Model Info This model was developed by INRIA as part of the SHIELD framework: SHIELD is a research framework designed to evaluate machine-learning-based approaches for detecting jamming and interference in 5G networks under realistic conditions. For a detailed description of the framework, methodology, and experimental setup, see the: Paper: SHIELD: Scalable and Holistic Evaluation Framework for ML-Based 5G Jamming Detection Source Code: https://github.com/mlsysops-eu/model-5g-jamming-detection Authors Jiali Xu (Inria Centre at the University of Lille) Aya Moheddine (Inria Centre at the University of Lille) Valéria Loscrì (Inria Centre at the University of Lille) Alessandro Brighente (Department of Methematics, University of Padova) Mauro Conti (Department of Methematics, University of Padova) Purpose This model performs real-time detection of 5G jamming and signal degradation events based on time-series telemetry collected from a mobile device. It outputs a probability score indicating whether the observed signal behavior is normal or anomalous, where anomalies may correspond to intentional jamming, interference, or severe radio conditions. The model is designed to run continuously on streaming data and make decisions at fixed inference intervals. Training Data The model was trained on time-series logs collected from a real Android device (OnePlus Nord 2T 5G) operating under both normal and degraded radio conditions. This dataset is publicly available on Zenodo: INRIA SHIELD Framework Dataset - 5G Jamming Attack Detection Training data characteristics: Collected from live 5G operation Includes periods of: Normal network behavior Signal degradation Interference-like patterns consistent with jamming scenarios Derived features are computed from four signal sources: Extended Cell Signal Quality (ECSQ) Thermal sensors RF transmission power Radio signal metrics (RSRP, RSRQ, SINR) Each sample consists of a fixed-length time window (typically 10 seconds), where multiple aggregation functions are applied to raw signals to capture both short-term dynamics and variability. ⚠️ Note: Since the model is trained on data from a specific device and chipset, performance may vary on other devices without retraining or domain adaptation. Model Architecture The model is a sequence-based neural network built around a Long Short-Term Memory (LSTM) backbone, making it suitable for learning temporal dependencies in time-series signal data. High-level architecture: 2 stacked LSTM layers (hidden size: 50) Dropout (0.4) for regularization Sigmoid output layer for binary classification For more information about the model architecture, check the model/model_config.json The network processes a window of aggregated signal features over time and produces a single anomaly probability score for the entire sequence. Preprocessing (RobustScaler normalization) is integrated directly into the ONNX model, ensuring consistent behavior between training and inference. Model Specification Inputs & Outputs Input: Data Type: float32 Shape: [batch_size, seq_len, 60] batch_size: Number of samples (typically 1 for real-time inference) seq_len: Sequence length, typically 10 time steps (10 seconds with 1s resampling) 60: Number of features derived from 4 signal sources with 5 aggregation methods each Feature Composition: ECSQ (Extended Cell Signal Quality): 6 features × 5 aggregations = 30 features Thermal sensors: 2 features × 5 aggregations = 10 features RF transmission power: 1 feature × 5 aggregations = 5 features Signal strength (RSRP, RSRQ, SINR): 3 features × 5 aggregations = 15 features Aggregation Methods: mean, max, min, std, amplitude Preprocessing: RobustScaler normalization (integrated in ONNX models, separate for PyTorch models) Output: Data Type: float32 Shape: [batch_size, 1] Range: [0.0, 1.0] (probability score via sigmoid activation) Interpretation: Score > 0.5: ANOMALY (potential jamming detected) Score ≤ 0.5: NORMAL (no jamming detected) Limitations Sequence Length: The model expects time series data with a minimum sequence length. Shorter sequences may produce unreliable results. Feature Count: Input must have exactly 60 features. Missing or extra features will cause inference to fail. Data Quality: The model assumes continuous data streams. Large gaps or missing data may affect accuracy. Domain Specificity: Trained on specific Android device logs (OnePlus Nord 2T). Performance may vary on different devices without retraining. Real-time Constraints: Inference interval (default 5s) must be longer than preprocessing + inference time to avoid queue buildup. Buffer Dependencies: Requires all 4 buffer types (ecsq, thermal, erftx, signal) to be populated for accurate predictions. Model Execution 1. Create and activate a python virtual environment python3.13 -m venv venv source venv/bin/activate 2. Install dependencies pip install -r requirements.txt 3. Run Inference import onnxruntime as ort import numpy as np # Load model session = ort.InferenceSession("model/lstm_jd_model.onnx") # Prepare input (example: batch=1, seq_len=10, features=60) input_data = np.random.randn(1, 10, 60).astype(np.float32) # Run inference input_name = session.get_inputs()[0].name output = session.run(None, {input_name: input_data})[0] # Interpret result probability = output[0][0] prediction = "ANOMALY" if probability > 0.5 else "NORMAL" print(f"Prediction: {prediction} (score: {probability:.4f})") Citation If you use this model or the SHIELD framework in your research, please cite the following paper: @InProceedings{10.1007/978-3-032-00624-0_12, author = {Xu, Jiali and Moheddine, Aya and Loscr{\`i}, Val{\'e}ria and Brighente, Alessandro and Conti, Mauro}, title = {SHIELD: Scalable and Holistic Evaluation Framework for ML-Based 5G Jamming Detection}, booktitle = {Availability, Reliability and Security}, year = {2025}, publisher = {Springer Nature Switzerland}, address = {Cham}, pages = {235--256}, isbn = {978-3-032-00624-0} } If you wish to cite this specific model version, please use the citation generated by Zenodo (located in the right sidebar of this record). Acknowledgement & Funding This work is part of the MLSysOps project, funded by the European Union’s Horizon Europe research and innovation programme under grant agreement No. 101092912. More information about the project is available at https://mlsysops.eu/