Intelligent Mitigation of DDoS Attacks in O-RAN Networks Using Machine Learning
Abstract
The transition of mobile networks to 5G has stimulated the adoption of technologies such as NFVs, SDN, slices, and open and interoperable standards like Open RAN (O-RAN). Regarding security, O-RAN networks are in the early stages of ensuring integrity and reliability. In this context, this work proposes the SID-xApp (Slice Intelligent Defender xApp), an application integrated with the near real-time network controller (Near-RT RIC), aiming to identify and mitigate DDoS attacks that may compromise the slices present in the O-RAN. The proposed solution is designed to enalbe modular development and to support metrics from devices connected to the network, identify patterns through machine learning models (ML), and dissociate malicious users, providing a layer of security to the O-RAN’s open fronthaul.
References
Donatti, A., Corrêa, S. L., Martins, J. S. B., Abelem, A. J. G., Both, C. B., de Oliveira Silva, F., Suruagy, J. A., Pasquini, R., Moreira, R., Cardoso, K. V., and Carvalho, T. C. (2024). Survey on machine learning-enabled network slicing: Covering the entire life cycle. IEEE Transactions on Network and Service Management, 21(1):994–1011.
Hoffmann, M., Janji, S., Samorzewski, A., Kułacz, , Adamczyk, C., Dryjański, M., Kryszkiewicz, P., Kliks, A., and Bogucka, H. (2024). Open ran xapps design and evaluation: Lessons learnt and identified challenges. IEEE Journal on Selected Areas in Communications, 42(2):473–486.
Khan, S., Farzaneh, B., Shahriar, N., Saha, N., and Boutaba, R. (2022). Slicesecure: Impact and detection of dos/ddos attacks on 5g network slices. pages 639–642.
Liyanage, M., Braeken, A., Shahabuddin, S., and Ranaweera, P. (2022). Open ran security: Challenges and opportunities.
Marinova, S. and Leon-Garcia, A. (2024). Intelligent o-ran beyond 5g: Architecture, use cases, challenges, and opportunities. IEEE Access, 12:27088–27114.
Moore, J., Abdalla, A. S., Zhang, M., and Marojevic, V. (2023). Demo: Ssxapp: Secure slicing for o-ran deployments. In MILCOM 2023 - 2023 IEEE Military Communications Conference (MILCOM), pages 251–252.
Nagib, A. M., Abou-Zeid, H., and Hassanein, H. S. (2024). Safe and accelerated deep reinforcement learning-based o-ran slicing: A hybrid transfer learning approach. IEEE Journal on Selected Areas in Communications, 42(2):310–325.
O-RAN Alliance (2024). Openran specifications. [link].
ONF (2023). Sd-ran documentation. [link].
ONOS Project (2022). ONOS-RSM. [link].
Polese, M., Bonati, L., D’Oro, S., Basagni, S., and Melodia, T. (2023). Understanding o-ran: Architecture, interfaces, algorithms, security, and research challenges. IEEE Communications Surveys Tutorials, 25(2):1376–1411.
RNP (2023). Projeto OpenRAN Brasil. [link].
Samarakoon, S., Siriwardhana, Y., Porambage, P., Liyanage, M., Chang, S.-Y., Kim, J., Kim, J., and Ylianttila, M. (2022). 5g-nidd: A comprehensive network intrusion detection dataset generated over 5g wireless network.
Xavier, B. M., Dzaferagic, M., Collins, D., Comarela, G., Martinello, M., and Ruffini, M. (2023). Machine learning-based early attack detection using open ran intelligent controller. In ICC 2023 - IEEE International Conference on Communications, pages 1856–1861.
