Federated Learning for Anomaly Detection in Open RAN: Security Architecture Within a Digital Twin
Yasintha Rumesh, Dinaj Attanayaka, Pawani Porambage, Jarno Pinola, Joshua Groen, Kaushik Chowdhury
Abstract
The Open Radio Access Network (Open RAN) specifies the evolution of RAN with a disaggregated, open and intelligent architecture to meet the requirements of next-generation networks. While this provides flexibility and optimization for RAN, it raises new security concerns, potentially increasing vulnerability to cyber threats through disaggregated elements. We introduce a security architecture that functions as a platform to evaluate configurations and train security algorithms within a Network Digital Twin (NDT), which is compliant with the O-RAN architecture defined by the O-RAN Alliance. The elements of the security architecture reside within the NDT and facilitate the training of machine learning (ML) models, which play a pivotal role in the O-RAN security operations. To exemplify this framework, we demonstrate a hierarchical Federated Learning (FL) based anomaly detection algorithm that can be applied for three traffic slices in O-RAN. We use Colosseum, an O-RAN-compliant emulation system, to generate time-series data for training. Our trained model is able to detect anomalous traffic and identify traffic slice types with over 99% accuracy.