This course is aimed at engineers who want to learn about contemporary Telecom and mobile system reverse engineering, the operation of core Telecom infrastructure within the context of Telecom and Mobile Network operators, and how core telecom infrastructure operates — down to the usage of this service by operators’ mobile apps and handset manufacturers’ platforms. Participants will see how all these technologies mesh together and learn how to make sense of the protocols and applications, from the mobile handset (Android, apps, platform) and enterprise applications (iPBX) all the way to Core Network.
Course Scope
Handsets & Subscriber Applications.
Mobile Phone Usage of the Network and Applications (CS, USSD, SMS, Packet-switched/Data, VAS) — We will look into the protocols used by mobile phones, analyse them, and detail where security problems can appear. Using OsmocomBB, we will analyse live networks around the conference.
Proprietary Apps and their Interface to Telecom Systems — By reversing some proprietary apps, we will see how non-standard interfaces are used within the mobile network. We will use frameworks for both static analysis (dead code, binary form) and dynamic analysis (live running apps, within existing phones/handsets).
Samsung Android Platform (Android + Proprietary Extensions) — We will look into Samsung Android platform specifics and security.
Access Network Protocol Analysis — We will look into the network protocols that are used by mobile handsets with the mobile network.
PBX, Femtocell, and Enterprise Access Methods.
M2M Connection Reverse Engineering.
Corporate Data/Packet-switched Mobile Broadband Connection Analysis — We will analyse and reverse common access setups and protocols to look for the vulnerabilities within these networks. We will look into multiple solutions for corporate access to the network. If time permits, we will look into existing 3G/4G access kits and their vulnerabilities.
Alcatel Lucent OmniPCX iPBX — We will look into the typical setup and vulnerabilities of modern PBX for enterprise access. We will look into the embedded operating system of PBX by extracting it from the hardware.
Commercial SIP Implementation Reverse Engineering and Vulnerability Analysis.
Hardware Embedded SIP TA Audit and Reverse Engineering.
Femtocell Security Vulnerabilities and Reverse Engineering.
Core Network Protocols and Network Elements.
We will dig into Core Network protocols, reverse engineer some specified and some proprietary Telecom Core Network protocols.
The training will show the various attack surfaces for these networks and show the impact of vulnerabilities for each network element.
Legacy Core Network Element Analysis; Nokia DX200 Core Network Element (legacy, monolithic)—description and analysis.
Huawei MGW8900 Core Network Element (legacy, monolithic, VxWorks + FPGA) — description, analysis, and reverse engineering.
Huawei HSS / MSC Core Network Element (ATCA, recent, Linux + FPGA) — description, analysis, and reverse engineering.
ZTE Core Network Element (ATCA, recent, Linux) — description, analysis, and reverse engineering.
Prerequisites
Basic knowledge of Telecom and network principles; 2G, 3G, 4G; OSI network layers; basic knowledge of Telecom technology.
Laptop with Linux installed either in a VM or native. Backtrack or Ubuntu with reverse engineering and hacking tools recommended.
Understand and be able to use Wireshark and Linux for reverse engineering (strings, knowledge of tools in Backtrack for reverse engineering).
Mobile phone (Android recommended) and working SIM card with sufficient credit for voice, SMS, and data.
Additional SIM cards recommended.
Legal IDA Pro license recommended.
Training Structure
Five-day training divided into logical sessions.
Methodology
Instructor-led training. Participants will receive an evaluation access vulnerability scanner for telecom infrastructure and a developer account for mobile security platform.
I am very impressed with the trainer's knowledge and experience.
The trainer is capable of answering all my questions.
A clear picture of GSM switching and signalling.
I feel like the trainer is the best professor and mentor one can have.
Good logical structure of the course and explanation.
A good approach to a complex problem.
Experienced trainer. Excellent descriptions.
Training was above expectations!
Trainer understands local market experience.
Trainer is open for comments and discussion.
A lot of useful materials and knowledge.
Very clear explanations.
Course covers all important issues and presents relevant examples.
Trainer was able to answer practical questions.
More than excellent course!
The training exceeded my expectations.
I can proudly recommend these courses for others as well.
The course exceeded my expectations. Hats off!
Trainers have passion to teach & impart knowledge.
Excellent knowledge from the trainer.
The training is completely excellent.
Trainer understands local market experience.
The best training ever.
Many different people from different operators can share their problems and ideas.
I received a lot of useful information which I use in my work every day.
Good class notes and great examples.
Everyone gets individual attention from the trainer.
Seminar entirely for Telecommunication operators. A lot of issues covered.
Training provides useful methods to analyze real protocols.
Professional, high-quality trainer.
Regardless of technology I received theoretical and practical answers.
Overwhelming knowledge and expertise. Interactive and enjoyable learning.
This course will be very useful in my daily work.
The course covers all the impacted areas.
Experienced trainer. Real cases with references to recommendations.
The whole course was very valuable.
Highly professional trainer with lots of practical experience. Friendly and open.
Great teacher with deep knowledge and experience.
Excellent methodology of teaching. Simple and easy to understand training.
Amazing, more than excellent, audience-oriented trainer.
Excellent course and instructor.
Very well organized training programmes.
Excellent exercises!
Good direct connection between course material and real problems.
Perfect course.
Deep and detailed topic analysis.
Excellent, knowledgeable trainer, open to communication.
Unique training covering the most important areas of my work.
Really practical and very fruitful training.
Very effective training methods.
Trainer adapted to the expectations of the audience.
This web page uses cookies to deliver services in accordance with Privacy Policy. You can specify the conditions for cookies storage and access in your browser. No change in your browser settings will mean that you agree to the use of cookies.
