5G Security Bootcamp

This intensive bootcamp is designed for cybersecurity professionals, network engineers, and IT specialists who want to master the intricacies of 5G security. Through a combination of theoretical knowledge and hands-on practice, participants will gain the skills necessary to design, implement, and defend secure 5G networks against real-world threats.

Play Video

Key Learning Objectives

Real-world Attack Vectors in 5G

Real-world Attack Vectors in 5G

  • Analyze and understand common and emerging threats specific to 5G networks
  • Explore attack surfaces unique to 5G architecture
Threat Mapping with MITRE and MOTIF Frameworks

Threat Mapping with MITRE and MOTIF Frameworks

  • Learn to map 5G attack vectors to established cybersecurity frameworks
  • Gain proficiency in using MITRE ATT&CK and MOTIF for threat analysis
Standards-Aligned Security Solutions

Standards-Aligned Security Solutions

  • Develop security solutions in compliance with 3GPP and ETSI standards
  • Understand the importance of global standards in 5G security
Secure Infrastructure Design

Secure Infrastructure Design

  • Master High-Level Design (HLD) and Low-Level Design (LLD) for 5G networks
  • Learn to incorporate security at every layer of the network architecture
Advanced Security Assessment Techniques

Advanced Security Assessment Techniques

  • Conduct comprehensive threat modeling for 5G environments
  • Perform penetration testing and vulnerability assessments on 5G networks
  • Develop skills in real-time attack tracing and analysis
Compliance and Assurance

Compliance and Assurance

  • Deep dive into Network Equipment Security Assurance Scheme (NESAS)
  • Explore Security Assurance Specifications (SCAS) test cases for network products
  • Learn to ensure compliance with industry security standards

Course Highlights

Hands-on Labs

Hands-on Labs

Engage in practical, real-world attack and defense scenarios on Simulated 5G Control, User plane, virtualized Radio, Core and Cloud NFV Stack deployed on Public Cloud.

Interactive Sessions

Interactive Sessions

Participate in discussions and problem-solving exercises using traces, debug files, call flow analysis.

Real-World Simulations

Real-World Simulations

Experience and defend against simulated 5G network attacks of SCAS, fuzzing scripts, and assessments using threat modeling, vulnerability scanning and penetration testing tools.

In-Depth Trace Analysis

In-Depth Trace Analysis

Learn to interpret and analyze complex attack patterns in Wireshark, Splunk with MITRE and MOTIF Frameworks.

Project-Based Learning

Project-Based Learning

Design HLD, LLDs of enterprise and 3GPP security controls, learn practical security assessments of NECAS, SCAS, understand Fedramp compliance requirements and implement a secure 5G network as a course project.

Case Study Analysis

Case Study Analysis

Root cause analysis of recent cyber attacks on Tier 1 Operators of the US, Midde East and Asia Pacific.

Target Audience: Telecom professionals (Radio, Core, BSS/OSS), Telco Cloud Infrastructure Engineers, Telecom Research students and Cybersecurity Professionals

Duration: 5 Classes (3 hours each)

Mode: Virtual, Hands-on labs on simulated 5G environment, practical use cases, call flow diagrams, HLD/LLD review and trace analysis

Date and Time: 21st – 25th October 13:00-16:00 EST.

Program Topics

Day 1: Introduction to 5G Security Landscape
  • Overview: Evolution from 4G to 5G, key differences, new attack surfaces, and security challenges.
  • Content:
    • 5G architecture (RAN, Core, BSS/OSS, Cloud)
    • 5G security standards (3GPP, ETSI)
    • TS33.501 security architecture review
    • Threat vectors (UE, RAN, Core, NFV, SDN)
    • Threat modeling Review of attack vectors
  • Lab: Model threats using MITRE 5G and MOTIF
  • Use Case: Review security parameters in registration, Auth, Session management call flow.
Day 2: 5G Security in Depth

