Search for: All records

The Open Radio Access Network (O-RAN) architecture is reshaping telecommunications by promoting openness, flexibility, and intelligent closed-loop optimization. By decoupling hardware and software and enabling multi-vendor deployments, O-RAN reduces costs, enhances performance, and allows rapid adaptation to new technologies. A key innovation is intelligent network slicing, which partitions networks into isolated slices tailored for specific use cases or quality of service requirements. The RAN Intelligent Controller further optimizes resource allocation, ensuring efficient utilization and improved service quality for user equipment (UEs). However, the modular and dynamic nature of O-RAN expands the threat surface, necessitating advanced security measures to maintain network integrity, confidentiality, and availability. Intrusion detection systems have become essential for identifying and mitigating attacks. This research explores using large language models (LLMs) to generate security recommendations based on the temporal traffic patterns of connected UEs. The paper introduces an LLM-driven intrusion detection framework and demonstrates its efficacy through experimental deployments, comparing non-fine-tuned and fine-tuned models for task-specific accuracy. 

The advent of 5G technology introduces significant advancements in speed, latency, and device connectivity, but also poses complex security challenges. Among typical denial-of-service (DoS) attacks, jamming attack can severely degrade network performance by interfering critical communication channels. To address this issue, we propose a novel security solution utilizing multipath communication, which distributes message segments across multiple paths to ensure message recovery even when some paths are compromised. This strategy enhances network resilience and aligns with zero-trust architecture principles. Moreover, the proposed scheme has been implemented in our testbed to validate the concept and assess the network performance under jamming attacks. Our findings demonstrate that this method eliminates the negative impacts caused by DoS attacks, maintaining the integrity and availability of critical network services. The results highlight the robustness of multipath communication in securing 5G networks against sophisticated attacks, thereby safeguarding essential communications in dynamic and potentially hostile environments. 

This paper explores an innovative approach to enhance the resilience and security of beyond 5G (B5G) networks through the implementation of cross-bandwidth part (C-BWP) frequency hopping at mini-slot granularity. Utilizing dynamic channel estimation, the proposed system assigns resource blocks (RBs) to user equipment (UEs) of varying priorities, mitigating the impact of jamming in hostile radio environments. We introduce strategic C-BWP frequency hopping for high-priority UEs, optimizing the use of unaffected RBs. This method is shown to effectively counter various types of jamming, ensuring robust and secure communication in both current and future cellular networks. Through rigorous simulation, we demonstrate that intra-slot frequency hopping offers superior resilience by adapting quickly to dynamic channel conditions, significantly enhancing the performance and security of the communications system. 

We develop 5GBaseChecker— an efficient, scalable, and dynamic security analysis framework based on differential testing for analyzing 5G basebands' control plane protocol interactions. 5GBaseChecker first captures basebands' protocol behaviors as a finite state machine (FSM) through black-box automata learning. To facilitate efficient learning and improve scalability, 5GBaseChecker introduces novel hybrid and collaborative learning techniques. 5GBaseChecker then identifies input sequences for which the extracted FSMs provide deviating outputs. Finally, 5GBaseChecker leverages these deviations to efficiently identify the security properties from specifications and use those to triage if the deviations found in 5G basebands violate any properties. We evaluated 5GBaseChecker with 17 commercial 5G basebands and 2 open-source UE implementations and uncovered 22 implementation-level issues, including 13 exploitable vulnerabilities and 2 interoperability issues.