RRC Signalling Storm Dataset

RRC Signalling Storm Dataset

Using a real physical O-RAN testbed with real attack execution, this dataset captures information found in different layers in O-RAN. Beyond the traditional approach of using network flows, PHY/MAC data was recorded to help with faster and early-warning detection.

 

Radio Resource Control (RRC) is a control plane protocol found in the Open Central Unit (O-CU). It is responsible for connection management and radio bearer configurations between the user equipment and the network. RRC signalling storms exploit the RRC procedures such as setup, release, re-establishment, and handover. This causes significant processing overhead across RAN and control plane functions.

 

The dataset includes both benign and RRC signalling storm attack scenarios.

The attack was conducted in two different ways:

  1. UE Reboot: External adversary attack model
    • A botnet of compromised UEs repeatedly go through full disconnect and reconnect cycles.
    • This involves Synchronized, repetitive initiation of complete RRC messages such as RRC release, RRC re-establishment, and repeated NAS registration procedures.
  2. Handover Storm: Infrastructure adversary attack model

    • Given the software-defined nature of O-RAN, this attacker is assumed to have influenced the availability of a specific virtualized component (e.g., an O-DU)

    • Restarting one DU every few seconds over a 30-minute window forces all active UEs to migrate to the alternate O-DU/O-RU pair using standard handover procedures.
    • It also captures a realistic scenario where even benign but highly synchronized mobility can produce a destructive handover storm. For example, users on a high-speed train.

 

The setup includes an OAI-based 5G core, an O-CU, two O-DUs, and two O-RUs. One O-RU was a Benetel RAN550 operating over Split 7.2a, and the other was a USRP B200 operating over Split 8. For the UE side, we used three laptops, each equipped with a Quectel RM500Q-GL 5G modem, so the attacks were carried out using real devices and real radio transmissions.

 

We are currently extending the current setup beyond the 3-UE deployment to a larger platform with more than 20 UEs and additional RAN resources. This will let us study scalability, robustness, and service continuity under both attack scenarios and legitimate high-density events. 

 

Download the dataset from Kaggle: RRC Signalling Storm Dataset (5G O-RAN Testbed)

 

This dataset accompanies the paper:

Abed Zadeh, F., Siniarski, B., Wang, S. & Liyanage, M., 2026. RadioShield: A PHY-Layer Defense Framework for RRC Signaling Storms in O-RAN. In: Proceedings of the 2026 International Federation for Information Processing (IFIP) Networking Conference. Accepted for publication.

+ posts
+ posts
+ posts
+ posts
Categories: Datasets

Address

UCD School of Computer Science
Belfield
Ireland

Contact Information

Email: madhusanka@ucd.ie

Social Links

Publications Statistics

94 Publications