VWA-6G AI assisted continuous security monitoring over open RAN service management orchestration

IF 4.8 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security Pub Date : 2025-06-07 DOI:10.1016/j.cose.2025.104566

Yi-Chih Tung , En-Cheng Liou , Pen-Chih Hu , Cheng-Han Yu

{"title":"VWA-6G AI assisted continuous security monitoring over open RAN service management orchestration","authors":"Yi-Chih Tung , En-Cheng Liou , Pen-Chih Hu , Cheng-Han Yu","doi":"10.1016/j.cose.2025.104566","DOIUrl":null,"url":null,"abstract":"<div><div>The evolution towards sixth generation (6G) mobile networks and Open Radio Access Network (O-RAN) architectures introduces enhanced flexibility and scalability but also significantly broadens the cybersecurity threat landscape. Integration of open-source software components and third-party applications (xApps) exacerbates security vulnerabilities, challenging conventional protection mechanisms. To address these issues, this study proposes the Vulnerability Weakness Attack for 6G (VWA-6G) system, an artificial intelligence (AI) assisted framework for continuous security monitoring. This framework utilizes a contextually fine-tuned BERT-based model. The VWA-6G AI model automates semantic mapping from Common Vulnerabilities and Exposures (CVEs) to Common Weakness Enumerations (CWEs) and Common Attack Pattern Enumerations and Classifications (CAPECs), leveraging specialized datasets derived from forward-looking 6G technical materials. Empirical results demonstrate that the proposed model achieves superior performance metrics compared to baseline methods, notably an accuracy of 98.62 % and an F1-Score of 99.44 %, representing significant improvements over standard BERT and V2W-BERT approaches. This AI driven semantic approach substantially enhances vulnerability identification and mapping accuracy, thereby providing robust, automated, and proactive security management aligned with Zero Trust principles in 6G O-RAN environments.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"157 ","pages":"Article 104566"},"PeriodicalIF":4.8000,"publicationDate":"2025-06-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S016740482500255X","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

The evolution towards sixth generation (6G) mobile networks and Open Radio Access Network (O-RAN) architectures introduces enhanced flexibility and scalability but also significantly broadens the cybersecurity threat landscape. Integration of open-source software components and third-party applications (xApps) exacerbates security vulnerabilities, challenging conventional protection mechanisms. To address these issues, this study proposes the Vulnerability Weakness Attack for 6G (VWA-6G) system, an artificial intelligence (AI) assisted framework for continuous security monitoring. This framework utilizes a contextually fine-tuned BERT-based model. The VWA-6G AI model automates semantic mapping from Common Vulnerabilities and Exposures (CVEs) to Common Weakness Enumerations (CWEs) and Common Attack Pattern Enumerations and Classifications (CAPECs), leveraging specialized datasets derived from forward-looking 6G technical materials. Empirical results demonstrate that the proposed model achieves superior performance metrics compared to baseline methods, notably an accuracy of 98.62 % and an F1-Score of 99.44 %, representing significant improvements over standard BERT and V2W-BERT approaches. This AI driven semantic approach substantially enhances vulnerability identification and mapping accuracy, thereby providing robust, automated, and proactive security management aligned with Zero Trust principles in 6G O-RAN environments.

查看原文本刊更多论文

VWA-6G AI通过开放的RAN服务管理编排协助进行持续的安全监控

向第六代（6G）移动网络和开放无线接入网（O-RAN）架构的演变带来了增强的灵活性和可扩展性，但也显著拓宽了网络安全威胁格局。开源软件组件和第三方应用程序（xApps）的集成加剧了安全漏洞，挑战了传统的保护机制。为了解决这些问题，本研究提出了针对6G （VWA-6G）系统的脆弱性弱点攻击，这是一种人工智能（AI）辅助的持续安全监控框架。该框架利用了上下文微调的基于bert的模型。VWA-6G人工智能模型利用来自前瞻性6G技术材料的专门数据集，将从常见漏洞和暴露（cve）到常见弱点枚举（CWEs）和常见攻击模式枚举和分类（CAPECs）的语义映射自动化。实证结果表明，与基线方法相比，所提出的模型实现了卓越的性能指标，特别是98.62%的准确率和99.44%的F1-Score，比标准BERT和V2W-BERT方法有显着改进。这种人工智能驱动的语义方法大大提高了漏洞识别和映射的准确性，从而在6G O-RAN环境中提供符合零信任原则的强大、自动化和主动的安全管理。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computers & Security 工程技术-计算机：信息系统

CiteScore

12.40

自引率

7.10%

发文量

365

审稿时长

10.7 months

期刊介绍： Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.