Understanding the security implications in O-RAN with abusive adversaries

Mark Megarry; Antonino Masaracchia; Muhammad Fahim; Vishal Sharma; Trung Q. Duong

Understanding the security implications in O-RAN with abusive adversaries

Mark Megarry, Antonino Masaracchia, Muhammad Fahim, Vishal Sharma, Trung Q. Duong

School of Electronics, Electrical Engineering and Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Open-Radio Access Network (O-RAN) is considered the next scalable solution, which aims to devolve the network into Near-real-time RIC and Non-real-time RIC to have far more flexibility in services with adaptable components. This disaggregation, however, will have broader security implications, primarily arising because of the use of legacy systems in the new architecture. Current threat models take a lighter tone towards the evaluation of security measures. Thus, strict adversarial methods must be adopted, which can consider scenarios of cyber-vandalism in such networks. Based on this ideology, the article presents security implications posed by abusive adversaries in the offloading procedures. This methodology provides a viewpoint on how an adversary forms predictive methods on when to attack the system, which is followed by mitigation mechanisms for the network to avoid it from happening. The work is based on the Markov Decision Process (MDP) and a Fuzzy Inference System (FIS), which uses Synthetic Data Augmentation for Tabular Data (SMOTE) to generate a set of metrics that can offer a high probability of attack in the transition mode to the adversary. The implications are presented using a synthetic dataset created on the backbone of the simulated scenario in NS3 and followed by mitigation strategies.

Original language	English
Title of host publication	10th EAI International Conference on Industrial Networks and Intelligent Systems: Proceedings
Publisher	Springer
Pages	215-235
Number of pages	21
Publication status	Published - 31 Jul 2024
Event	10th EAI International Conference on Industrial Networks and Intelligent Systems - Da Nang, Viet Nam Duration: 20 Feb 2024 → 21 Feb 2024 Conference number: 10 https://iniscom.eai-conferences.org/2024/

Publication series

Name	Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
ISSN (Print)	1867-8211
ISSN (Electronic)	1867-822X

Conference

Conference	10th EAI International Conference on Industrial Networks and Intelligent Systems
Abbreviated title	EAI INISCOM 2024
Country/Territory	Viet Nam
City	Da Nang
Period	20/02/2024 → 21/02/2024
Internet address	https://iniscom.eai-conferences.org/2024/

Embargoed Document

Understanding the security implications in O-RAN with abusive adversaries
Accepted author manuscript, 1.42 MB
Licence: Unspecified
Embargo ends: 31/07/2025

Cite this

Megarry, M., Masaracchia, A., Fahim, M., Sharma, V., & Duong, T. Q. (2024). Understanding the security implications in O-RAN with abusive adversaries. In 10th EAI International Conference on Industrial Networks and Intelligent Systems: Proceedings (pp. 215-235). (Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering). Springer.

Megarry, Mark ; Masaracchia, Antonino ; Fahim, Muhammad et al. / Understanding the security implications in O-RAN with abusive adversaries. 10th EAI International Conference on Industrial Networks and Intelligent Systems: Proceedings. Springer, 2024. pp. 215-235 (Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering).

@inproceedings{ed6803c9bb924c31b839c482824f4281,

title = "Understanding the security implications in O-RAN with abusive adversaries",

abstract = "Open-Radio Access Network (O-RAN) is considered the next scalable solution, which aims to devolve the network into Near-real-time RIC and Non-real-time RIC to have far more flexibility in services with adaptable components. This disaggregation, however, will have broader security implications, primarily arising because of the use of legacy systems in the new architecture. Current threat models take a lighter tone towards the evaluation of security measures. Thus, strict adversarial methods must be adopted, which can consider scenarios of cyber-vandalism in such networks. Based on this ideology, the article presents security implications posed by abusive adversaries in the offloading procedures. This methodology provides a viewpoint on how an adversary forms predictive methods on when to attack the system, which is followed by mitigation mechanisms for the network to avoid it from happening. The work is based on the Markov Decision Process (MDP) and a Fuzzy Inference System (FIS), which uses Synthetic Data Augmentation for Tabular Data (SMOTE) to generate a set of metrics that can offer a high probability of attack in the transition mode to the adversary. The implications are presented using a synthetic dataset created on the backbone of the simulated scenario in NS3 and followed by mitigation strategies.",

