Attacking and defending 5G cores (17–18 Sept 2024)
Price range: £1,500.00 through £1,790.00 ex VAT
This training course offers hands-on learning experiences and practical demonstrations to equip participants with the skills needed to protect 5G networks effectively.
The course will be cancelled if minimum numbers are not reached so book early to avoid disappointment.
Presented by: Altaf Shaik
5G core networks are rapidly gaining popularity across industries, presenting new challenges in cybersecurity. Organisations face a pressing need to secure their networks against evolving threats, yet there’s a shortage of expertise in this area. Our training program offers hands-on learning experiences and practical demonstrations to equip participants with the skills needed to protect 5G networks effectively. Topics covered include threat modelling, defence strategies, and practical exercises on attacking and defending core networks. By the end of the training, participants will be prepared to safeguard 5G networks and ensure their integrity and confidentiality.
Module 1: Understanding 5G Architecture and Security Foundations
- Overview of 5G architecture and Network IDs
- Security requirements for UE, AMF, SEAF, UDM by 3GPP
- Exploring SUCI, 5G-AKA, EAP-AKA, NAS, and AS crypto Understanding 3GPP 33.501 standards and NIST guidelines
- Securing backhaul, interconnect SEPP, private 5G, and MEC Authentication, Authorisation, and Cryptography for Network Functions
Module 2: Comprehensive Threat Modelling and Risk Assessment
- Identifying security challenges and risks in the 5G core
- Using MITRE FiGHT framework for attack tactics and techniques
- Analyzing new attack patterns for 5G sliced networks (MEC, NFV)
- Strategies for 5G core and RAN assessments with 5G EU toolbox
- Ensuring security compliance and assurance with 3GPP SCAS/SECAM
- Conducting audits using Network Equipment Security Assurance (NESAS)
Module 3: In-Depth 5G System Vulnerability Analysis
- Evaluating 5G System and network attacks
- Understanding stages of core exploitation and entry points
- Examining attacks on User-to-network and network-to-network interfaces
- Assessing reconnaissance, exploitation, and persistence strategies
- Identifying rogue network functions, APIs, and spoofed slices
- Uncovering threats like protocol tunneling and MEC exploitation
- Exploring supply chain security for network function containers
Module 4: 5G Security Pentesting Techniques
- Overview of tools and techniques for pentesting 5G interfaces and endpoints
- Probing network functions over HTTP/2
- Fuzzing 3GPP core interfaces NGAP (N1/N2) and core service-based APIs
- Conducting core network intrusion (via N1/N2, SEPP) and container breakouts
- Securing IoT service platform application security (Northbound APIs)
Module 5: Hands-On Exercises: Simulations and Assessments
- Simulating an end-to-end 5G multi-slice network
- Network reconnaissance and intrusion into an on-site 5G core network testbed
- Vulnerability scanning for 5G core
- Executing inter-slice compromise attacks via NRF/AMF/SEAF/UDM
- Insider data theft on UPF/UDR
- Auditing 5G AMF using SECAM 33.512
- Investigating PFCP exposure, DoS, and hijacking
Module 6: Defence-in-Depth Strategies
- Establishing network function (container) access and monitoring rules
- Implementing network border firewall rules for MNO interconnect
- Utilising 5G network analytics and log monitoring (NWAF)
- Ensuring secure communication proxy for 5G core
- Enhancing NEF/SCEF security via Telecom API Top 10
- Incorporating supply chain security testing and monitoring
Module 7: Case Studies
- Security assessment of 5G core network security configurations
- Intrusion scenarios to 5G core via commercial exposure function (NEF/SCEF)
- Examining 5G private core configurations and security settings
Overall, this advanced 5G practical security training will provide attendees with a comprehensive understanding of the security risks and vulnerabilities associated with 5G networks, as well as the knowledge and tools to implement effective security measures to protect their networks and data.
Technical expertise in 5G core security and protocols: Gain an in-depth understanding of 5G core network security and protocols, which will enable them to perform effective penetration testing on 5G networks. They will be able to identify and exploit vulnerabilities in 5G core networks, and devise strategies to secure these networks against potential attacks.
Practical skills in using 5G pentesting tools and techniques: Learn how to use the latest 5G pentesting tools and techniques to perform vulnerability assessments, penetration testing, and exploit development on 5G networks. They will also learn how to evaluate and select the most appropriate tools and techniques for specific testing scenarios.
Awareness of 5G security challenges and best practices: Exposure to the latest 5G security challenges and best practices, including network slicing security, network function virtualization security, and secure communication between 5G core network entities. They will gain an understanding of how these challenges can be mitigated using best practices, and be able to apply these practices in their own organizations to ensure the security of their 5G networks.
- Pentesting tools custom-made for recon, core intrusion, & PFCP testing
- Access to 5G virtual lab that models a multitude of threats inside a sliced core network
- 5G Network traffic monitoring and analysis tools for core and devices
- Case studies and real-world example like exploits for IoT service platforms, API traffic
- Virtual machine files packaged with all proprietary test, audit and evaluation tools
This course is ideal for wireless and mobile network security architects, telecom engineers, security researchers/practitioners, and students (advanced graduate students), or anyone interested in understanding: 5G security aspects, and new security improvements, and how they contribute to build secure next-generation networks.
A basic understanding of at least either wireless communications or security is recommended for participation in this course. Furthermore, knowledge of basic concepts of telecom technologies like 2/3/4/5G systems, clouds, micro services, and APIs is desirable. Good knowledge and usage of Wireshark and one or more programming/scripting languages is also highly recommended.
A laptop with linux OS (preferably latest Ubuntu), USB3 support and support for running Virtual machines and dockers.
Dr. Altaf Shaik is a renowned security expert in the field of mobile networks and is currently working as a senior research scientist at the Technische Universität Berlin in Germany. He conducts advanced research in telecommunications, esp., security of 6G networks, and OpenRAN systems in collaboration with the operator Deutsche Telekom also in Germany. He combines a professional background in programming, wireless communications and a 12 years of experience in offensive mobile network security.
Dr. Shaik recently unveiled critical weaknesses in the latest telecom APIs that tend to integrate industries and organisations with 5G mobile networks. His renowned research on IMSI catchers exposed several vulnerabilities in the commercial 4G and 5G specifications and commercial networks that allow attackers to perform powerful attacks compromising millions of base stations, handsets, M2M and IoT devices. Having said that he is also a strong contributor in shaping the cellular security standards over the 5G radio access and core networks.
Altaf is a frequent speaker and trainer at various prestigious international security conferences such as Black Hat USA & Europe, T2, SECT, Nullcon, Hardware.io and HITB and many others. His accomplishments landed him in the hall of fame of many organisations including Google, Qualcomm, Huawei and GSMA. He also trains various companies, telecom engineers and organisations (including governments) in exploit development, solving cybercrimes, testing and security evaluation of telecom equipment, and also building secure and custom mobile networks for private entities and law enforcement bodies.
The two-day course will take place on 17 and 18 September 2024 at the Novotel London West.
The price is £1,800 (inc VAT/£1,500 ex VAT).
Conference and training tickets are non-refundable as per our Terms of Service.
This ticket is NOT transferable (i.e. you cannot use it one day and pass it to someone the other — you can however change the name on it if circumstances change and you can’t attend).
The course will be cancelled if minimum numbers are not reached so book early to avoid disappointment.
If you purchase a training course you get discounted rates for future training courses for one year and for the following 44CON conference.