1. 5G Core Security

  • Overview: Security in the Service-Based Architecture (SBA) core.
  • Content:
    • Overview of 5G Core (AMF, SMF, UPF, NRF, NSSF)
    • Security functions: SEPP, AUSF, UDM, SDL
    • Review of 3GPP requirements for Core under TS.33 series for Core
    • Deep dive on cryptography (encryption, Integrity checks)
    • Network exposure security (NEF, API security)
  • Lab:  TLS/NON-TLS between NFs, message analysis between NRF – HTTP/2, Security test cases of Core, Sample Core attack scenarios
  • Use Case: Hardening Access control and prevent lateral movement for SBA

2. 5G Radio Access Network (RAN) Security 

  • Overview: RAN architecture, security challenges in Open RAN.
  • Content:
    • Security parameters of radio access network
    • RAN-to-Core interface (SCTP, NG, GTPU interface) security
    • Open RAN security (O-RAN Alliance) requirements overview
    • Radio-level attacks and countermeasures
    • Review RU, DU, CU Security parameters and Interfaces
  • Lab: Security parameters review for RAN (SUPI Encryption, ABBA, Replay, bidding down), Attack vector analysis for N1, N2, N3.
  • Use Case: Security Solution – Implementing transport and application security between RAN and Core using PKI
Day 3: 5G Signaling Protocol and Interworking Security
  1. 5G Signaling Protocol
  • Overview: Analysis of signaling protocols and potential vulnerabilities.
  • Content:
    • Security of HTTP/2, PFCP and GTPC, GTPU
    • Core to BSS (Provisioning, Charging) and OSS Interworking Security
    • Attack vectors in SBA: signaling storms, protocol fuzzing
    • Protocol security enhancements (TLS/AUTH, IPsec)
    • Security assessment review of Core (On-Prem vs Cloud)
  • Lab: Design considerations for enabling TLS/Oauth in SBA, NECAS/SCAS security test cases for 5G Core
  • Use Case: Hardening SBA security for Internal and External threats.

2. Security in BSS/OSS for 5G 

  • Overview: Secure operations in BSS/OSS integration with 5G.

  • Content:
    • Role of BSS/OSS in 5G (billing, management, orchestration)
    • API security between BSS/OSS and 5G core
    • Securing operational workflows (provisioning, fault management)
    • Security review of CHF (PII handling, CDR exchange)
    • 5G Security KPIs and Alarms for Monitoring in OSS.
  • Lab: Securing API communications between OSS and 5G Core, Swagger, Postman (open source).
  • Use Case: Securing provisioning systems, data privacy impact assessment.
Day 4: Cloud and Virtualization Security in 5G

1. Day 4: Cloud and Virtualization Security in 5G 

  • Overview: Security in cloud-native 5G deployments.
  • Content:
    • Security in 5G Cloud Infrastructure (NFV, SDN)
    • Container and Cluster security, using Kubernetes in 5G
    • Security for virtual network functions (VNF) and cloud-native network functions (CNF)
    • Cloud security review of 5G applications on Hybrid Cloud
  • Lab: Review security parameters for CNF, VNF with EKS, preventing lateral movements, service account hardening, POD security Policies, Micro segmentation
  • Use Case: Securing multi-cloud environments and microservices architecture in 5G.
Day 5: 5G Security Monitoring and Advance Usecases

1. Day 5: 5G Security Monitoring and Incident Response 

  • Overview: Real-time security monitoring, threat detection, and response.
  • Content:
    • 5G-specific Security Operations Center (SOC)
    • Threat hunting and anomaly detection in 5G networks
    • Incident response and forensics
    • AI and ML in 5G threat detection
    • Vulnerability scanning and remediation
    • Security logging and monitoring architecture
    • EBPF Understanding for hardening Linux Kernel
  • Lab: Security Logging capture for 5g applications using Kibana and Cloud Watch, Secure monitoring with Prometheus/Grafana, Vulnerability Scanning and Triage for CVEs, AWS Security suits review (Cloud Watch, Guard duty, Inspector).
  • Use Case: How to detect and respond to a cyber incident on a 5G network.

