Research pick: Encryption and intrusion detection close to the edge - "Dual-modal system for real-time encryption and anomaly detection of 5G communication data integrating AES-GCM and LSTM"

Research into 5G cellular network security suggests that we need to unify encryption and intrusion detection to better protect those networks rather than treating encryption and detection as separate processes. The research in the International Journal of Information and Communication Technology focuses on the demands of 5G networks, which offer high data speeds, very low latency, and massive device connectivity. These capabilities allow us to use sophisticated mobile applications and have autonomous vehicles, smart cities, and industrial automation. But they come at a cost of increased exposure to fast-changing security threats from malware and malicious third parties.

The researchers have identified a structural limitation in conventional security design. Encryption typically protects data confidentiality, while intrusion detection systems independently monitor network traffic for malicious behaviour. In high-speed 5G environments, this separation can introduce delays and reduce the system’s ability to respond to attacks in real time.

To address this, the researchers have developed a dual-modal architecture that combines AES-GCM with a Long Short-Term Memory (LSTM) neural network. AES-GCM is a symmetric encryption method that scrambles data to prevent unauthorised access while also verifying that information has not been altered during transmission. The LSTM component is a type of deep learning model designed to analyse sequences of data over time, allowing it to identify patterns in network traffic and detect anomalies.

The system integrates these functions so that encryption and anomaly detection operate in parallel. Data is secured while being continuously monitored, rather than processed in separate stages. According to the researchers, this combined approach offers a detection accuracy of 98.1% and a false positive rate of just 0.5%, meaning it rarely mislabels normal activity as malicious. Encryption and decryption times are reported at 18.4 milliseconds and 21.7 milliseconds, respectively, performance levels considered suitable for real-time communication systems.

The team adds that this new model works under varying network loads. In high-bandwidth conditions, encryption delays are lower, suggesting the system adjusts dynamically to traffic intensity. They also add that energy consumption is reduced compared with encryption-only methods. This could be critical for edge computing environments where processing occurs on the device and where power resources might be limited.

Wang, H. (2026) ‘Dual-modal system for real-time encryption and anomaly detection of 5G communication data integrating AES-GCM and LSTM’, Int. J. Information and Communication Technology, Vol. 27, No. 41, pp.21–44.