Bhadra framework: Threat modeling for mobile communication systems
By : Sid Rao
Date: 17 Sep 2021
Time: 04:00 p.m.
Mobile communication systems (aKa Telco networks) are complex because they contain different architectures, subsystems, technologies, and an ever-growing list of new features. Due to this, most of the security efforts are scattered across the underlying complexity, and it has resulted in an obscure view of the overall security of the entire. On top of this, there is no domain-specific threat modeling framework for mobile communication systems, which makes it challenging to have a common view of security events.
We at Nokia Bell Labs have come up with the Bhadra framework to address the above issues. Bhadra, in a nutshell, is a structured way to talk about security events (e.g., attacks, incidents, or threats) using a common language and reference framework describing adversary behaviors in telecom networks. It is designed to model adversarial behavior in its attack phases and to be used as a common taxonomy matrix. Taking inspiration from the MITRE ATT&CK framework, we have systematically organized publicly known attacks into various tactics and techniques. We also have built a web tool to assist with modeling activities, e.g., for annotating and visualizing.
Although Bhadra is in its infancy, it has sought the attention of many key players in the mobile communication industry and picking up momentum. Nevertheless, this is just the beginning. We want this research activity to be a community-driven initiative. So, all your suggestions, critics, and contributions are more than welcome.
In this talk, besides introducing the Bhadra framework, I will address some of the questions you probably already have at this point; Why is telco different? Why can't we use MITRE ATT&CK or any other existing frameworks? What are the use cases of this framework? What next? How can we contribute? etc.
Sid Rao is a security and privacy researcher at Nokia Bell Labs and Aalto University Finland. He is a system security researcher who specializes in the security analysis of communication protocols, architectures, and recently, usability and human factors of security. He has previously given talks at security conferences such as Def Con, Blackhat, hack.lu, and Troopers.