Length: 4 Days
Print Friendly, PDF & Email

5G Cybersecurity Training Bootcamp

Cybersecurity professionals are in agreement: 5G cybersecurity needs significant improvements to avoid growing risks of hacking.

Some of the security worries are a result of the network itself, while others involve the devices connecting to 5G. But both aspects put consumers, governments, and business at risk.

One major concern is decentralized security. Pre-5G networks had fewer hardware traffic points-of-contact, which made it easier to do security checks and upkeep. 5G’s dynamic software-based systems have far more traffic routing points.

Another concern: lack of encryption early in the connection process. This is due to revealing 5G device information that can be used for device specific IoT targeted attacks.

There’s also the belief that the extra bandwidth that 5G brings will strain current security monitoring.

The 5G threat landscape is complex because it combines the 5G stack with traditional IP-based legacy threats as well as threats introduced by virtualization technology.

Various studies, including the ENISA Threat Landscape for 5G Networks, provide in-depth analyses of technical and other threats. The biggest security challenges stem from innovations at the core of 5G technology and the emergence of a new supply chain of multiple individual software vendors. In the global context, one important factor is a lack of trust in the small group of 5G core infrastructure suppliers.

One specific challenge involves new supply chains and the heavy reliance on software vendors. This is because 5G makes use of Software Defined Network technology (SDN) and Network Function Virtualization (NFV), entailing a shift from hardware specialization to specialization within the software stack.

5G technology also plays into the many schemes of cybercriminals. Take 5G spying. The possibility does exist that manufacturers could invade users’ privacy and quietly gather information from unaware users through backdoors. Who could be compromised? Not only individual users but also enterprises, particularly those with employees accessing work-related data on inadequately protected mobile devices.

There’s also the 5G dependency factor. Enterprises and infrastructures will come to depend on 5G significantly more than its predecessors. Air traffic, smart cars, hospitals, and more will rely on 5G. With so many interconnected IoT devices and infrastructures, a security breach in one area can have cascading effects on network-connected devices. The fallout from cyberattacks on unsecured devices can be more catastrophic than ever before, even affecting general public safety.

The potential for 5G monitoring attacks and 5G DDoS attacks is also a concern for cybersecurity professionals.

5G Cybersecurity Training Bootcamp Course by Tonex

5G cybersecurity training bootcamp is a 4-day course that focuses on 5G cybersecurity issues and mitigation techniques.

The scope of this training is to leverage the 5G security features which are defined
in standards to provide enhanced cybersecurity capabilities addressing needs for service providers, network equipment manufacturers, software vendors and end-user devices. Participants will learn how to identify security characteristics of the underlying technologies and components of the supporting infrastructure required to

effectively operate a 5G network.

5G technology will drive an overhaul of telecommunication networks with its mind-boggling promise. 5G Cybersecurity training Bootcamp is a combination of theoretical lectures and practical insight that helps participants gain in-depth knowledge about current and future state of 5G mobile technology, architecture, protocols and 5G cybersecurity.

5G networks will soon be at the core of mission-critical systems that facilitate the connectivity, automation and digitization of robots, machines, transportation systems and more. But also, cybersecurity experts predict 5G networks will be at center ring for bad actors around the planet to violate.

5G Cybersecurity Bootcamp is a combination of theoretical lectures and practical insight that helps participants gain in-depth knowledge about current and future state of 5G mobile technology, architecture, protocols and 5G cybersecurity.

Learning Objectives  

Upon the completion of 5G Fundamentals training, attendees will:

  • Learn the fundamental concepts of 5G system
  • List and discuss various 5G use cases
  • Discuss differences and similarities between 5G (Release 16) and 4G LTE-Advanced Pro
  • Discuss end-to-end 5G network architecture
  • Describe 5G NR, 5GC: 5G core functions, architecture, AMF, Network Slicing, NG-RAN, SBA, SMF, UPF, SDN/VFN, Network Slicing, MEC, LTE-M, and 5G/NB-IoT
  • Identify 5G operational scenarios, D2D, and signaling
  • Discuss security architecture and procedures for 5G systems
  • Explain 5G security issues, attacks and mitigation

Course Agenda

Overview of the 5G Mobile Network

  • Overview of 5G
  • Overview of 3GPP Release 16
  • 5G Network/transport
  • 5G Node/platform
  • 5G Application and Services
  • 5G Vs. 5GE Vs. 4G LTE
  • 5G Use Cases
  • Enhanced Mobile Broadband
  • Connected Vehicles
  • Enhanced Multi-Media
  • Massive Internet of Things
  • Ultra-Reliable Low Latency Applications
  • Fixed Wireless Access

