Creating a Fuzzer for Diameter and LTE Telecom Protocols

Diameter is an authentication, authorization and accounting protocol that is widely used between the LTE core nodes by mobile network operators. While multiple methods for connecting subscribers to networks have been used over the years – including exchange and SS7 – Diameter is the latest protocol. While security vulnerabilities in SS7 are well known, it’s often assumed that Diameter is more secure. In this talk, our expert will describe experience in creating a tool for fuzzing Diameter protocols.

The talk will start with short overview of telecom signalling security and then describe vulnerabilities found while using the fuzzing tool. I’ll then cover the technical and administrative challenges specific to fuzzing telecom equipment using examples from our practice. The talk will cover topics such as:

  1. How protocol specifics reflect in fuzzer architecture
  2. Use of existing protocol stacks for building fuzzers
  3. Which additional tools may be needed in MNO Test Lab environment and how to adapt fuzzer for it
  4. How to reproduce issues reliably
    Lessons learned on communication with MNO representatives when vulnerabilities are discovered
Download presentation