Closing the Visibility Gap: A Monitoring Framework for Verifiable Open RAN Operations

• URL: http://arxiv.org/abs/2509.03000v1
• Date: Wed, 03 Sep 2025 04:17:57 GMT
• Title: Closing the Visibility Gap: A Monitoring Framework for Verifiable Open RAN Operations
• Authors: Hexuan Yu, Md Mohaimin Al Barat, Yang Xiao, Y. Thomas Hou, Wenjing Lou,
• Abstract summary: We propose a monitoring framework for low-trust Open Radio Access Network (Open RAN) environments.<n>Our system provides scalable, verifiable oversight to enhance transparency and trust in O-RAN operations.
• Score: 15.81088947348504
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Open Radio Access Network (Open RAN) is reshaping mobile network architecture by promoting openness, disaggregation, and cross-vendor interoperability. However, this architectural flexibility introduces new security challenges, especially in deployments where multiple mobile network operators (MNOs) jointly operate shared components. Existing Zero Trust Architectures (ZTA) in O-RAN, as defined by governmental and industry standards, implicitly assume that authenticated components will comply with operational policies. However, this assumption creates a critical blind spot: misconfigured or compromised components can silently violate policies, misuse resources, or corrupt downstream processes (e.g., ML-based RIC xApps). To address this critical gap, we propose a monitoring framework for low-trust O-RAN environments that proactively verifies configuration state and control behavior against tenant-defined policies. Our system provides scalable, verifiable oversight to enhance transparency and trust in O-RAN operations. We implement and evaluate the framework using standardized O-RAN configurations, with total processing latency of approximately 200 ms, demonstrating its efficiency and practicality for timely policy enforcement and compliance auditing in multi-MNO deployments.

