will deliver technology to model and generate “false flag” traffic. Through monitoring and simulation, models of traffic patterns associated with specific operations will be generated. "False flag" traffic injected into the network will reflect the traffic associated with a particular operation and be convincing to any observers.

GHOST technology will benefit end-users of any network, not just untrusted networks. The primary criteria for success of the GHOST project will be: (i) Device protection from network operator attacks; (ii) The obfuscation of user identities, locations, and communications connections; (iii) The obfuscation of traffic patterns; (iv) The injection of “false flag” traffic.

To improve performance, security, and reliability, network practitioners have moved away from the principle of a stateless network and added stateful processing to devices such as internet firewalls, load balancers, and intrusion detection systems. In doing so, networks have become increasingly complex and brittle. The research objective of this proposal is to provide the foundation for a transformative network architecture based on disaggregated virtual network functions. Developing this capability will improve the performance and operation of virtualized computing systems, including compute clouds, and ultimately make US information technology capabilities more competitive.

This project will introduce the new systems and algorithms to make a disaggregated network function architecture possible, leveraging recent advances in distributed systems in low-latency data stores, and the unique properties of network processing that can be used to optimize the interface between the processing and state. Specifically, this proposal will: 1) develop the algorithmic and system underpinnings that overcome the challenges in achieving the needed performance in the face of added latency, overhead in accessing state, and concurrent execution; and 2) create novel network management capabilities that leverage disaggregated network functions to realize a network function infrastructure that is efficient and robust to load changes, component failures, and software or configuration updates.