2. Day 5: 5G Advance Use cases, Network Slicing and MEC Security

  • Overview: Securing network slicing in multi-service environments.
  • Content:
    • Network slice isolation techniques
    • Security in SLA management
    • Slicing use cases with threats and solutions
    • Secure application deployment on MEC (D-UPF)
    • MEC Secure Design review
  • Lab: Configuring secure network slices with QoS policies, slice mutual authentication, Security consideration for N3, N4, N6 for MEC Use case
  • Use Case: How to prevent cross-slice and distributed architecture attacks.

Bootcamp Outcome

At the end of this bootcamp, participants will:

  • Gain in-depth knowledge of 5G security architecture and associated threats.
  • Align enterprise security requirements with latest 3GPP and ETSI security standards.
  • Prepare High-Level Design (HLD) and Low-Level Design (LLD) security documents for 5G solutions.
  • Assist in 5G security assessments such as threat modeling, penetration testing, security assurance testing
  • Perform security operations of a 5g network, perform vulnerability management, including remediation of threats in hybrid cloud network and perform data privacy compliance checks and audits

Implement security monitoring, conduct trace analysis, and perform incident response for real-world 5G networks.

Certification

Upon successful completion of the bootcamp, participants will receive:

  • Verifiable Certificate of Completion: A digital certificate that validates your expertise in 5G security
  • Unique Verification Code: Each certificate includes a unique code for authenticity verification
  • Online Verification Portal: Employers can easily verify the authenticity of certificates through our secure online portal

Why It Matters

Understanding and implementing robust 5G security is crucial in today’s rapidly evolving technological landscape:

Critical Infrastructure Protection

Critical Infrastructure Protection

5G networks will form the backbone of smart cities, autonomous vehicles, and industrial IoT. Ensuring their security is vital for public safety and economic stability.

Data Privacy

Data Privacy

With 5G enabling massive data collection and transmission, protecting user privacy becomes more critical than ever.

National Security

National Security

5G networks are increasingly seen as a matter of national security, with potential vulnerabilities posing risks to government communications and critical services.

Economic Impact

Economic Impact

Security breaches in 5G networks could lead to significant financial losses for businesses and economies. Proper security measures are essential for maintaining trust and enabling innovation.

Emerging Threats

Emerging Threats

The unique architecture of 5G introduces new attack surfaces and vulnerabilities that require specialized knowledge to address.

Regulatory Compliance

Regulatory Compliance

As 5G deployments increase, so do regulations around its security. Understanding and implementing compliant security measures is crucial for organizations.

What our Alums have to say:

FAQs

What will happen after I make the payment and get enrolled?

You will get an access to the learning management system (LMS) through your registered ID, where you will get an access the live session and course materials.

Will the session be recorded?

Yes, all sessions will be recorded and you will get the access to the recording after the end of bootcamp.

Will I get any refund?

Unfortunately, there will No refunds, we will collect the feedback after every class and ensure that the learners meet their learning objectives and any concerns are timely addressed.

How long will I get an access to the Labs?

The lab environment will be available to the learners for 2 weeks. 1 week during the camp and an week extra to complete the assignment work and clear any doubts.

 

Will there be an orientation class to make sure I can access the labs, complete the pre-requirements to access the labs?

Yes, we will inform the learner through email for the orientation class. It will be 1 hour which we will provide the credentials, and guide how to set up the equipment and assist in technical issues

What is the structure of the classes and what are the lab timings?

Each class will start at 12EST, the lecture will be for 1.5hrs, followed with a QUIZ, then a break of 15 mins. Then 1 hour Lab and 10-15 mins Q/A-Feedback in the end.

When will I get my certificate?

You will get the certificate by the end of the day 5.

Where do I need to submit my assignment and project work?

You need to submit the all the BootCamp work on the LMS

How can I get in touch with the team?

You can reach out to our support team at support@xecuritypulse.com and expect a response within 24 hours.

Services

Company

Resources

Partners

Get Updated

Be a part of our Community and stay updated with the industry updates.