TS-051

TELECOM SECURITY RISKS

Security Training
Course Reference: TS-051

P1 Security. All rights reserved.

Contact:
Philippe Langlois
phil@p1sec.com
+33 98045 0447

TS-051 Telecom Security risks

Telecom security risks

Description of Training Class

This training provides managers, engineers and operations teams with a strong
knowledge in telecom security in order to understand telecom security and
frauds. The direct result is a capability to understand how fraudsters and more
seriously, how attackers can abuse the system and attack Mobile Network
Operators, fixed-lines operators, VoIP providers and in general any company
telecom-related.

Audience:

Managers, project leaders, team leaders

Fraud teams
Operation teams
Engineering teams
Security teams

Duration

Unique version: 2 days

Attendees will receive

Training material: Slides copy of the presenter.

Pre-requisites of training class

Basic knowledge of telecom & network principles;

o What is 2G, 3G, 4G;
o OSI network layers;
Basic knowledge of telecom technologies

Covered in this training

Introduction to Telecom Security

Telecom Frauds descriptions and case studies
o A bit of history: from the first frauds to the last ones
o Understanding the general principles of telecom frauds and the
underlying laws
o Fraud management systems (FMS) and FRA.
o Limits of CDR based fraud detection and security.

P1 Security. All rights reserved.

o From a legal standpoint

o Fraud and institutions (GSMA, 3GPP, CFCA, Fight FAS, I3)
o Fraud and law enforcement
o Deep inside Fraud Case studies
Telecom Security introduction
o Availability: From crash to Denial of Service
o Confidentiality: What is at stake with the operators?
o Integrity: How secure and trustworthy are we?
o Billing: Protecting revenue, from leakage, protection, collection,
traceability.
o Underlying technologies, risks, organization.
o Legal Interception (LI), CALEA, legal requirements and related
systems.
Telecom Security attacks and problems
o Introduction to case studies and generic list
o Practical SIM fraud (Case study)
o Attacking the signaling network: Risks and attacks on SS7 and
SIGTRAN
o Privacy attacks and HLR Requests, dangers ahead
o Country-Wide Denial of Service
o User-Targeted Denial of Service
o VoIP related attacks and security risks
o Manipulating the operators network
o Attack on the radio: GSM, 3G / UMTS, 4G / LTE / LTE Advanced.
o User centered attacks: From SMS and MMS to high-profile attacks
o Mobile Malware and Application: the Smartphone challenge to
security
Telecom Security risk mitigation
o Network-centric mitigation
o End-user-centric mitigation
o Systemic & organization security measures
o Reducing the footprint and attack surface
o Organizational security and procedures
o How to watch the unknown
o Auditing Telecom Security: the proactive protection
o Planning Telecom Security: drawing the way
o Monitoring Telecom Security: reactive qualities

P1 Security. All rights reserved.

About P1 Security Inc.
P1 Security is a vendor independent, technology pioneer and leader in Telecom
Security Audit products with patent pending technology and top research and
development recognized by the GSM Association.

Experts from P1 Security give conferences and training on SIGTRAN and SS7
security worldwide.

Visit our website at www.p1sec.com or contact us for further information.

Contact

Email: sales@p1sec.com
Web: http://www.p1security.com
Address: P1 Security, 231 rue Saint Honor, 75001 Paris, France

P1 Security. All rights reserved.