SAGE-5GC: Security-Aware Guidelines for Evaluating Anomaly Detection in the 5G Core Network

• URL: http://arxiv.org/abs/2602.03596v1
• Date: Tue, 03 Feb 2026 14:50:19 GMT
• Title: SAGE-5GC: Security-Aware Guidelines for Evaluating Anomaly Detection in the 5G Core Network
• Authors: Cristian Manca, Christian Scano, Giorgio Piras, Fabio Brau, Maura Pintor, Battista Biggio,
• Abstract summary: We study the problem of detecting 5G attacks textitin the wild, focusing on realistic deployment settings.<n>We propose a set of Security-Aware Guidelines for evaluating anomaly detectors in 5G Core Network (SAGE-5GC)<n>Using a realistic 5G Core dataset, we first train several anomaly detectors and assess their baseline performance against standard 5GC control-plane cyberattacks.<n>We then extend the evaluation to adversarial settings, where an attacker tries to manipulate the observable features of the network traffic to evade detection.
• Score: 10.75690780447407
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Machine learning-based anomaly detection systems are increasingly being adopted in 5G Core networks to monitor complex, high-volume traffic. However, most existing approaches are evaluated under strong assumptions that rarely hold in operational environments, notably the availability of independent and identically distributed (IID) data and the absence of adaptive attackers.In this work, we study the problem of detecting 5G attacks \textit{in the wild}, focusing on realistic deployment settings. We propose a set of Security-Aware Guidelines for Evaluating anomaly detectors in 5G Core Network (SAGE-5GC), driven by domain knowledge and consideration of potential adversarial threats. Using a realistic 5G Core dataset, we first train several anomaly detectors and assess their baseline performance against standard 5GC control-plane cyberattacks targeting PFCP-based network services.We then extend the evaluation to adversarial settings, where an attacker tries to manipulate the observable features of the network traffic to evade detection, under the constraint that the intended functionality of the malicious traffic is preserved. Starting from a selected set of controllable features, we analyze model sensitivity and adversarial robustness through randomized perturbations. Finally, we introduce a practical optimization strategy based on genetic algorithms that operates exclusively on attacker-controllable features and does not require prior knowledge of the underlying detection model. Our experimental results show that adversarially crafted attacks can substantially degrade detection performance, underscoring the need for robust, security-aware evaluation methodologies for anomaly detection in 5G networks deployed in the wild.

