Authors - Gabriel Wilson, Krutthika Hirebasur Krishnappa, Aliaa Salim, Nigel Gwee, Sudhir Trivedi, Shizhong Yang, Tapan Sarkar, Mathieu Kokoly Kourouma Abstract - This paper presents the design and generation of a novel high-fidelity intrusion detection dataset specifically targeting 5G core control-plane attacks. The dataset is constructed using an Open5GS based testbed integrated with my5G-RANTester, enabling realistic sim ulation of benign UE registration and advanced authentication-layer attacks, including MAC failure, SQN desynchronization, replay, brute force, NAS message manipulation, and denial-of-service scenarios. From raw packet captures, 25 protocol-aware features are engineered, com bining flow-level statistics with entropy-based and sequence-consistency indicators that reflect 5G-AKA signaling logic. To validate the dataset’s effectiveness, multiple machine learning models—ranging from Decision Trees to ensemble methods such as Random Forest and XGBoost—are evaluated using Accuracy, F1-score, and cross-validation metrics un der class imbalance conditions. Experimental results demonstrate that ensemble models achieve near-perfect classification performance with strong generalization capability, highlighting the discriminative power of semantic-aware features. The findings confirm that context-aware fea ture engineering is essential for reliable intrusion detection in virtualized 5G core infrastructures.
Open Zoom