Related papers

• Agentic AI-RAN: Enabling Intent-Driven, Explainable and Self-Evolving Open RAN Intelligence [29.04027004458567]
  Open RAN (O-RAN) exposes rich control and telemetry interfaces across Non-RT RIC, Near-RT RIC, and distributed units.<n>In parallel, agentic AI systems with explicit planning, tool use, memory, and self-management offer a natural way to structure long-lived control loops.
  arXiv  Detail & Related papers  (2026-02-27T15:55:34Z)
• CaMeLs Can Use Computers Too: System-level Security for Computer Use Agents [60.98294016925157]
  AI agents are vulnerable to prompt injection attacks, where malicious content hijacks agent behavior to steal credentials or cause financial loss.<n>We introduce Single-Shot Planning for CUAs, where a trusted planner generates a complete execution graph with conditional branches before any observation of potentially malicious content.<n>Although this architectural isolation successfully prevents instruction injections, we show that additional measures are needed to prevent Branch Steering attacks.
  arXiv  Detail & Related papers  (2026-01-14T23:06:35Z)
• Towards Verifiably Safe Tool Use for LLM Agents [53.55621104327779]
  Large language model (LLM)-based AI agents extend capabilities by enabling access to tools such as data sources, APIs, search engines, code sandboxes, and even other agents.<n>LLMs may invoke unintended tool interactions and introduce risks, such as leaking sensitive data or overwriting critical records.<n>Current approaches to mitigate these risks, such as model-based safeguards, enhance agents' reliability but cannot guarantee system safety.
  arXiv  Detail & Related papers  (2026-01-12T21:31:38Z)
• Towards a Multi-Layer Defence Framework for Securing Near-Real-Time Operations in Open RAN [4.240433132593161]
  Securing the near-real-time (near-RT) control operations in Open Radio Access Networks (Open RAN) is increasingly critical.<n>New runtime threats target the control loop while the system is operational.<n>We propose a multi-layer defence framework designed to enhance the security of near-RT RAN Intelligent Controller (RIC) operations.
  arXiv  Detail & Related papers  (2025-12-01T12:13:32Z)
• Reinforcing Secure Live Migration through Verifiable State Management [1.6204399921642334]
  We present TALOS, a lightweight framework for verifiable state management and trustworthy application migration.<n> TALOS integrates memory introspection and control-flow graph extraction, enabling robust verification of state continuity and execution flow.<n>Thereby achieving strong security guarantees while maintaining efficiency, making it suitable for decentralized settings.
  arXiv  Detail & Related papers  (2025-09-05T14:41:48Z)
• Bridging the Mobile Trust Gap: A Zero Trust Framework for Consumer-Facing Applications [51.56484100374058]
  This paper proposes an extended Zero Trust model designed for mobile applications operating in untrusted, user-controlled environments.<n>Using a design science methodology, the study introduced a six-pillar framework that supports runtime enforcement of trust.<n>The proposed model offers a practical and standards-aligned approach to securing mobile applications beyond pre-deployment controls.
  arXiv  Detail & Related papers  (2025-08-20T18:42:36Z)
• Zero-Trust Foundation Models: A New Paradigm for Secure and Collaborative Artificial Intelligence for Internet of Things [61.43014629640404]
  Zero-Trust Foundation Models (ZTFMs) embed zero-trust security principles into the lifecycle of foundation models (FMs) for Internet of Things (IoT) systems.<n>ZTFMs can enable secure, privacy-preserving AI across distributed, heterogeneous, and potentially adversarial IoT environments.
  arXiv  Detail & Related papers  (2025-05-26T06:44:31Z)
• Rogue Cell: Adversarial Attack and Defense in Untrusted O-RAN Setup Exploiting the Traffic Steering xApp [24.941343115166436]
  Open Radio Access Network (O-RAN) architecture is revolutionizing cellular networks with its open, multi-vendor design and AI-driven management.<n>Previous studies have mainly examined vulnerabilities arising from O-RAN's intelligent components.<n>This paper is the first to focus on the security challenges and vulnerabilities introduced by transitioning from single-operator to multi-operator RAN architectures.
  arXiv  Detail & Related papers  (2025-05-03T13:19:44Z)
• LLM-hRIC: LLM-empowered Hierarchical RAN Intelligent Control for O-RAN [56.94324843095396]
  This article introduces the LLM-empowered hierarchical RIC (LLM-hRIC) framework to improve the collaboration between RICs in radio access network (O-RAN)<n>The framework offers a strategic guidance to the near-real-time RIC (non-RT RIC) using global network information.<n>The RL-empowered near-RT RIC acts as an implementer, combining this guidance with local real-time data to make near-RT decisions.
  arXiv  Detail & Related papers  (2025-04-25T04:18:23Z)
• Integrated LLM-Based Intrusion Detection with Secure Slicing xApp for Securing O-RAN-Enabled Wireless Network Deployments [2.943640991628177]
  The Open Radio Access Network (O-RAN) architecture is reshaping telecommunications by promoting openness, flexibility, and intelligent closed-loop optimization.<n>This research explores using large language models (LLMs) to generate security recommendations based on the temporal traffic patterns of connected UEs.
  arXiv  Detail & Related papers  (2025-04-01T01:45:07Z)
• Securing the Open RAN Infrastructure: Exploring Vulnerabilities in Kubernetes Deployments [60.51751612363882]
  We investigate the security implications of and software-based Open Radio Access Network (RAN) systems. We highlight the presence of potential vulnerabilities and misconfigurations in the infrastructure supporting the Near Real-Time RAN Controller (RIC) cluster.
  arXiv  Detail & Related papers  (2024-05-03T07:18:45Z)
• ZTRAN: Prototyping Zero Trust Security xApps for Open Radio Access Network Deployments [2.943640991628177]
  Open radio access network (O-RAN) offers new degrees of freedom for building and operating advanced cellular networks. This paper proposes leveraging zero trust principles for O-RAN security. We introduce zero trust RAN (ZTRAN), which embeds service authentication, intrusion detection, and secure slicing subsystems that are encapsulated as xApps.
  arXiv  Detail & Related papers  (2024-03-06T23:57:16Z)
• Robust Multi-Agent Reinforcement Learning via Adversarial Regularization: Theoretical Foundation and Stable Algorithms [79.61176746380718]
  Multi-Agent Reinforcement Learning (MARL) has shown promising results across several domains. MARL policies often lack robustness and are sensitive to small changes in their environment. We show that we can gain robustness by controlling a policy's Lipschitz constant. We propose a new robust MARL framework, ERNIE, that promotes the Lipschitz continuity of the policies.
  arXiv  Detail & Related papers  (2023-10-16T20:14:06Z)
• Safe RAN control: A Symbolic Reinforcement Learning Approach [62.997667081978825]
  We present a Symbolic Reinforcement Learning (SRL) based architecture for safety control of Radio Access Network (RAN) applications. We provide a purely automated procedure in which a user can specify high-level logical safety specifications for a given cellular network topology. We introduce a user interface (UI) developed to help a user set intent specifications to the system, and inspect the difference in agent proposed actions.
  arXiv  Detail & Related papers  (2021-06-03T16:45:40Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.