DAST: A VLM-LLM Framework for Cross-Interface Anomaly Detection in O-RAN

2026-06-04 · Source: Artificial Intelligence · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cybersecurity & Data Privacy, Networking & Telecommunications · Depth: Expert, quick

Summary

DAST is a zero-shot multi-agent framework designed for cross-interface anomaly detection within O-RAN environments. O-RAN's disaggregated architecture, while enabling multi-vendor composition, significantly expands the attack surface, making Denial-of-Service and performance-degradation attacks particularly challenging for traditional Time-Series Anomaly Detection (TSAD) methods. DAST addresses these issues by employing a three-stage VLM -> LLM -> VLM pipeline. It converts multivariate Key Performance Indicator (KPI) streams into visual representations, uses an LLM to score textual per-interface descriptions against O-RAN domain knowledge, and then verifies potential anomalies on high-resolution heatmaps. The framework outputs problematic interfaces, anomalous time intervals, an O-RAN WG11-aligned operational impact rating, and a decision rationale. Evaluated on real O-RAN testbed network traces under performance degradation scenarios, DAST achieved a 0.910 F1-Score and 0.843 Accuracy, surpassing existing TSAD baselines.

Key takeaway

For AI Security Engineers tasked with protecting O-RAN environments, DAST offers a compelling alternative to traditional Time-Series Anomaly Detection. Its VLM-LLM-VLM pipeline provides zero-shot cross-interface anomaly detection, crucial for evolving threats where labeled baselines are scarce. You should evaluate integrating such multi-agent frameworks to enhance your O-RAN threat detection capabilities, especially for performance degradation and Denial-of-Service attacks. This approach yields high accuracy and F1-Scores, improving operational impact ratings.

Key insights

DAST employs a VLM-LLM-VLM pipeline for zero-shot cross-interface anomaly detection in O-RAN, outperforming traditional TSAD methods.

Principles

• O-RAN's disaggregated architecture expands the attack surface for DoS and performance degradation.
• Traditional TSAD methods fail in O-RAN due to scarce baselines and high-dimensional telemetry.
• Zero-shot multi-agent frameworks can overcome limitations of labeled data scarcity.

Method

DAST converts KPI streams to visual representations, scores textual interface descriptions with an LLM against O-RAN knowledge, then verifies anomalies on heatmaps.

In practice

• Detect Denial-of-Service and performance-degradation attacks in O-RAN.
• Identify problematic O-RAN interfaces and anomalous time intervals.

Topics

• O-RAN Security
• Anomaly Detection
• VLM-LLM Frameworks
• Multi-agent Systems
• Zero-shot Learning
• Network Telemetry

Best for: AI Scientist, AI Security Engineer, Research Scientist

Related on AIssential

• DAST: A VLM-LLM Framework for Cross-Interface Anomaly Detection in O-RAN — Multi-agent VLM-LLM reasoning, grounded in O-RAN domain knowledge, effectively detects complex cross-interface anomalies in disaggregated networks.
• Dual-Modality Multi-Stage Adversarial Safety Training: Robustifying Multimodal Web Agents Against Cross-Modal Attacks — Cross-modal attacks on multimodal web agents exploit dual observation channels, necessitating specialized safety training.
• The Next Era of AppSec: Why AI-Generated Code Needs Offensive Dynamic Testing — AI-generated code and distributed architectures necessitate dynamic security testing to validate emergent runtime vulnerabilities.
• Tsinghua and Ant Group Researchers Unveil a Five-Layer Lifecycle-Oriented Security Framework to Mitigate Autonomous LLM Agent Vulnerabilities in OpenClaw — A five-layer security framework mitigates multi-stage vulnerabilities in autonomous LLM agents like OpenClaw.
• Looking for backdoors in Jane Street LLMs — Cracking LLM backdoors requires white-box analysis of weight modifications and iterative prompting, especially for large models.
• GenTI: Benchmarking LLMs for Autonomous IDPS Rule Generation for Unseen Attacks — LLMs can autonomously generate CTI-aware IDPS rules for unseen attacks, significantly improving detection and reducing false positives.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by Artificial Intelligence.