ZTRAN: Prototyping Zero Trust Security xApps for Open Radio Access Network Deployments

• URL: http://arxiv.org/abs/2403.04113v1
• Date: Wed, 6 Mar 2024 23:57:16 GMT
• Title: ZTRAN: Prototyping Zero Trust Security xApps for Open Radio Access Network Deployments
• Authors: Aly S. Abdalla, Joshua Moore, Nisha Adhikari, Vuk Marojevic,
• Abstract summary: Open radio access network (O-RAN) offers new degrees of freedom for building and operating advanced cellular networks. This paper proposes leveraging zero trust principles for O-RAN security. We introduce zero trust RAN (ZTRAN), which embeds service authentication, intrusion detection, and secure slicing subsystems that are encapsulated as xApps.
• Score: 2.943640991628177
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: The open radio access network (O-RAN) offers new degrees of freedom for building and operating advanced cellular networks. Emphasizing on RAN disaggregation, open interfaces, multi-vendor support, and RAN intelligent controllers (RICs), O-RAN facilitates adaptation to new applications and technology trends. Yet, this architecture introduces new security challenges. This paper proposes leveraging zero trust principles for O-RAN security. We introduce zero trust RAN (ZTRAN), which embeds service authentication, intrusion detection, and secure slicing subsystems that are encapsulated as xApps. We implement ZTRAN on the open artificial intelligence cellular (OAIC) research platform and demonstrate its feasibility and effectiveness in terms of legitimate user throughput and latency figures. Our experimental analysis illustrates how ZTRAN's intrusion detection and secure slicing microservices operate effectively and in concert as part of O-RAN Alliance's containerized near-real time RIC. Research directions include exploring machine learning and additional threat intelligence feeds for improving the performance and extending the scope of ZTRAN.

Related papers

• Enhancing Enterprise Security with Zero Trust Architecture [0.0]
  Zero Trust Architecture (ZTA) represents a transformative approach to modern cybersecurity. ZTA shifts the security paradigm by assuming that no user, device, or system can be trusted by default. This paper explores the key components of ZTA, such as identity and access management (IAM), micro-segmentation, continuous monitoring, and behavioral analytics.
  arXiv  Detail & Related papers  (2024-10-23T21:53:16Z)
• Poster: Developing an O-RAN Security Test Lab [5.760069348754009]
  Open Radio Access Networks (ORAN) is an expansion of the current Next Generation Radio Access Networks (NG-RAN) of 5G. ORAN aims to break this closed RAN market that is controlled by a handful of vendors. We discuss and propose a way for a minimal, future-proof deployment of an ORAN 5G network.
  arXiv  Detail & Related papers  (2024-09-02T09:36:38Z)
• Securing the Open RAN Infrastructure: Exploring Vulnerabilities in Kubernetes Deployments [60.51751612363882]
  We investigate the security implications of and software-based Open Radio Access Network (RAN) systems. We highlight the presence of potential vulnerabilities and misconfigurations in the infrastructure supporting the Near Real-Time RAN Controller (RIC) cluster.
  arXiv  Detail & Related papers  (2024-05-03T07:18:45Z)
• Securing O-RAN Open Interfaces [17.479389941383605]
  The next generation of cellular networks will be characterized by openness, intelligence, and distributed computing. The Open Radio Access Network (Open RAN) framework represents a significant leap toward realizing these ideals. While it holds the potential to disrupt the established vendor lock-ins, Open RAN's disaggregated nature raises critical security concerns.
  arXiv  Detail & Related papers  (2024-04-23T14:25:05Z)
• Cross-Domain AI for Early Attack Detection and Defense Against Malicious Flows in O-RAN [5.196266559887213]
  Cross-Domain Artificial Intelligence (AI) can be the key to address this, although its application in Open Radio Access Network (O-RAN) is still at its infancy. Our results demonstrate the potential of the proposed approach, achieving an accuracy rate of 93%. This approach not only bridges critical gaps in mobile network security but also showcases the potential of cross-domain AI in enhancing the efficacy of network security measures.
  arXiv  Detail & Related papers  (2024-01-17T13:29:47Z)
• The Security and Privacy of Mobile Edge Computing: An Artificial Intelligence Perspective [64.36680481458868]
  Mobile Edge Computing (MEC) is a new computing paradigm that enables cloud computing and information technology (IT) services to be delivered at the network's edge. This paper provides a survey of security and privacy in MEC from the perspective of Artificial Intelligence (AI) We focus on new security and privacy issues, as well as potential solutions from the viewpoints of AI.
  arXiv  Detail & Related papers  (2024-01-03T07:47:22Z)
• Implementing and Evaluating Security in O-RAN: Interfaces, Intelligence, and Platforms [18.106587432715155]
  The Open Radio Access Network (RAN) builds on top of cloud-based, multi-vendor, open and intelligent architectures to shape the next generation of cellular networks for 5G and beyond. This article is the first work in approaching the security aspect of O-RAN holistically and with experimental evidence obtained on a state-of-the-art programmable O-RAN platform.
  arXiv  Detail & Related papers  (2023-04-21T17:02:35Z)
• Sparsity-Aware Intelligent Massive Random Access Control in Open RAN: A Reinforcement Learning Based Approach [61.74489383629319]
  Massive random access of devices in the emerging Open Radio Access Network (O-RAN) brings great challenge to the access control and management. reinforcement-learning (RL)-assisted scheme of closed-loop access control is proposed to preserve sparsity of access requests. Deep-RL-assisted SAUD is proposed to resolve highly complex environments with continuous and high-dimensional state and action spaces.
  arXiv  Detail & Related papers  (2023-03-05T12:25:49Z)
• Artificial Intelligence Empowered Multiple Access for Ultra Reliable and Low Latency THz Wireless Networks [76.89730672544216]
  Terahertz (THz) wireless networks are expected to catalyze the beyond fifth generation (B5G) era. To satisfy the ultra-reliability and low-latency demands of several B5G applications, novel mobility management approaches are required. This article presents a holistic MAC layer approach that enables intelligent user association and resource allocation, as well as flexible and adaptive mobility management.
  arXiv  Detail & Related papers  (2022-08-17T03:00:24Z)
• Safe RAN control: A Symbolic Reinforcement Learning Approach [62.997667081978825]
  We present a Symbolic Reinforcement Learning (SRL) based architecture for safety control of Radio Access Network (RAN) applications. We provide a purely automated procedure in which a user can specify high-level logical safety specifications for a given cellular network topology. We introduce a user interface (UI) developed to help a user set intent specifications to the system, and inspect the difference in agent proposed actions.
  arXiv  Detail & Related papers  (2021-06-03T16:45:40Z)
• Symbolic Reinforcement Learning for Safe RAN Control [62.997667081978825]
  We show a Symbolic Reinforcement Learning (SRL) architecture for safe control in Radio Access Network (RAN) applications. In our tool, a user can select a high-level safety specifications expressed in Linear Temporal Logic (LTL) to shield an RL agent running in a given cellular network. We demonstrate the user interface (UI) helping the user set intent specifications to the architecture and inspect the difference in allowed and blocked actions.
  arXiv  Detail & Related papers  (2021-03-11T10:56:49Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.