DAST: A VLM-LLM Framework for Cross-Interface Anomaly Detection in O-RAN
Reviewed by Pith T0 review T1 audit T2 compute T3 formal T4 kernel 2026-06-27 23:12 UTCgrok-4.3pith:FGBKOOYSrecord.jsonopen to challenge →
The pith
DAST chains vision and language models into a zero-shot pipeline that converts O-RAN KPI streams into images and text to identify problematic interfaces and time intervals.
A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.
Core claim
DAST establishes that a zero-shot multi-agent framework built from a VLM to LLM to VLM pipeline can detect cross-interface anomalies by converting multivariate KPI streams into visual representations, scoring textual per-interface descriptions against O-RAN domain knowledge, and verifying suspects on high-resolution heatmaps, thereby producing the problematic interfaces, anomalous time intervals, an indicative O-RAN WG11-aligned operational impact rating, and the decision rationale.
What carries the argument
The three-stage VLM-LLM-VLM pipeline that renders KPI streams as images, scores textual interface descriptions, and confirms findings on heatmaps.
If this is right
- Names the specific interfaces and time intervals where anomalies occur.
- Supplies an operational impact rating aligned with O-RAN working-group guidance.
- Generates an explicit rationale for each detection decision.
- Operates without labelled baselines or repeated retraining as new threats appear.
- Handles the high-dimensional telemetry that overwhelms single-model time-series approaches.
Where Pith is reading between the lines
- The same visual-to-textual scoring pattern could be tested on anomaly detection tasks in other disaggregated multi-vendor systems such as cloud or edge computing fabrics.
- Domain-knowledge updates might replace model retraining for many evolving-threat settings, lowering long-term maintenance cost.
- The pipeline could be combined with existing O-RAN monitoring dashboards to surface only the highest-confidence interface-level alerts.
Load-bearing premise
Turning KPI numbers into images and text descriptions will let the models reliably match them to O-RAN knowledge and surface anomalies even when labelled examples are scarce and threats keep changing.
What would settle it
Applying DAST to a fresh collection of O-RAN testbed traces under performance degradation attacks and finding that its detection rate falls below that of standard time-series anomaly detectors.
Figures
read the original abstract
O-RAN enables a disaggregated baseband stack with programmable functions that communicate over standardized open interfaces. The same openness that enables multi-vendor composition also expands the attack surface across logically decoupled tiers that make up the compute continuum. Among these threats, Denial-of-Service and performance-degradation attacks, which account for the majority of catalogued O-RAN threats, are particularly difficult to detect. Traditional Time-Series Anomaly Detection (TSAD) methods fail in this new regime where labelled baselines are scarce, threats evolve faster than detectors can be retrained, and the high-dimensional multivariate telemetry overwhelms monolithic inference models. To address these challenges, we present DAST, a zero-shot multi-agent framework for cross-interface anomaly detection in O-RAN that chains a three-stage VLM $\rightarrow$ LLM $\rightarrow$ VLM pipeline. DAST converts multivariate KPI streams into visual representations, scores textual per-interface descriptions against O-RAN domain knowledge, and verifies suspects on high-resolution heatmaps to output the problematic interfaces, the anomalous time intervals, an indicative O-RAN WG11-aligned operational impact rating and the decision rationale. We evaluate DAST on real network traces collected from an O-RAN testbed under representative performance degradation scenarios, achieving 0.910 F1-Score and 0.843 Accuracy, outperforming state-of-the-art TSAD baselines.
Editorial analysis
A structured set of objections, weighed in public.
Referee Report
Summary. The paper presents DAST, a zero-shot multi-agent VLM-LLM-VLM framework for cross-interface anomaly detection in O-RAN. It converts multivariate KPI streams to visual representations, scores per-interface textual descriptions against O-RAN domain knowledge, and verifies suspects on high-resolution heatmaps to identify problematic interfaces, anomalous intervals, and WG11-aligned impact ratings. On real traces from an O-RAN testbed under performance degradation scenarios, it reports 0.910 F1-Score and 0.843 Accuracy while outperforming TSAD baselines.
Significance. The work addresses a relevant and timely problem in O-RAN security, where disaggregated interfaces increase the attack surface for DoS and degradation attacks and where label scarcity plus rapid threat evolution limit traditional TSAD methods. The concrete empirical numbers on real testbed data constitute a potential strength if they can be substantiated; the zero-shot, multi-agent design aligns with the stated constraints of the domain.
major comments (2)
- [Evaluation] Evaluation section: the central performance claim (F1-Score 0.910, Accuracy 0.843, outperformance vs. TSAD baselines) is presented without any description of the number or duration of traces, the exact performance-degradation scenarios, the concrete implementations or hyper-parameters of the baseline methods, statistical significance tests, or error bars. These omissions make the reported superiority impossible to assess or reproduce.
