MobiWatch
MobiWatch is an O-RAN compliant xApp that employs unsupervised unsupervised deep learning to detect layer-3 (RRC and NAS) cellular anomalies and attacks in 5G networks. MobiWatch operates on the security data telemetry called MobiFlow, a security audit trail for holding mobile devices accountable during the link and session setup protocols as they interact with the base station.
Detecting Unknown Cellular Threats at the Edge
MobiWatch employs unsupervised deep learning techniques to detect unseen threat patterns by training only on benign cellular traffic. Through this approach, the DL model learns the latent representations and is capable of estimating how to distinguish unknown data deviations from the benign data distributions. The below examples show the traces of two cellular edge attacks that exhibit anomalies in the cellular message sequences.
Where to learn more
Publications:
Haohuang Wen, Prakhar Sharma, Vinod Yegneswaran, Phillip Porras, , and Zhiqiang Lin, "6G-XSec: Explainable Edge Security for Emerging OpenRAN Architectures," In the Twenty-Third ACM Workshop on Hot Topics in Networks (HotNets 2024) [paper link]
Source Code:
MobiWatch Github Repo