Related papers

• Multi-Agent Collaborative Intrusion Detection for Low-Altitude Economy IoT: An LLM-Enhanced Agentic AI Framework [60.72591149679355]
  The rapid expansion of low-altitude economy Internet of Things (LAE-IoT) networks has created unprecedented security challenges.<n>Traditional intrusion detection systems fail to tackle the unique characteristics of aerial IoT environments.<n>We introduce a large language model (LLM)-enabled agentic AI framework for enhancing intrusion detection in LAE-IoT networks.
  arXiv  Detail & Related papers  (2026-01-25T12:47:25Z)
• From Description to Detection: LLM based Extendable O-RAN Compliant Blind DoS Detection in 5G and Beyond [10.627289027347274]
  Vulnerability in control-plane protocols pose significant security threats, such as Blind Denial of Service (DoS) attacks.<n>We propose a novel anomaly detection framework that leverages the capabilities of Large Language Models (LLMs) in zero-shot mode.<n>We show that detection quality relies on the semantic completeness of the description rather than its phrasing or length.
  arXiv  Detail & Related papers  (2025-10-08T00:13:02Z)
• Explainable and Resilient ML-Based Physical-Layer Attack Detectors [46.30085297768888]
  We analyze the inner workings of various classifiers trained to alert about physical layer intrusions.<n>We evaluate the detectors' resilience to malicious parameter noising.<n>This work serves as a design guideline for developing fast and robust detectors trained on available network monitoring data.
  arXiv  Detail & Related papers  (2025-09-30T17:05:33Z)
• Robust Anomaly Detection in Network Traffic: Evaluating Machine Learning Models on CICIDS2017 [0.0]
  We present a comparison of four representative models on the CICIDS 2017 dataset.<n>Supervised and CNN achieve near-perfect accuracy on familiar attacks but suffer drastic recall drops on novel attacks.<n>Unsupervised LOF attains moderate overall accuracy and high recall on unknown threats at the cost of elevated false alarms.
  arXiv  Detail & Related papers  (2025-06-23T15:31:10Z)
• CANTXSec: A Deterministic Intrusion Detection and Prevention System for CAN Bus Monitoring ECU Activations [53.036288487863786]
  We propose CANTXSec, the first deterministic Intrusion Detection and Prevention system based on physical ECU activations.<n>It detects and prevents classical attacks in the CAN bus, while detecting advanced attacks that have been less investigated in the literature.<n>We prove the effectiveness of our solution on a physical testbed, where we achieve 100% detection accuracy in both classes of attacks while preventing 100% of FIAs.
  arXiv  Detail & Related papers  (2025-05-14T13:37:07Z)
• Federated Learning for Zero-Day Attack Detection in 5G and Beyond V2X Networks [9.86830550255822]
  Connected and Automated Vehicles (CAVs) on top of 5G and Beyond networks (5GB) make them vulnerable to increasing vectors of security and privacy attacks. We propose in this paper a novel detection mechanism that leverages the ability of the deep auto-encoder method to detect attacks relying only on the benign network traffic pattern. Using federated learning, the proposed intrusion detection system can be trained with large and diverse benign network traffic, while preserving the CAVs privacy, and minimizing the communication overhead.
  arXiv  Detail & Related papers  (2024-07-03T12:42:31Z)
• FaultGuard: A Generative Approach to Resilient Fault Prediction in Smart Electrical Grids [53.2306792009435]
  FaultGuard is the first framework for fault type and zone classification resilient to adversarial attacks. We propose a low-complexity fault prediction model and an online adversarial training technique to enhance robustness. Our model outclasses the state-of-the-art for resilient fault prediction benchmarking, with an accuracy of up to 0.958.
  arXiv  Detail & Related papers  (2024-03-26T08:51:23Z)
• Penetration Testing of 5G Core Network Web Technologies [53.89039878885825]
  We present the first security assessment of the 5G core from a web security perspective. We use the STRIDE threat modeling approach to define a complete list of possible threat vectors and associated attacks. Our analysis shows that all these cores are vulnerable to at least two of our identified attack vectors.
  arXiv  Detail & Related papers  (2024-03-04T09:27:11Z)
• Deep Attention Recognition for Attack Identification in 5G UAV scenarios: Novel Architecture and End-to-End Evaluation [3.3253720226707992]
  Despite the robust security features inherent in the 5G framework, attackers will still discover ways to disrupt 5G unmanned aerial vehicle (UAV) operations. We propose Deep Attention Recognition (DAtR) as a solution to identify attacks based on a small deep network embedded in authenticated UAVs.
  arXiv  Detail & Related papers  (2023-03-03T17:10:35Z)
• Bayesian Optimization with Machine Learning Algorithms Towards Anomaly Detection [66.05992706105224]
  In this paper, an effective anomaly detection framework is proposed utilizing Bayesian Optimization technique. The performance of the considered algorithms is evaluated using the ISCX 2012 dataset. Experimental results show the effectiveness of the proposed framework in term of accuracy rate, precision, low-false alarm rate, and recall.
  arXiv  Detail & Related papers  (2020-08-05T19:29:35Z)
• Graph Backdoor [53.70971502299977]
  We present GTA, the first backdoor attack on graph neural networks (GNNs) GTA departs in significant ways: it defines triggers as specific subgraphs, including both topological structures and descriptive features. It can be instantiated for both transductive (e.g., node classification) and inductive (e.g., graph classification) tasks.
  arXiv  Detail & Related papers  (2020-06-21T19:45:30Z)
• Multi-stage Jamming Attacks Detection using Deep Learning Combined with Kernelized Support Vector Machine in 5G Cloud Radio Access Networks [17.2528983535773]
  This research focuses on deploying a multi-stage machine learning-based intrusion detection (ML-IDS) in 5G C-RAN. It can detect and classify four types of jamming attacks: constant jamming, random jamming, jamming, and reactive jamming. The final classification accuracy of attacks is 94.51% with a 7.84% false negative rate.
  arXiv  Detail & Related papers  (2020-04-13T17:21:45Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.