Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Exploiting and Securing ML Solutions in Near-RT RIC: A Perspective of an xApp

Thusitha Dayaratne, Viet Vo, Shangqi Lai, Sharif Abuadbba, Blake Haydon, Hajime Suzuki, Xingliang Yuan, Carsten Rudolph

TL;DR

This paper addresses the security of ML-based xApps running on the Near-Real-Time RIC within the O-RAN framework, focusing on the expanded attack surface created by openness and distributed components. It centers on a traffic steering use case to illustrate how ML-enabled policies can be attacked and defended, detailing adversarial ML threats (MIAs, MEAs, data/poisoning) as well as platform-level exploits via E2, RMR, and the conflict manager. The authors propose defense strategies spanning AI/ML-based anomaly detection, granular access control, and zero-trust architectures, and discuss future directions such as data provenance, TPMs, and hardware acceleration to maintain near-real-time performance. Collectively, the work highlights practical risks and actionable mitigations to advance secure, robust deployment of ML-enabled xApps in beyond-5G/6G O-RAN networks.

Abstract

Open Radio Access Networks (O-RAN) are emerging as a disruptive technology, revolutionising traditional mobile network architecture and deployments in the current 5G and the upcoming 6G era. Disaggregation of network architecture, inherent support for AI/ML workflows, cloud-native principles, scalability, and interoperability make O-RAN attractive to network providers for beyond-5G and 6G deployments. Notably, the ability to deploy custom applications, including Machine Learning (ML) solutions as xApps or rApps on the RAN Intelligent Controllers (RICs), has immense potential for network function and resource optimisation. However, the openness, nascent standards, and distributed architecture of O-RAN and RICs introduce numerous vulnerabilities exploitable through multiple attack vectors, which have not yet been fully explored. To address this gap and ensure robust systems before large-scale deployments, this work analyses the security of ML-based applications deployed on the RIC platform. We focus on potential attacks, defence mechanisms, and pave the way for future research towards a more robust RIC platform.

Exploiting and Securing ML Solutions in Near-RT RIC: A Perspective of an xApp

TL;DR

This paper addresses the security of ML-based xApps running on the Near-Real-Time RIC within the O-RAN framework, focusing on the expanded attack surface created by openness and distributed components. It centers on a traffic steering use case to illustrate how ML-enabled policies can be attacked and defended, detailing adversarial ML threats (MIAs, MEAs, data/poisoning) as well as platform-level exploits via E2, RMR, and the conflict manager. The authors propose defense strategies spanning AI/ML-based anomaly detection, granular access control, and zero-trust architectures, and discuss future directions such as data provenance, TPMs, and hardware acceleration to maintain near-real-time performance. Collectively, the work highlights practical risks and actionable mitigations to advance secure, robust deployment of ML-enabled xApps in beyond-5G/6G O-RAN networks.

Abstract

Open Radio Access Networks (O-RAN) are emerging as a disruptive technology, revolutionising traditional mobile network architecture and deployments in the current 5G and the upcoming 6G era. Disaggregation of network architecture, inherent support for AI/ML workflows, cloud-native principles, scalability, and interoperability make O-RAN attractive to network providers for beyond-5G and 6G deployments. Notably, the ability to deploy custom applications, including Machine Learning (ML) solutions as xApps or rApps on the RAN Intelligent Controllers (RICs), has immense potential for network function and resource optimisation. However, the openness, nascent standards, and distributed architecture of O-RAN and RICs introduce numerous vulnerabilities exploitable through multiple attack vectors, which have not yet been fully explored. To address this gap and ensure robust systems before large-scale deployments, this work analyses the security of ML-based applications deployed on the RIC platform. We focus on potential attacks, defence mechanisms, and pave the way for future research towards a more robust RIC platform.
Paper Structure (26 sections, 3 figures)

This paper contains 26 sections, 3 figures.

Table of Contents

  1. Introduction
  2. O-RAN Architecture and RICs
  3. System Model
  4. Use Case: Traffic Steering (TS)
  5. AI/ML based Traffic Steering
  6. Threat Model
  7. Attacks on ML based Traffic Steering
  8. Adversarial ML Attacks
  9. Membership Inference Attacks (MIAs)
  10. Leakages for Inference
  11. Poisoning for Inference
  12. Model Extraction Attacks (MEAs)
  13. Scraping for Extraction
  14. Poisoning for Extraction
  15. Other Explicit ML Attacks
  16. ...and 11 more sections

Figures (3)

  • Figure 1: High-level O-RAN Logical Architecture & Primary Interfaces
  • Figure 2: High level system model and threat model
  • Figure 3: Abstract TS process with the involvement of different apps