The 5G System Survey

  • Principles of 5G Core (5GC)
  • Principles of 5G New Radio (5G NR)
  • NR, gNB, NG-RAN and 5GC
  • NG RAN
  • Dual Connectivity options

5G RAN and Core Architecture Overview

  • Changes and Improvements Compared to 4G
  • CP/UP Split
  • NW Slicing
  • Key Network Functions
  • Network Connectivity
  • Service-Based Architecture (SBA)
  • Network interfaces and services
  • Network Exposure Function
  • Protocols
  • Control and User Plane separation
  • Modularization
  • Virtualization
  • Service-based Architecture (SBA)
  • Network Slicing
  • NFV and SDN
  • Multi-Access Edge Computing (MEC)
  • Network Slicing
  • Benefits of network slicing
  • Network Slice Selection Function
  • Interworking with 4G EPC
  • 5G Protocol Stack (OSI-based)
  • Quick Compare: Verizon, AT&T, T-Mobile, Sprint, others
  • Virtualizing the 5G Network Core and use Mobile Edge Computing (MEC)

5G Identifiers

  • Subscription Permanent Identifier (SUPI)
  • Subscription Concealed Identifier (SUCI)
  • Subscription Identification Security
  • Permanent Equipment Identifier
  • Subscription Identifier De-concealing Function
  • 5G Globally Unique Temporary Identifier

5G Evolution of RAN and Core Network

  • 5G Core Architecture
  • 5G Service Based Architecture SBA
  • Network Functions (NFs)
  • Access and Mobility Management function (AMF)
  • Control Plane Model Layer (CPML)
  • Hardware Abstraction Layer (HAL)
  • Composable Network Application Processor (CNAP)
  • Session Management function (SMF)
  • 5G User Plane Function (UPF)
  • Policy Control Function (PCF)
  • Authentication Server Function (AUSF)
  • Unified Data Management (UDM)
  • Application Function (AF)
  • Network Exposure function (NEF)
  • NF Repository function (NRF)
  • Network Slice Selection Function (NSSF)
  • NETCONF and YANG for control of all Integrated Control Plane
  • Evolution of Mobile Base Stations
  • Multi-access Edge Computing (MEC)

5G Operational Procedures

  • Network Operation: Registration of UE
  • Authentication
  • Security framework
  • UE states
  • Procedure for using subscription temporary identifier
  • Subscriber privacy
  • Secure steering of roaming
  • UE-assisted network-based detection of false base station
  • Network redundancy in 5G core and network slicing
  • PDU Session Establishment
  • Components of PDU session
  • IP and Ethernet addressing
  • 5G-NR Call Flows
  • 4G-5G dual connectivity
  • 5G-NR Non Standalone Access Flow (EN-DC)
  • 5G-NR Standalone Access Registration Flow
  • Non-Standalone NR Security

Device to Device Communication (D2D)

  • Receiver Synchronization
  • Secure D2D Communication in 5G Networks
  • Security Issues with D2D
  • D2D Security Threats

Overview of Security Architecture in 3GPP

  • 3GPP security standards
  • Security Functions for 5G
  • Increased home control
  • Unified authentication framework
  • Security Anchor Function (SEAF)
  • Subscriber identifier privacy

Overview of 5G Security Architecture

  • 5G Security domains
  • Security entity at the perimeter of the 5G Core network
  • Security entities in the 5G Core network
  • Requirements for e2e core network interconnection security
  • Authentication framework
  • Granularity of anchor key binding to serving network
  • Mitigation of bidding down attacks
  • Service requirements

Security Requirements and Features

  • General security requirements
  • Requirements on the UE
  • Requirements on the gNB
  • Requirements on the ng-eNB
  • Requirements on the AMF
  • Requirements on the SEAF
  • Requirements on the UDM
  • Core network security
  • Trust boundaries
  • Visibility and configurability
  • Requirements for algorithms, and algorithm selection

