Project Description

The shift towards 5G mobile networks coincides with the coexistence of previous generations (e.g., LTE 4G), exposing 5G networks to vulnerabilities of previous generations due to inter-working modes and cross-protocol threats. The integration of new enabling technologies, such as Network Function Virtualization (NFV), Software-Defined Networking (SDN), and network slicing, further broadens the attack surface. This project aims to enhance the security of 5G networks through the development of AI/ML-driven anomaly detection, mitigation, and prevention mechanisms. Leveraging ML models and closed-loop control mechanisms, this project will empower mobile network operators to autonomously secure their networks against attacks that compromise availability and reliability, while ensuring end-user Quality of Service (QoS). In this project, we focus on two major security concerns: (i) signaling storms in Open RAN (O-RAN) and container escape attacks in the 5G Core.

Project Objectives

• Objective 1: Securing O-RAN against Signaling Storms
  Signaling storms occur when excessive control-plane signaling overwhelms network capabilities, potentially leading to denial-of-service. For example, compromised or misbehaving user equipment (UEs) can repeatedly trigger registration, connection setup, and release procedures, overloading the control plane. Existing threshold-based defenses are easily circumvented by geographically distributed or coordinated attacks. This objective focuses on developing ML-based early detection and mitigation mechanisms for signaling storms in O-RAN environments.

• Objective 2: Securing 5G Core against Container Escape
  The 5G Core operates in containerized environments, where runtime vulnerabilities or misconfigurations may allow adversaries to break container (i.e., Core functions) isolation, escalate privileges, or move laterally across containers. Such compromises can have critical implications for network slicing, service availability and reliability. This objective will leverage ML-based behavioral analysis and runtime anomaly detection to identify and prevent container escape attempts within the 5G Core.

Related Publications

• A. Tabiban, H. A. Alameddine, M. A. Salahuddin, R. Boutaba, Signaling Storm in O-RAN: Challenges and Research Opportunities. IEEE Communications Magazine, vol. 62(6), pp. 58-64, June 2024.

Sponsors and Partners