Preliminary Agenda for Troopers 2014 Telco Sec Day

Given we’ve received a number of inquiries as for the agenda of this year’s TelcoSecDay here’s a first preliminary agenda. To get an idea of the event’s character you might have a look at the agenda of the 2012 edition or the 2013 edition. Pls note that there might be changes/additions to the following outline as we’re currently discussing potential contributions with two European operators. Here we go, for today:

9:00: Opening Remarks & Introduction
9:15: Ravi Borgaonkor – Evolution of SIM Card Security
10:15: Break
10:45: Adrian Dabrowski
11:45: Collin Mulliner – PatchDroid – Third Party Security Patches for Android
12:30: Lunch
13:45: Philippe Langlois
14:45: Break
15:15: Haya Shulman – The Illusion of Challenge-Response Authentication
16:00: Christian Sielaff & Daniel Hauenstein – Breaking Network Monitoring Tools Used in Telco Space
16:30: Closing Remarks
19:00: Joint dinner (hosted by ERNW) in Heidelberg Altstadt for those interested and/or staying for the main conference

Synopses & Bios

Ravi Borgaonkor: Evolution of SIM Card Security
Synopsis: Since its creation in 1991, the SIM card is still a vital component in cellular communications systems. It plays a critical role in authentication and in generating key material to protect our sensitive data (call, SMS, mobile data) transmitted over-the-air. Recent years, they have changed in sizes from Full-Size (FF) to Nano-SIM (4FF) to embedded-SIM. While modifying sizes, 3GPP/GSMA also changed various security parameters such as security algorithms, provisioning architecture etc. In this talk, we discuss the new security architecture of embedded SIM which is recently proposed by the GSMA in December 2013. Pros and Cons of the new security changes will be presented along with different attacking vectors.

Bio: Ravi works as a researcher in the the Security in Telecommunications department at Technical University Berlin. His research themes are related to mobile telecommunication and involved security threats. This ranges from GSM/UMTS/LTE, network security to end-user device security. His contribution of the TelcoSecDay 2013 can be found here.


Collin Mulliner: PatchDroid – Third Party Security Patches for Android

Synopsis: Android is currently the largest mobile platform with around 750 million devices worldwide. Unfortunately, more than 30% of all devices contain publicly known security vulnerabilities and, in practice, cannot be updated through normal mechanisms since they are not longer supported by the manufacturer and mobile operator. This failure of traditional patch distribution systems has resulted in the creation of a large population of vulnerable mobile devices. In this talk we present PatchDroid, a system to distribute and apply third-party security patches for Android. Our system is designed for device-independent patch creation, and uses in-memory patching techniques to address vulnerabilities in both native and managed code. We created a fully usable prototype of PatchDroid, including a number of patches for well-known vulnerabilities in Android devices. We evaluated our system on different devices from multiple manufacturers and show that we can efficiently patch security vulnerabilities on Android devices without impacting performance or usability. Therefore, PatchDroid represents a realistic path towards dramatically reducing the number of exploitable Android devices in the wild.

Bio: Collin Mulliner is a postdoctoral researcher in the Systems Security Lab at Northeastern University. Collin’s main interest is the security and privacy of mobile and embedded systems with an emphasis on mobile and smart phones. Since 1997 Collin worked on all kinds of mobile devices and touched most of the mobile platforms for either software development or security work. Collin received a Ph.D. from the Technische Universitaet Berlin in 2011, and a M.S. and B.S. in computer science from UC Santa Barbara and FH-Darmstadt, respectively. Collin has a broad interest in systems security that is somehow connected to mobile devices and cellular infrastructure. He has a specific interest in vulnerability analysis and offensive security but recently switched his focus to the defensive side to work on mitigations and countermeasures.


Philippe Langlois: tbd.

Bio: Founder of P1 Security and Senior Researcher for Telecom Security Task Force. Philippe Langlois has proven expertise in network security. He founded and led technical teams in several security companies (Qualys, WaveSecurity, INTRINsec) as well as security research teams (Solsoft, TSTF). He founded Qualys and led the world-leading vulnerability assessment service. He founded a pioneering network security company Intrinsec in 1995 in France, as well as Worldnet, France’s first public Internet service provider, in 1993. Philippe was also lead designer for Payline, one of the first e-commerce payment gateways. He has written and translated security books, including some of the earliest references in the field of computer security, and has been giving speeches on network security since 1995 (Interop, BlackHat, HITB Dubai, Now Philippe is providing with P1 Security the first Core Network Telecom Signaling security scanner which help telecom companies, operator and government analyze where and how their critical telecom network infrastructure can be attacked. He can be reached through his website at:

Haya Shulman: The Illusion of Challenge-Response Authentication

Synopsis: Most Internet services and systems still rely on challenge-response defences for their security against attacks by off-path adversaries. We present techniques allowing to subvert standard and widely supported defences, and show how to facilitate them for DNS cache poisoning attacks. We propose short term countermeasures, preventing our attacks, however, we argue that in the long term, cryptographic defences should be deployed, providing security even against stronger man-in-the-middle adversaries.

Bio: Haya Shulman is a postdoctoral fellow in the European Center for Security and Privacy by Design (EC-SPRIDE) headed by Prof. Dr. Michael Waidner at Technische Universitaet Darmstadt. Her research interests are in network and cyber security, focusing on attacks on performance and correctness, and on devising countermeasures. Haya conducted her Ph.D. at the Department of Computer Science, Bar Ilan University, Israel, under the supervision of Prof. Dr. Amir Herzberg. Her PhD thesis is on network security. In 2009 Haya graduated her M.Sc. studies, also in the dept. of Computer Science, with thesis on Secure Execution of Software in Remote, Hostile Environment. In 2011 and 2013 she received the ‘Checkpoint Institute for Information Security (CPIIS)’ awards, in 2013 she received the Feder prize for her research in communication technologies and an ICANN research fellowship.


Christian Sielaff & Daniel Hauenstein: Breaking Network Monitoring Tools Used in Telco Space

This will be a 30 min excerpt of our talk at the main conference, focusing on the technical details of the actual exploitation of monitoring solutions and the impact this may have for Telco networks.



Please contact us if you think you should be part of the workshop (it’s invitation only, without any fees) and/or you think you can provide a contribution of interest for the group.





Leave a Reply

Your email address will not be published. Required fields are marked *