author = "Mark Megarry and Antonino Masaracchia and Muhammad Fahim and Vishal Sharma and Duong, {Trung Q.}",

year = "2024",

month = jul,

day = "31",

language = "English",

series = "Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering",

publisher = "Springer",

pages = "215--235",

booktitle = "10th EAI International Conference on Industrial Networks and Intelligent Systems: Proceedings",

note = "10th EAI International Conference on Industrial Networks and Intelligent Systems, EAI INISCOM 2024 ; Conference date: 20-02-2024 Through 21-02-2024",

url = "https://iniscom.eai-conferences.org/2024/",

}

Megarry, M, Masaracchia, A, Fahim, M , Sharma, V & Duong, TQ 2024, Understanding the security implications in O-RAN with abusive adversaries. in 10th EAI International Conference on Industrial Networks and Intelligent Systems: Proceedings. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, Springer, pp. 215-235, 10th EAI International Conference on Industrial Networks and Intelligent Systems, Da Nang, Viet Nam, 20/02/2024.

Understanding the security implications in O-RAN with abusive adversaries. / Megarry, Mark; Masaracchia, Antonino; Fahim, Muhammad et al.
10th EAI International Conference on Industrial Networks and Intelligent Systems: Proceedings. Springer, 2024. p. 215-235 (Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Understanding the security implications in O-RAN with abusive adversaries

AU - Megarry, Mark

AU - Masaracchia, Antonino

AU - Fahim, Muhammad

AU - Sharma, Vishal

AU - Duong, Trung Q.

N1 - Conference code: 10

PY - 2024/7/31

Y1 - 2024/7/31

N2 - Open-Radio Access Network (O-RAN) is considered the next scalable solution, which aims to devolve the network into Near-real-time RIC and Non-real-time RIC to have far more flexibility in services with adaptable components. This disaggregation, however, will have broader security implications, primarily arising because of the use of legacy systems in the new architecture. Current threat models take a lighter tone towards the evaluation of security measures. Thus, strict adversarial methods must be adopted, which can consider scenarios of cyber-vandalism in such networks. Based on this ideology, the article presents security implications posed by abusive adversaries in the offloading procedures. This methodology provides a viewpoint on how an adversary forms predictive methods on when to attack the system, which is followed by mitigation mechanisms for the network to avoid it from happening. The work is based on the Markov Decision Process (MDP) and a Fuzzy Inference System (FIS), which uses Synthetic Data Augmentation for Tabular Data (SMOTE) to generate a set of metrics that can offer a high probability of attack in the transition mode to the adversary. The implications are presented using a synthetic dataset created on the backbone of the simulated scenario in NS3 and followed by mitigation strategies.

AB - Open-Radio Access Network (O-RAN) is considered the next scalable solution, which aims to devolve the network into Near-real-time RIC and Non-real-time RIC to have far more flexibility in services with adaptable components. This disaggregation, however, will have broader security implications, primarily arising because of the use of legacy systems in the new architecture. Current threat models take a lighter tone towards the evaluation of security measures. Thus, strict adversarial methods must be adopted, which can consider scenarios of cyber-vandalism in such networks. Based on this ideology, the article presents security implications posed by abusive adversaries in the offloading procedures. This methodology provides a viewpoint on how an adversary forms predictive methods on when to attack the system, which is followed by mitigation mechanisms for the network to avoid it from happening. The work is based on the Markov Decision Process (MDP) and a Fuzzy Inference System (FIS), which uses Synthetic Data Augmentation for Tabular Data (SMOTE) to generate a set of metrics that can offer a high probability of attack in the transition mode to the adversary. The implications are presented using a synthetic dataset created on the backbone of the simulated scenario in NS3 and followed by mitigation strategies.

M3 - Conference contribution

T3 - Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

SP - 215

EP - 235

BT - 10th EAI International Conference on Industrial Networks and Intelligent Systems: Proceedings

PB - Springer

T2 - 10th EAI International Conference on Industrial Networks and Intelligent Systems

Y2 - 20 February 2024 through 21 February 2024

ER -

Understanding the security implications in O-RAN with abusive adversaries

Abstract

Publication series

Conference

Embargoed Document

Fingerprint

Cite this