Machine learning-based anomaly detection systems are increasingly being adopted in 5G Core networks to monitor complex, high-volume traffic. However, most existing approaches are evaluated under strong assumptions that rarely hold in operational environments, notably the availability of independent and identically distributed (IID) data and the absence of adaptive attackers. In this work, we study the problem of detecting 5G attacks \textit{in the wild}, focusing on realistic deployment settings. We propose a set of Security-Aware Guidelines for Evaluating anomaly detectors in 5G Core Network (SAGE-5GC), driven by domain knowledge and consideration of potential adversarial threats. Using a realistic 5G Core dataset, we first train several anomaly detectors and assess their baseline performance against standard 5GC control-plane cyberattacks targeting PFCP-based network services. We then extend the evaluation to adversarial settings, where an attacker tries to manipulate the observable features of the network traffic to evade detection, under the constraint that the intended functionality of the malicious traffic is preserved. Starting from a selected set of controllable features, we analyze model sensitivity and adversarial robustness through randomized perturbations. Finally, we introduce a practical optimization strategy based on genetic algorithms that operates exclusively on attacker-controllable features and does not require prior knowledge of the underlying detection model. Our experimental results show that adversarially crafted attacks can substantially degrade detection performance, underscoring the need for robust, security-aware evaluation methodologies for anomaly detection in 5G networks deployed in the wild.

翻译：基于机器学习的异常检测系统正日益广泛地应用于5G核心网络，以监控复杂且高流量的网络流量。然而，现有方法大多在强假设条件下进行评估，这些假设在实际运行环境中很少成立，特别是独立同分布数据的可用性以及自适应攻击者的缺失。本研究探讨了在真实环境中检测5G攻击的问题，重点关注实际部署场景。我们基于领域知识并考虑潜在的对抗性威胁，提出了一套用于评估5G核心网异常检测器的安全感知指南（SAGE-5GC）。利用真实的5G核心网数据集，我们首先训练了若干异常检测器，并评估了它们针对以PFCP为基础的网络服务为目标的5GC控制平面网络攻击的基线性能。随后，我们将评估扩展到对抗性场景中，在该场景下，攻击者试图在保持恶意流量预期功能的前提下，操纵网络流量的可观测特征以逃避检测。从一组选定的可控特征出发，我们通过随机扰动分析了模型的敏感性和对抗鲁棒性。最后，我们提出了一种基于遗传算法的实用优化策略，该策略仅操作攻击者可控制的特征，且无需预先了解底层检测模型。实验结果表明，经过对抗性设计的攻击能够显著降低检测性能，这凸显了为真实环境中部署的5G网络异常检测建立鲁棒且具备安全意识的评估方法的必要性。