Leveraging DPUs for beyond 5G protocol security

Cloud-native 5G architectures enhance scalability and flexibility to enable more dynamic and efficient communication networks. However, they also introduce greater protocol complexity and expand the potential attack surface. Protocols such as PFCP, GTP-U, NGAP, and F1AP are prone to attacks like session hijacking, malformed signaling, tunnel spoofing, etc.. Detecting these attacks is becoming increasingly difficult with the CPU-based protocol analyzers due to their limited observability and high processing overheads. Hence, in this work we investigate the use of Data Processing Units (DPUs) for inline, protocol-aware inspection and anomaly detection at line rate. By integrating programmable parsers and telemetry-driven detection, DPUs can enforce security policies with minimal performance degradation. The work focuses on (i) defining a protocol-layer threat model for 5G Core and RAN interfaces, (ii) designing a host-attached DPU security architecture, and (iii) developing a reproducible evaluation methodology using open-source testbeds (Free5GC/Open5GS and OAI/srsRAN). Ongoing implementation targets NVIDIA BlueField, with planned experiments to analyze security, performance, and energy trade-offs. The research aims to establish a hardware-assisted foundation for secure and scalable Beyond 5G deployments.