@Article{cmes.2026.082095,
AUTHOR = {Hyeonsoo Yu, Hwankuk Kim},
TITLE = {Performance Analysis of an AI-Based IDS xApp for Cyberattack Anomaly Detection in O-RAN Near-RT RIC},
JOURNAL = {Computer Modeling in Engineering \& Sciences},
VOLUME = {147},
YEAR = {2026},
NUMBER = {2},
PAGES = {0--0},
URL = {http://www.techscience.com/CMES/v147n2/67520},
ISSN = {1526-1506},
ABSTRACT = {The introduction of the Open Radio Access Network (O-RAN) architecture enhances network flexibility but introduces novel security threats targeting open interfaces and the RAN Intelligent Controller (RIC). Particularly in the Near-RT RIC environment, an effective Intrusion Detection System (IDS) that satisfies strict near-real-time constraints of within 1 s is essential to defend against cyber attacks. This paper proposes an Artificial Intelligence (AI)-based IDS xApp designed for real-time cyber attack monitoring in the O-RAN Near-RT RIC environment, and quantitatively analyzes its anomaly detection performance and inference latency characteristics against multi-layer security threats utilizing Open RAN Centralized Unit(O-CU) network layer data and Open RAN Distributed Unit (O-DU) radio telemetry data. Evaluation using a public dataset (NetsLab 5G O-RAN IDD) on four deep learning models (LSTM, CNN, Transformer, Autoencoder) showed that supervised learning-based models achieved high F1-scores (reaching up to 0.99) on both datasets. Furthermore, their performance variation remained highly stable at approximately the <mml:math id="mml-ieqn-1"><mml:mo>±</mml:mo></mml:math>0.1 pp level upon transition from the training environment (the Service and Management Orchestration, SMO) to the deployment environment (Near-RT RIC). In the inference latency analysis, the system’s scalability was evaluated by increasing the number of prediction instances up to 80,000. The results confirmed that the latency follows a highly predictable linear time complexity (<mml:math id="mml-ieqn-2"><mml:mrow><mml:mrow><mml:mi>},
DOI = {10.32604/cmes.2026.082095}
}