5G Security Operations — SOC for 5G Core Networks · Pro

Service-Based Interface attack vectors

SBI Attack Vectors

The Service-Based Interface — HTTP/2 over TLS with OAuth tokens — has several attack vectors. Token theft: an attacker who obtains a valid OAuth token can make SBI calls until the token expires. Mitigations: short token lifetimes (typically 30-60 minutes), scope limitations, monitoring for token reuse patterns from unexpected sources. NF impersonation: an attacker who can present a valid TLS client certificate matching a legitimate NF can impersonate that NF. Mitigations: strict certificate issuance with internal CA, short certificate lifetimes, certificate revocation monitoring, and binding…

Continue reading with Pro

Your free trial has ended. Subscribe to unlock the full lesson plus all 32 advanced levels, 900 lessons, labs, and 17 TELCOMA certification exams.

$19/month or $199/year·7-day money-back guarantee·Cancel anytime