- [Methodology] Methodology section: the three-stage pipeline is described at a high level, but the precise method for converting multivariate KPI streams into visual inputs, the exact prompts and O-RAN domain-knowledge sources supplied to the LLM, the decision rule for the operational-impact rating, and the verification logic on heatmaps are not specified. Without these details the framework cannot be evaluated for internal consistency or edge-case behavior.
minor comments (2)
- The abstract refers to "representative performance degradation scenarios" without enumerating them or justifying their selection; a brief enumeration in the evaluation section would improve clarity.
- Notation for the VLM-LLM-VLM pipeline uses an arrow symbol that is clear in LaTeX but should be spelled out on first use for readers unfamiliar with the abbreviation chain.
Simulated Author's Rebuttal
We thank the referee for their constructive feedback on our manuscript. We address each of the major comments below and commit to revising the paper to enhance its clarity, detail, and reproducibility.
read point-by-point responses
-
Referee: [Evaluation] Evaluation section: the central performance claim (F1-Score 0.910, Accuracy 0.843, outperformance vs. TSAD baselines) is presented without any description of the number or duration of traces, the exact performance-degradation scenarios, the concrete implementations or hyper-parameters of the baseline methods, statistical significance tests, or error bars. These omissions make the reported superiority impossible to assess or reproduce.
Authors: We agree with the referee that the Evaluation section lacks sufficient detail for full reproducibility and assessment of the results. In the revised version of the manuscript, we will provide a comprehensive description of the testbed traces, including their number and duration, the specific performance-degradation scenarios employed, the concrete implementations and hyper-parameters of all baseline methods, statistical significance tests, and error bars on the reported metrics. revision: yes
-
Referee: [Methodology] Methodology section: the three-stage pipeline is described at a high level, but the precise method for converting multivariate KPI streams into visual inputs, the exact prompts and O-RAN domain-knowledge sources supplied to the LLM, the decision rule for the operational-impact rating, and the verification logic on heatmaps are not specified. Without these details the framework cannot be evaluated for internal consistency or edge-case behavior.
Authors: We acknowledge that the Methodology section is presented at a high level. To address this, we will expand the section in the revision to include the precise method for converting multivariate KPI streams into visual inputs, the exact prompts used and the O-RAN domain-knowledge sources provided to the LLM, the decision rule for the operational-impact rating, and the detailed verification logic applied to the heatmaps. revision: yes
Circularity Check
No significant circularity
full rationale
The paper describes an empirical framework (VLM-LLM pipeline) evaluated on real O-RAN testbed traces, reporting concrete performance numbers (0.910 F1, 0.843 Accuracy) against baselines. No equations, derivations, fitted parameters, or self-citation chains appear in the supplied text; all load-bearing claims reduce to experimental measurement rather than any definitional or predictive reduction to the inputs themselves.
Axiom & Free-Parameter Ledger
Reference graph
Works this paper leans on
-
[1]
O-RAN Security Threat Modeling and Remediation Analysis 4.0,
O-RAN Alliance Working Group 11, “O-RAN Security Threat Modeling and Remediation Analysis 4.0,” https://orandownloadsweb. azurewebsites.net/download?id=356, 2022, accessed: Jan 2026
2022
-
[2]
A Deep Neural Network for Unsupervised Anomaly Detection and Diagnosis in Multivariate Time Series Data,
C. Zhang, D. Song, Y . Chen, X. Feng, C. Lumezanu, W. Cheng, J. Ni, B. Zong, H. Chen, and N. V . Chawla, “A Deep Neural Network for Unsupervised Anomaly Detection and Diagnosis in Multivariate Time Series Data,”Proceedings of the AAAI Conference on Artificial Intelligence, vol. 33, no. 01, pp. 1409–1416, Jul. 2019. [Online]. Available: https://ojs.aaai.or...
2019
-
[3]
Spotlight: Accurate, Explainable and Efficient Anomaly Detection for Open RAN,
C. Sun, U. Pawar, M. Khoja, X. Foukas, M. K. Marina, and B. Radunovic, “Spotlight: Accurate, Explainable and Efficient Anomaly Detection for Open RAN,” inProceedings of the 30th Annual International Conference on Mobile Computing and Networking, ser. ACM MobiCom ’24. New York, NY , USA: Association for Computing Machinery, 2024, p. 923–937. [Online]. Avai...
-
[4]
Large Language Models can Deliver Accurate and Interpretable Time Series Anomaly Detection,
J. Liu, C. Zhang, J. Qian, M. Ma, S. Qin, C. Bansal, Q. Lin, S. Rajmohan, and D. Zhang, “Large Language Models can Deliver Accurate and Interpretable Time Series Anomaly Detection,” in Proceedings of the 31st ACM SIGKDD Conference on Knowledge Discovery and Data Mining V .2, ser. KDD 25. New York, NY , USA: Association for Computing Machinery, 2025, p. 46...
