Objectives
After completing this course, the learner will be able to:
■ List threats and vulnerabilities in 5G networks
■ Match various mitigation measures with vulnerabilities
■ Sketch the end-to-end 5G security architecture
■ Detail end-to-end 5G security procedures
■ Explain how 5G networks provide authentication, encryption, data integrity, network availability
■ Describe security procedures while roaming
Outline
1. 5G Security Threats and Vulnerabilities
1.1 Types of threats (STRIDE Model)
1.2 RAN and Core network specific threats
Exercise: Match threats and impact
2. 5G Security Architecture Framework
2.1 End-to-end security architecture
2.2 Roles of AUSF, UDM, NEF, NSSAF and NRF
2.3 Control plane vs. User plane security
2.4 Key architectural concepts (Zero Trust, Microsegmentations, etc.)
2.5 Identity and Authentication (SUPI/SUCI, authentication algorithms)
2.6 End-to-end encryption framework
2.7 Security for SBI and non-SBI interfaces (3rd-party services)
2.8 Zero Trust Architecture in 5G networks
Exercise: Match threats to mitigation framework
3. 5G Security Procedures
3.1 Life of a device in 5G networks
3.2 Air interface and RAN security logs analysis
3.3 Core network security flow
3.4 5G interworking with networks (4G, Wi-Fi)
3.5 Security while roaming
Exercise: End-to-end 5G connection security flow
4. Network and Infrastructure Security
4.1 gNodeB security
4.2 Infrastructure access security
4.3 Virtual workload security
4.4 PNF, VNF, CNF security evolution
4.5 Network availability and monitoring
Exercise: Match infrastructure vulnerability with mitigation
