Joyi, PGurajena, CMasonta, Moshe T2026-03-112026-03-112025-12http://hdl.handle.net/10204/14746Network slicing is a fundamental enabler of 5G networks, allowing the creation of multiple virtual networks on a shared physical infrastructure to meet diverse service requirements. However, this flexibility introduces critical security and privacy challenges, as shared control-plane components and inter-slice communication can be exploited by attackers to launch Distributed Denial-of-Service (DDoS) attacks, compromise data confidentiality, and disrupt service availability. To address these challenges, this study proposes a secure end-to-end 5G network slicing architecture integrating real-time traffic monitoring, anomaly detection, and slice-aware security policies to protect against DDoS attacks. The architecture was implemented using Open5GS as the core network and UERANSIM as the radio access network emulator, enabling the creation of multiple slices (eMBB, URLLC, and mMTC) with isolated SMF–UPF pairs and a shared AMF. Experimental evaluation involved generating legitimate and malicious traffic to analyze control-plane behavior at the AMF, slice resource utilization, and attack impact on packet flow. The proposed system achieved a DDoS detection accuracy of 98%, with a false positive rate of 2.3%, and demonstrated up to 40% faster response to signaling floods compared to baseline threshold-based detection approaches. These results confirm that the architecture can effectively detect and mitigate DDoS attacks while maintaining stable performance across multiple slices. This work contributes a practical and extensible security framework for 5G network slicing, offering improved resilience and reliability compared to existing solutions.Fulltexten5G NetworksNetwork SlicingSecurity and PrivacyDistributed Denial-of-ServiceDDoSDDoS DetectionConference PresentationN/A