Open Access

ARTICLE

Performance Analysis of an AI-Based IDS xApp for Cyberattack Anomaly Detection in O-RAN Near-RT RIC

Hyeonsoo Yu¹, Hwankuk Kim^2,*

1 Department of Cyber Security, Kookmin University, Seoul, Republic of Korea
2 Department of Information Security, Cryptography and Mathematics, Kookmin University, Seoul, Republic of Korea

* Corresponding Author: Hwankuk Kim. Email:

(This article belongs to the Special Issue: Advanced Security and Privacy for Future Mobile Internet and Convergence Applications: A Computer Modeling Approach)

Computer Modeling in Engineering & Sciences 2026, 147(2), 52 https://doi.org/10.32604/cmes.2026.082095

Received 11 March 2026; Accepted 06 May 2026; Issue published 27 May 2026

Abstract

The introduction of the Open Radio Access Network (O-RAN) architecture enhances network flexibility but introduces novel security threats targeting open interfaces and the RAN Intelligent Controller (RIC). Particularly in the Near-RT RIC environment, an effective Intrusion Detection System (IDS) that satisfies strict near-real-time constraints of within 1 s is essential to defend against cyber attacks. This paper proposes an Artificial Intelligence (AI)-based IDS xApp designed for real-time cyber attack monitoring in the O-RAN Near-RT RIC environment, and quantitatively analyzes its anomaly detection performance and inference latency characteristics against multi-layer security threats utilizing Open RAN Centralized Unit(O-CU) network layer data and Open RAN Distributed Unit (O-DU) radio telemetry data. Evaluation using a public dataset (NetsLab 5G O-RAN IDD) on four deep learning models (LSTM, CNN, Transformer, Autoencoder) showed that supervised learning-based models achieved high F1-scores (reaching up to 0.99) on both datasets. Furthermore, their performance variation remained highly stable at approximately the ±0.1 pp level upon transition from the training environment (the Service and Management Orchestration, SMO) to the deployment environment (Near-RT RIC). In the inference latency analysis, the system’s scalability was evaluated by increasing the number of prediction instances up to 80,000. The results confirmed that the latency follows a highly predictable linear time complexity (

---

Keywords

Open RAN security; near-RT RIC; IDS xApp; AI-driven intrusion detection; inference latency

---

Cite This Article

APA Style

Yu, H., Kim, H. (2026). Performance Analysis of an AI-Based IDS xApp for Cyberattack Anomaly Detection in O-RAN Near-RT RIC. Computer Modeling in Engineering & Sciences, 147(2), 52. https://doi.org/10.32604/cmes.2026.082095

Vancouver Style

Yu H, Kim H. Performance Analysis of an AI-Based IDS xApp for Cyberattack Anomaly Detection in O-RAN Near-RT RIC. Comput Model Eng Sci. 2026;147(2):52. https://doi.org/10.32604/cmes.2026.082095

IEEE Style

H. Yu and H. Kim, “Performance Analysis of an AI-Based IDS xApp for Cyberattack Anomaly Detection in O-RAN Near-RT RIC,” Comput. Model. Eng. Sci., vol. 147, no. 2, pp. 52, 2026. https://doi.org/10.32604/cmes.2026.082095

BibTex EndNote RIS