Integrating O-RAN and SIEM for Unified Detection of IT and Mobile Network Attacks

The open, virtualized, and disaggregated nature of Open Radio Access Network (O-RAN) designs has brought new security issues to mobile networks. Strong and flexible security measures are required in response to these issues, and the integration with existing IT security tools such as Security Information and Event Management (SIEM) systems may represent a viable solution. The method for combining SIEM with O-RAN is presented in this study in order to improve security threat detection and mitigation in mobile and IT settings. In order to improve real-time anomaly detection and reaction, the proposed system will design a specific xApp that acts as an agent to pass events from mobile networks to the SIEM. This would address threats like jamming and Distributed Denial of Service (DDoS) assaults. In addition to improving Intrusion Detection Systems' (IDS) capabilities, SIEM integration with O-RAN offers a dynamic and intelligent security architecture that can react quickly to threats that are always changing in both IT and mobile infrastructures. This study shows how O-RAN and SIEM technology can be combined to protect next-generation mobile networks against advanced cyberattacks.