-
[5]
Harnessing Vision- Language Models for Time Series Anomaly Detection,
Z. He, S. Alnegheimish, and M. Reimherr, “Harnessing Vision- Language Models for Time Series Anomaly Detection,”Proceedings of the AAAI Conference on Artificial Intelligence, vol. 40, no. 26, pp. 21 690–21 698, Mar. 2026. [Online]. Available: https://ojs.aaai.org/ index.php/AAAI/article/view/39319
2026
-
[6]
Can Multi- modal LLMs Perform Time Series Anomaly Detection?
X. Xu, H. Wang, Y . Liang, P. S. Yu, Y . Zhao, and K. Shu, “Can Multi- modal LLMs Perform Time Series Anomaly Detection?” inProceedings of the ACM Web Conference 2026, 2026, pp. 5392–5403
2026
-
[7]
Effective troubleshooting,
C. Jones, “Effective troubleshooting,” inSite Reliability Engineering: How Google Runs Production Systems, B. Beyer, C. Jones, J. Petoff, and N. R. Murphy, Eds. O’Reilly Media, 2016, ch. 12
2016
-
[8]
Towards 6G: Architectural Innovations and Challenges in the ORIGAMI Framework,
L. E. Chatzieleftheriou, M. Gramaglia, A. Garcia-Saavedra, S. Gebert, G. Garcia-Aviles, S. Geissler, M. Fiore, P. Patras, A. Lutu, D. Tsolkas et al., “Towards 6G: Architectural Innovations and Challenges in the ORIGAMI Framework,” in2024 Joint European Conference on Net- works and Communications & 6G Summit (EuCNC/6G Summit). IEEE, 2024, pp. 1139–1144
2024
-
[9]
Attacking O-RAN Inter- faces: Threat Modeling, Analysis and Practical Experimentation,
P. Baguer, G. M. Yilma, E. Municio, G. Garcia-Aviles, A. Garcia- Saavedra, M. Liebsch, and X. Costa-P ´erez, “Attacking O-RAN Inter- faces: Threat Modeling, Analysis and Practical Experimentation,”IEEE Open Journal of the Communications Society, 2024
2024
-
[10]
TESSERACT: Eliminating Experimental Bias in Malware Classifica- tion across Space and Time,
F. Pendlebury, F. Pierazzi, R. Jordaney, J. Kinder, and L. Cavallaro, “TESSERACT: Eliminating Experimental Bias in Malware Classifica- tion across Space and Time,” in28th USENIX security symposium (USENIX Security 19), 2019, pp. 729–746
2019
-
[11]
See it, Think it, Sorted: Large Multimodal Models are Few- shot Time Series Anomaly Analyzers,
J. Zhuang, L. Yan, Z. Zhang, R. Wang, J. Zhang, and Y . Gu, “See it, Think it, Sorted: Large Multimodal Models are Few- shot Time Series Anomaly Analyzers,” 2024. [Online]. Available: https://arxiv.org/abs/2411.02465
-
[12]
AI- on-RAN for cyber defense: An XAI-LLM framework for interpretable anomaly detection,
S. Chatzimiltis, M. Shojafar, M. B. Mashhadi, and R. Tafazolli, “AI- on-RAN for cyber defense: An XAI-LLM framework for interpretable anomaly detection,”IEEE Transactions on Network Science and Engi- neering, vol. 13, pp. 3301–3319, 2026
2026
-
[13]
FALCON: An Accurate Real-Time Monitor for Client-based Mobile Network Data Analytics,
R. Falkenberg and C. Wietfeld, “FALCON: An Accurate Real-Time Monitor for Client-based Mobile Network Data Analytics,” in2019 IEEE Global Communications Conference (GLOBECOM). IEEE, 2019, pp. 1–7
2019
-
[14]
Po- sition: Quo Vadis, Unsupervised Time Series Anomaly Detection?
M. S. Sarfraz, M.-Y . Chen, L. Layer, K. Peng, and M. Koulakis, “Po- sition: Quo Vadis, Unsupervised Time Series Anomaly Detection?” in Proceedings of the 41st International Conference on Machine Learning, ser. ICML’24. JMLR.org, 2024
2024
-
[15]
Precision and recall for time series,
N. Tatbul, T. J. Lee, S. Zdonik, M. Alam, and J. Gottschlich, “Precision and recall for time series,”Advances in neural information processing systems, vol. 31, 2018. Francesco Spinelli is a Researcher at i2CAT foundation, Barcelona, Spain, working on applying GenAI techniques to O-RAN. He received the Ph.D. degree from University Carlos III of Madrid (UC...
2018
discussion (0)
Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.