VoLTE Security Training

Commitment 2 Days, 7-8 hours a day.
Language English
User Ratings Average User Rating 4.8 See what learners said
Delivery Options Instructor-Led Onsite, Online, and Classroom Live


Learn how to validate attacks using commodity smartphones/UE (rooted and unrooted) in international mobile carriers: UE OS and chipset, prohibit non-VoLTE apps from accessing, injecting packets into VoLTE control and data planes, IPv6 attacks, and more. VoLTE Security Training covers all VoLTE security and insecurity aspects of voice, video, and multimedia solutions in LTE, EPC, and IMS networks. The VoLTE Security Training course provides essential knowledge and skills for engineers and non-engineers who are concerned with LTE, EPC, IMS, and  VoLTE security, insecurity, and performance.

Voice over LTE (VoLTE) is an integrated and essential foundation for the future of mobile service provider business models in the transition from 2G and 3G networks to LTE and VoLTE. Migration to VoLTE will have performance, interoperability, security, signaling, and billing challenges for mobile operators and need to be addressed. VoLTE (Voice-over-LTE) as the designated voice solution to the LTE mobile network using EPC and IMS networks have to address VoLTE security before full rollout. Learn about several vulnerabilities in both LTE, EPC, and IMS control plane and user plane functions, which can be exploited to disrupt both data and voice services in operational networks.

  • 2 days of VoLTE Security Training with an expert instructor
  • VoLTE Security Electronic Course Guide
  • Certificate of Completion
  • 100% Satisfaction Guarantee



Upon completing this VoLTE Security Training course, learners will be able to meet these objectives:

  • Understand LTE, IMS and VoLTE
  • Learn VoLTE security issues
  • Identify VoLTE security features
  • Evaluate VoLTE security
  • Understand the threats and security holes with VoLTE call control protocols
  • Identify IMS and SIP Security Features and learn how to configure and administer those features
  • Learn SIP security issues including Port usage risk, firewall inspection, and NAT configurations
  • Examine VoLTE best practices to support risk mitigation
  • Examine VoLTE management tools and best practices to support risk mitigation
  • Learn how NAT, STUN, TURN, ICE, and IMS security nodes and firewalls impact call setup, media streams, latency, and application-level gateway
  • Understand SIP NAT Traversal
  • Examine how to overcome NAT issues using STUN, TURN, and ICE
  • Examine cryptographic protocols, Datagram Transport Layer Security (DTLS) protocol, Secure Real-time Transport Protocol (SRTP) protocol, and Session Description Protocol Security Descriptions (SDES) protocol
  • We can adapt this VoLTE Security course to your group’s background and work requirements at little to no added cost.
  • If you are familiar with some aspects of this VoLTE Security Training course, we can omit or shorten their discussion.
  • We can adjust the emphasis placed on the various topics or build the training around the mix of technologies of interest to you (including technologies other than those included in this outline).
  • If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the VoLTE Security Training course in a manner understandable to lay audiences.

The target audience for this VoLTE Security Training course:

  • IT managers, network engineers, telecom managers, security managers, IT auditors, project managers, analysts, security engineers, security administrators, or any technical professional working with or planning to work with commercial and government-based VoLTE technologies including Security professionals, incident handling teams, penetration testers, auditors, network security planning teams, network administrators, IT and telecom engineers, and IT security management. This course is also beneficial for the homeland security community, DoD, and crime prevention/investigation officers.

The knowledge and skills that a learner must have before attending this VoLTE Security Training course are:


Overview of Voice over LTE (VoLTE)
  • Traditional Mobile Systems
  • VoLTE network architecture
  • VoLTE protocols
  • VoLTE signaling, media, and supporting protocols
  • VoLTE support protocols
  • VoLTE proprietary protocols
  • VoLTE media protocols
VoLTE Security Issues
  • VOLTE Risks, Threats, and Vulnerabilities
  • Confidentiality and Privacy
  • Integrity Issues
  • Availability and Denial of Service
  • Proxy Servers
  • Encryption Issues and Performance
  • Existing Security Features within the SIP Protocol
  • Authentication of Signaling Data using HTTP Digest Authentication
  • S/MIME Usage within SIP
  • Confidentiality of Media Data
  • TLS usage within SIP
  • IPSEC usage within SIP
  • Security Enhancements for SIP
  • VoLTE scenarios through protocols
  • Application-Layer Gateways (ALG’s)
  • Session Border Controllers (SBC’s)
VoLTE Security Training – VoLTE Attack Vectors
  • Mobile network to the attacker
  • VoLTE Security Threat Overview
  • LTE, IMS, IP, and Voice Network Designs
  • Types of attacks
  • Denial of Service (DOS)
  • TCP/IP insecurity
  • Eavesdropping
  • Sniffing/Snooping/Wiretapping
  • Quality of Service Issues
  • Quality of Service Implications for Security
  • Best Practices
  • Hacking terminal equipment identity (IMEI) of a called party
  • Leaking geolocation information of a callee
  • P-CSCF and Session Border Controller (SBC)
  • DDOS attack from mobile terminals
  • Dealing with Attacks
  • Integrity, Confidentiality, Authentication and Non-repudiation
  • Eavesdropping
  • Jamming
  • Active modification
  • Toll stealing
  • Unauthorized Access
  • Toll Fraud
  • Application Layer Attack Mitigation
  • Secure VoLTE protocols
  • DTLS, S/MIME, SIP over IPSec, and SIP identity
  • VoLTE supporting infrastructure
VoLTE Security Training – VoLTE Defense and Mitigation
  • Hardened SBC DDOS handling
  • SIP INVITE phone number enumeration
  • INVITE rate-limiting function
  • Embed information in SDP
  • Limit the size of SDP
  • Source ID spoofing
  • Policing by SBC
    Topology leak on key SIP headers
  • SBC strips out unnecessary headers
  • Leaking IMEI information
  • Uniform Resource Name (URN) pattern
  • Excluding information on responses
  • Geolocation information
  • IMS implementations
  • Cell ID of the callee
  • P-Access-Network-Info header of responses
  • SBC strips out unnecessary headers
  • VoLTE Network Security Design
Secure VoLTE Protocols
  • VLANs, port security controls, and 802.1x/EAP
  • SIP MD5 authentication, Secure SIP (SIPS or SIP/TLS)
  • SIP over DTLS, S/MIME
  • SIP over IPSec, and SIP identity
  • Media protocols
  • SRTP, SDES, secure call recording, and RTP over IPSec
  • Key-exchange protocols
  • MIKEY, descriptions, ZRTP, and DTLS-SRTP
  • Man-in-the-Middle (MitM), port scanning, and banner grabbing
  • ARP spoofing and MitM attacks
  • VoLTE signaling attacks: (SIP-based)
  • VoLTE Media Attacks: (RTP-based)
  • RTP eavesdropping
  • Voice conversations and DTMF tones
  • RTP recording
  • RTP manipulation
  • Replacing, inserting, and mixing audio in standard and MitM scenarios
  • Signaling plane
  • Call setup and tear down
  • Gateways and endpoints
  • Management plane
VoLTE Security and Audit Policies
  • Policy Creation
  • Policy Conformance
  • Incident Handling
  • Auditing Standards and Certifications
  • Basic Auditing and Assessing Strategies
  • The Six-Step Audit Process
VoLTE Security TrainingVoLTE Security Training Course Recap, Q/A, and Evaluations


    Are you Human?