Overview
Explore the vulnerabilities in next-generation roaming networks through this Black Hat conference talk. Delve into the workings of Diameter-based networks, examining their messages and functions, and uncover potential exploits attackers could leverage. Learn about signaling between providers, security research, and the properties of 4G networks. Compare Diameter with SS7 protocols, and understand techniques for tracking subscribers, data transport, billing fraud, and denial of service attacks. Discover tools for Diameter enumeration and gain insights into host spoofing and message cross-checking. Conclude with recommendations for securing these networks and participate in a Q&A session to deepen your understanding of next-gen roaming network security.
Syllabus
Introduction
Signaling between providers
Security research
SAS7 tool
Properties of 4G
Diameter
Interfaces
Diameter Protocol
Device Watchdog Request
Diameter Messages
Diameter vs SS7
Tracking subscribers
Data transport
Billing fraud
Denial of service
Host origin
Host Names
Spoofing
Crosschecking messages
Diameter enum
Demo
A quick comment
Diameter enum tool
Recommendations
Conclusions
QA
Taught by
Black Hat