Security Procedures between UE and 5G Network Functions

  • Primary authentication and key agreement
  • Authentication framework
  • Key hierarchy, key derivation, and distribution scheme
  • Security contexts
  • NAS security mechanisms
  • RRC security mechanisms
  • Security algorithm selection, key establishment and security mode command procedure
  • Security handling in state transitions
  • Security handling in mobility
  • Dual connectivity
  • Security handling for RRC connection re-establishment procedure
  • Subscription identifier privacy
  • UE parameters update via UDM control plane procedure security mechanism
  • Security for non-GPP access to the 5G core network
  • Authentication for Untrusted non-GPP Access
  • Security of interworking
  • Registration procedure for mobility from EPS to 5GS over N26
  • Handover procedure from 5GS to EPS over N26
  • Handover from EPS to 5GS over N26
  • Security procedures for non-service based interfaces
  • Security aspects of IMS emergency session handling
  • Security procedures between UE and external data networks via the 5G Network
  • Security aspects of Network Exposure Function (NEF)
  • Service Based Interfaces (SBI)
  • Services provided by AUSF
  • Services provided by UDM
  • Services provided by NRF
  • Management security for network slices

Evolution of the Trust Model

  • Trust Model
  • user equipment (UE)
  • Tamper proof universal integrated circuit card (UICC)
  • Universal Subscriber Identity Module (USIM)
  • The Radio Access Network (RAN)
  • gNB the 5G base-station
  • Distributed Units (DU) and Central Units (CU)
  • 3GPP 5G Security
  • Trust model of non-roaming scenario.
  • Trust model of roaming scenario

5G Threat Attacks and Surface

  • IoT threat surface with 5G
  • 5G threat surface for massive IoT
  • UE threats
  • Ran threats
  • Rogue base station threat
  • Subscriber privacy threats
  • Core network threats
  • Network slicing threats
  • NFV and SDN threats
  • Interworking and roaming threats
  • Mitigation controls for 5G network, IoT threat mitigation & detection and
  • Mitigation of DDoS attacks
  • 5G network threat mitigation
  • IoT threat mitigation
  • IoT device
  • Security requirements for 5G network massive IoT threats
  • Detection of DDoS attacks against the 5G RAN
  • Mitigation of DDoS attacks against the 5G RAN
  • Protecting 5G networks against DDoS and zero day attacks

5G Security Key Hierarchy

  • The long term secret key (K) provisioned in the USIM and the 5G core network
  • Serving network specific anchor key (KSEAF) derived from K
  • The key hierarchy of 5G
  • K, Cipher Key (CK) and
  • Integrity Key (IK), KAUSF, KSEAF, KAMF, KNASint, KNASenc, KN3IWF,
  • KgNB, KRRCint, KRRCenc, KUPint and KUPenc
  • Algorithms for ciphering and integrity protection
  • Null ciphering and integrity protection algorithms

Ciphering Algorithms

  • 128-bit Ciphering algorithms
  • 128-NEA1
  • 128-NEA2
  • 128-NEA3

Integrity Algorithms

  • 128-Bit integrity algorithms
  • Inputs and outputs
  • 128-NIA1
  • 128-NIA2
  • 128-NIA3

Test Data for the Security Algorithms

  • 128-NEA1
  • 128-NIA1
  • 128-NEA2
  • 128-NIA2
  • 128-NEA3
  • 128-NIA3

Tonex 5G Training Courses and Educational Programs

COURSE NAMELENGTH
5G and mmWave Antenna Engineering Training3 days
5G Citizens Band Radio Services (CBRS) Training2 days
5G Cybersecurity Bootcamp | 3GPP Version4 days
5G for Sales and Tech Sales/Support Training2 days
5G NR Training | 5G New Radio (NR)2 days
5G Security Training | 5G Wireless Security Training4 days
5G Training for Non Engineers | 5G Wireless Training for Non Engineers2 days
5G Training | 5G System Survey Training2 days
5G Wi-Fi Offload Training | LTE-U | LAA2 days
5G Wireless Crash Course4 days
5G Wireless Networks Training | The Fundamentals2 days
5G Wireless Training for Non-Engineers2 days
5G Wireless Training | 5G Technical Fundamentals3 days
C-RAN Training | Cloud-RAN Training2 days
D2D Communications Training | 5G Device to Device Communications2 days
LTE Advanced Pro Training3 days
LTE, LTE-A, and LTE-A Pro Migration to 5G Training3 days
mmW Technology Training | Millimeter Wave Training3 days
Mobile Broadband Transformation Training Bootcamp | 3GPP 5G Training4 days
Next Generation Wireless Networks Crash Course4 days
Non-Orthogonal Multiple Access (NOMA) Training | Future 5G Technologies3 days
Vehicle-to-Vehicle Communications Training | V2V Communications Training | v2v Training3 days
VoNR Training | Voice over New Radio | Voice over 5G Standalone3 days

 

5G Cybersecurity Bootcamp

Request More Information

Please enter contact information followed by your questions, comments and/or request(s):
  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.

Request More Information

  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.