Signalling storm attack detection at the Open Radio Access Network (O-RAN)

Migrating life-critical applications to wireless networks implies the increasing reliance of our society on continuous network connectivity. However, the sheer scale of networked diverse devices would increase the chance of accidental or intentional attacks. Signaling storm is a type of such attacks causing a denial of service through malicious/compromised devices attempting to attach to the network at a rate of thousands of times per hour. Unfortunately, the existing registration restriction mechanism can be bypassed by the remote exploitation of underlying vulnerabilities. To address this, in this proposed research, we build intelligent solutions to detect malicious attach requests at the edge of the network and prevent the disruption of the 5G core. To this end, we detect attacks originated from several locations by adopting a distributed machine learning approach and based on the information collected by distributed near-real-time RAN Intelligent Controller (RIC) xApps that are sent to rApps.

Azadeh Tabiban
Faculty Supervisor: 
Raouf Boutaba
Partner University: