Endless Subscriptions

None, None; None, None; None, None; None, None; None, None; None, None; None, None; None, None

Endless Subscriptions

Open RAN is Open to RIC E2 Subscription Denial of Service Attacks

Conference Paper (2025)

Author(s)

F. Klement (University of Passau)

Alessandro Brighente (Università degli Studi di Padova)

A.K. Bhattacharjee (TU Delft - Research Engineering & Infrastructure Team)

S. Cecconello (Università degli Studi di Padova)

F.A. Kuipers (TU Delft - Networked Systems)

G. Smaragdakis (TU Delft - Cyber Security)

M. Conti (Università degli Studi di Padova)

S. Katzenbeisser (University of Passau)

Research Group

Research Engineering & Infrastructure Team

DOI related publication

https://doi.org/10.1109/EuroSP63326.2025.00048

Network Security DoS O-RAN Radio Access Networks Open RAN

To reference this document use:

https://resolver.tudelft.nl/uuid:8dd6808f-468b-401a-aff3-52e4f018b0ef

More Info

expand_more

Publication Year

2025

Language

English

Research Group

Research Engineering & Infrastructure Team

Bibliographical Note

Green Open Access added to TU Delft Institutional Repository as part of the Taverne amendment. More information about this copyright law amendment can be found at https://www.openaccess.nl. Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.@en

Pages (from-to)

755-770

ISBN (print)

979-8-3315-9494-7

ISBN (electronic)

979-8-3315-9493-0

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Abstract

Telecommunication services are essential in ensuring the operation of numerous critical infrastructures. While mobile network security increased with the advancement of generations, emerging concepts such as the Open Radio Access Network (O-RAN) are transforming the traditional operation of Radio Access Networks (RANs). Novel concepts and technologies are finding their way into RANs with a focus on softwareization and virtualization. This increases the overall attack surface and introduces new attack vectors not necessarily found in traditional RANs. This paper shows that Denial of Service (DoS) attacks leveraging subscription mechanisms can compromise O-RAN implementations. We present a novel DoS attack targeting the Near Real-Time (Near-RT) RAN Intelligent Controller (RIC). By deploying a malicious xApp, we demonstrate how an adversary can flood the Near-RT RIC with excessive subscription requests, leading to service disruption. This attack exploits the lack of rate-limiting mechanisms within the Service Model (SM), a critical component of the Near-RT RIC responsible for handling E2 subscription requests. We systematically evaluate various attack scenarios and investigate the underlying vulnerabilities exposed. Furthermore, we propose and assess countermeasures to safeguard publicly accessible O-RAN systems from such threats.

Files

Endless_Subscriptions_Open_RAN... (pdf)

(pdf | 1.18 Mb)

License info not available

File under embargo until 26-02-2026