This work addresses KPI poisoning attacks in the Open RAN near-real-time (Near-RT) control loop, induced by E2 interface traffic spoofing or node hijacking—attacks systematically formalized here for the first time. To ensure closed-loop control security, we propose a lightweight temporal anomaly detection paradigm. Our method employs an LSTM-based model for KPI stream anomaly detection, trained on realistic E2-interface KPI report simulations augmented with a controllable poisoning injection mechanism. The design guarantees sub-millisecond detection latency while enhancing robustness against adversarial perturbations. Experimental evaluation demonstrates a substantial improvement in detection rate—from 62% to 99%—and identifies two key determinants of detection performance: the degree of poisoning amplification and the length of the input time series. This work delivers a deployable, theoretically grounded detection framework for securing the Open RAN control plane.

Open Radio Access Network (Open RAN) is a new paradigm to provide fundamental features for supporting next-generation mobile networks. Disaggregation, virtualisation, closed-loop data-driven control, and open interfaces bring flexibility and interoperability to the network deployment. However, these features also create a new surface for security threats. In this paper, we introduce Key Performance Indicators (KPIs) poisoning attack in Near Real-Time control loops as a new form of threat that can have significant effects on the Open RAN functionality. This threat can arise from traffic spoofing on the E2 interface or compromised E2 nodes. The role of KPIs is explored in the use cases of Near Real-Time control loops. Then, the potential impacts of the attack are analysed. An ML-based approach is proposed to detect poisoned KPI values before using them in control loops. Emulations are conducted to generate KPI reports and inject anomalies into the values. A Long Short-Term Memory (LSTM) neural network model is used to detect anomalies. The results show that more amplified injected values are more accessible to detect, and using more report sequences leads to better performance in anomaly detection, with detection rates improving from 62% to 99%.