In the era of 5G and beyond, the increasing complexity of wireless networks necessitates innovative frameworks for efficient management and deployment. Digital twins (DTs), embodying real-time monitoring, predictive configurations, and enhanced decision-making capabilities, stand out as a promising solution in this context. Within a time-series data-driven framework that effectively maps wireless networks into digital counterparts, encapsulated by integrated vertical and horizontal twinning phases, this study investigates the security challenges in distributed network DT systems, which potentially undermine the reliability of subsequent network applications such as wireless traffic forecasting. Specifically, we consider a minimal-knowledge scenario for all attackers, in that they do not have access to network data and other specialized knowledge, yet can interact with previous iterations of server-level models. In this context, we spotlight a novel fake traffic injection attack designed to compromise a distributed network DT system for wireless traffic prediction. In response, we then propose a defense mechanism, termed global-local inconsistency detection (GLID), to counteract various model poisoning threats. GLID strategically removes abnormal model parameters that deviate beyond a particular percentile range, thereby fortifying the security of network twinning process. Through extensive experiments on real-world wireless traffic datasets, our experimental evaluations show that both our attack and defense strategies significantly outperform existing baselines, highlighting the importance of security measures in the design and implementation of DTs for 5G and beyond network systems.

翻译：在5G及后5G时代，无线网络日益增长的复杂性亟需创新的高效管理与部署框架。数字孪生（DTs）凭借其实时监控、预测性配置和增强决策能力，在此背景下成为极具前景的解决方案。本研究基于一个有效将无线网络映射至数字副本的时序数据驱动框架——该框架通过垂直与水平孪生阶段的集成实现封装，重点探讨分布式网络DT系统中可能危及后续网络应用（如无线流量预测）可靠性的安全挑战。具体而言，我们考虑攻击者处于最小知识场景：其无法获取网络数据及其他专业知识，但可与服务器级模型的先前迭代版本进行交互。在此背景下，我们揭示了一种旨在破坏无线流量预测分布式网络DT系统的新型虚假流量注入攻击。作为应对，我们提出一种名为“全局-局部不一致性检测”（GLID）的防御机制，以抵御各类模型投毒威胁。GLID通过策略性剔除偏离特定百分位范围的异常模型参数，从而强化网络孪生过程的安全性。基于真实无线流量数据集的广泛实验表明，我们提出的攻击与防御策略均显著优于现有基线方法，凸显了安全措施在5G及未来网络系统数字孪生设计与实施中的关键意义。