Overview
Explore the security landscape of 5G networks and interconnect threats in this comprehensive conference talk from the Hack In The Box Security Conference. Delve into the world of roaming N32 interconnects between 5G SA core networks, examining the crucial external interfaces connecting carriers. Discover how, despite confidentiality, integrity, and authenticity protection measures, application-level filtering by 5G signaling firewalls remains essential for network edge security. Investigate potential 5G security risks, focusing on signaling interconnect messages that could compromise user privacy and expose networks, drawing parallels to predecessor protocols like SS7, Diameter, and GTP-C. Gain insights from Martin Kacer, an experienced Security Researcher with over 15 years in telecom security, as he shares his expertise on interconnect signaling, GSMA security guidelines, and open-source Signalling firewall development. Learn about the evolution of interconnect security, network elements, and roaming interconnects, while exploring attack vectors, risk assessment classification, and message filtering techniques. Dive into a lab environment to understand limitations, examine Python client implementations, and analyze various scenarios including NF instance registration, MF instance ID, location information requests, and parameter injection flows. Conclude with a comprehensive overview of other risky messages and their potential impacts on 5G network security.
Syllabus
Intro
Interconnects
Security Evolution
Network Elements Evolution
Roaming Interconnects
Attack Vectors
Risk Assessment Classification
Messages and Interconnect Filtering
Lab Environment
Limitations
Python Client
Overview
RegisterNF Instance
MF Instance ID
Location Info
Location Request
Response
Parameter Injection
Parameter Injection Flow
Other Risky Messages
Conclusion
Taught by
Hack In The Box Security Conference