Basics of Mobile Network Security

Audience & Scope

This online course is aimed at Bachelor students in Computer Science, Engineering or similar tracks who already have a fundamental understanding of information security and IP networking.Prior knowledge about mobile communications, is beneficial but not mandatory.

The course serves as a broad introduction to mobile network security, incorporating core network, access network, and mobile handset considerations, as laid out in the 3GPP technical specifications. Beyond that, non-standard aspects such as mobile application security and protecting tightly related technologies, such as virtualized deployments,are briefly covered as well.Focus is put on 5G, but the relation to earlier generations is highlighted.

About the Lecturer

Hans Christian Rudolph serves as Technical Director at wenovator LLC. Prior to joining wenovator, he was part of Rakuten Mobile, first as Security Architect and then as Section Manger Fraud of Intelligence & Platforms. Hans has an extensive experience in securing mobile networks and has been an active contributor to international standards bodies for multiple network operators. He holds a master’s degree in IT Security & Forensics and a bachelor’s degree in Computer Science and Telecommunications.

About wenovator LLC

wenovator LLC is a global provider of cybersecurity services and consulting with top-tier clients across the telecommunications industry. The company is built around the concept of holistic security, and supports leading industry players in protecting their products, services, and customers. The wenovator team combines extensive expertise in security analysis, design, operations and standardization with a proven track record of enabling businesses secure commercial deployments.


Course Outline

Preliminaries

Network Security Basics (approx. 2hrs)

  • Terminology & Security Objectives
    • Confidentiality, Integrity, Availability (CIA)
    • Mutual Authentication
    • Privacy & Safety Aspects
  • Cryptographic Controls
    • Symmetric & Asymmetric Encryption, MACs, AEAD
    • IPsec, TLS, JOSE, Cipher Suites
    • Challenge Response Algorithms

Cellular Mobile Networks (approx. 2hrs)

  • Standardization Process
  • Mobile Generations Briefing
    • 2G/GSM, 3G/UMTS, 4G/LTE, 5G
  • High-Level Network Architecture
    • Cellular Access Network Concept
    • Key Network Functions & Interfaces
    • Control and User Plane Separation
    • Home Network and Serving Network
  • Mobile Network Threats
    • Trust Boundaries and Points of Exposure
    • Local and Remote Attacks
    • Unresolved Threats (e.g.jamming)
  • Recommended Reading

Core Network Security

Access Control / Subscriber Authentication (approx. 1hr)

  • Key Network Functions: UDM/ARPF, AUSF/SIDF, AMF/SEAF
  • Key Security Concepts:
    • 5G Subscriber Identifiers (SUPI, SUCI, 5G-GUTI)
    • 5G AKA, EAP AKA, Enhanced Home Network Control
    • SUPI Concealment / SUCI

Session Management / Mobility (approx. 1hr)

  • Key Network Functions: AMF/SEAF, SMF
  • Key Security Concepts:
    • NAS Security
    • ABBA Parameter
    • 5G Key Hierarchy

Intra-PLMN Signaling (approx. 1hr)

  • Key Network Functions:SCP, NRF
  • Key Security Concepts:
    • Authentication using TLS
    • Network Domain Security
    • Static &OAuth2.0 based Authorization

Roaming / Inter-PLMN Signaling (approx. 1hr)

  • Key Network Functions: SEPP, UPGF, NRF
  • Key Security Concepts:
    • PRINS Protocol
    • Inter-PLMN Authorization

Interworking / Network Exposure (approx. 1hr)

  • Key Network Functions:AMF/SEAF, NEF
  • Key Security Concepts:
    • The Legacy Technology Issue
    • 5G-4G and 5G-to-3G Interworking via N26
    • CAPIF

Access Network Security

Backhaul Communication (approx. 1hr)

  • Key Network Functions: gNB-CU
  • Key Security Concepts:
    • PDCP Security
    • Xn, E1, F1, N1, N2, N3 Interface Security
    • Backhaul Security

Radio Signaling (approx. 1hr)

  • Key Network Functions:gNB-DU, RRU
  • Key Security Concepts:
    • MAC & PHY Layer Protection
    • F1-C & F1-UInterface Security

Non-3GPP Access (approx. 30m)

  • Key Network Functions: N3IWF
  • Key Security Concepts:
    • Trusted and Untrusted Non-3GPP Access
    • IKE Protocol

Mobile Endpoint Security

Mobile Equipment& USIM (approx. 1hr)

  • Hardware Roots of Trust, Secure Boot
  • Visibility and Configurability
  • SUCI Computation
  • USIM as Secure (Credential) Storage
  • Over-The-Air Services &Security

Application Domain Security (approx. 1hr)

  • OS / Kernel Security Features
  • Application Sandboxing / Isolation
  • Permission Enforcement

Securing Related Technologies

Network Function Virtualization (approx. 1hr)

  • Network Function Virtualization (NFV)trust considerations
  • Threats and Controls for NFV workloads and NFV infrastructure
  • Importance of Hardware-based Roots of Trust (HBRT)

Virtual Machines& Container Applications (approx. 1hr)

  • IsolationMechanisms (Hypervisor vs. cgroups)
  • Operational control over the executed software
  • Security arguments for (and against) each of the two

Security Assurance in Mobile Networks (approx. 1hr)

  • The need for security assurance by Network Operators
  • Purpose and Scope of the Network Equipment Security Assurance Scheme (NESAS), jointly developed by 3GPP and GSMA
  • Beyond one-time security validation:Remote Attestation

Course Instructor

Hans Christian Rudolph Hans Christian Rudolph Author

This course does not have any sections.