This course provides Telco professionals and network engineers with a practical, hands-on understanding of Protocol Data Units (PDUs) and their critical role in network communications. Participants will learn how PDUs operate across different network layers, how to analyze their structure and flows, and how to detect and mitigate security risks that can compromise Telco services.

 

The training covers three main areas:

• PDU Fundamentals – Learn the anatomy of PDUs at each network layer and how they carry signaling and media traffic in Telco networks.

• Standard PDU Flows – Understand typical transmission scenarios for voice, data, and signaling, and learn to identify normal versus abnormal flows.

• Non-Standard & Advanced PDU Flows – Examine complex scenarios such as forwarded traffic, handovers, and QoS-sensitive PDUs, with a focus on security implications..

Why This Skills Matter? 

 

​

PDUs are the fundamental units of data that drive all Telco communications, from signaling to media transmission. Mismanaged or manipulated PDUs can lead to service disruptions, security breaches, and revenue loss.

 

Mastering PDU analysis and security enables professionals to detect anomalies, prevent attacks, and ensure reliable, secure network operations, especially in complex 5G, LTE, and cloud-based Telco environments.

 

​​​

Entry requirements

​

• At least 3 years of cyber security experience

​

• Min. 1 year of work experience in telecommunication

​

• Been through Tel 1-1 - 5G Basics in CyberXCenter, knowing the basic fundamentals of Telecommunication network

 

 

​

By mastering PDU analysis and security, you become the guardian of Telco communications—protecting networks, ensuring uninterrupted services, and safeguarding the trust of millions of users. Your skills turn invisible data into reliable, secure, and resilient connections that power modern life.

 

 

 

​​

​

COURSE DURATION: 

​

​

• 3 days of Instructor-led training 

 

 

 

 

​

EXPECTATION AFTER THE TRAINING 

​

​

After completing this course, participants will be able to:

​

• Understand and Analyze PDU Protocols: Comprehend PDU structure, data flow, and interaction across different network layers.

 

• Identify and Mitigate Security Threats: Detect vulnerabilities such as PDU manipulation, misrouting, and replay attacks, and implement effective mitigation strategies.

​

• Secure Telco PDU Deployments: Apply best practices for data encapsulation, validation, and encryption to secure PDU handling.

 

• Monitor and Respond to PDU Events: Use tools to capture and analyze PDU traffic, detect anomalies, and respond to incidents effectively.

​

• Apply Knowledge to Real-World Scenarios: Confidently manage PDU flows in 5G, cloud, or enterprise environments while minimizing operational and security risks.

​

​

​

​

​

​

 

WHAT WILL BE COVERED IN THE COURSE: 

 

​

1. PDU Fundamentals

• Objectives: Understand the anatomy of PDUs and how they carry data across networks.

• PDU structure at different layers:

  • Layer 2: Ethernet frames

  • Layer 3: IP packets

  • Layer 4: TCP/UDP segments

  • Layer 5–7: Application PDUs (SIP, RTP, Diameter, GTP)

 

• Headers, payloads, and trailers explained

• Relationship between PDUs and network protocols

• Hands-on Demo:

  • Capture and analyze PDUs using Wireshark

  • Identify headers, payloads, and protocol types

 

2. Telecom Identifiers - IMSI, IMEI and other components

• HARDWARE IDENTITY

  • IMEI: The Device Fingerprint

  • Permanent Equipment Identifier (PEI)

  • IMEISV: Tracking Software Versions

  • SUCI, GUTI, TMSI

  • ICCID to EID: The Hardware Shift

  • EID: The eUICC Identifier

• SUBSCRIBER IDENTITY

  • ICCID: (e)SIM Identity

  • IMSI: Global Routing & Identity

  • IMSI vs. MSISDN: Internal vs. Public

  • SUPI: The 5G Permanent Identity

• PRIVACY & SECURITY

  • SUCI: Concealing the Identity

  • ECIES: The Encryption Engine

• MOBILITY

  • GUTI: Rotating Identity for Privacy

  • GUAMI: Globally Unique AMF Identifier

 

3. Protocol Analysis on:

• Reference Point Architecture versus Service Based Architecture

• Xn and NG Interface

• Next Generation Application Protocol (NGAP)

  • 5G NR Initial Access: UE to gNB Signaling

  • NAS-5G (N1): Non-Access Stratum in 5G System

  • N2: NGAP Protocol

  • NGAP Class 1 Procedures: Request-Response

  • NGAP Class 2 Procedures: Unconfirmed Signaling

• Next Generation Application Protocol (NGAP)

  • GPRS Tunnelling Protocol User Plane (GTP-U)

  • TEID: The Routing Key

  • The flow of UE connecting to UPF (N3) - Request

  • The flow of UE connecting to UPF (N3) - Response

• Next Generation Application Protocol (NGAP)

  • PFCP (Packet Forwarding Control Protocol)

  • PFCP Message Format

  • PFCP Association: Establishing the Trust

  • Procedure: Session Establishment Flow

  • FAR: Forwarding Action Rules

  • URR: Usage Reporting and Charging Rule

 

4. Standard PDU Flows

• Objectives: Understand normal PDU flows in Telco networks for voice, data, and signaling.

• PDU flow during call setup and teardown (SIP + RTP)

• PDU flow in data transmission (GTP, Diameter for LTE/5G)

• Common network scenarios: successful transmission, retransmission, timeout

• Layered PDU interactions across OSI/TCP-IP stack

• Hands-on Demo:

  • Trace PDUs during a voice call or LTE data session

  • Identify normal vs abnormal flows

​

5. Non Standard Flow of PDU

• PDUs in multi-path routing and load balancing scenarios

• Conditional signaling PDUs (e.g., forwarded calls, handovers in LTE/5G)

• PDU behavior in QoS-enabled networks (priority, delay-sensitive traffic)

• Impact of misconfigurations on security and service quality

• Hands-on Demo:

  • Analyze PDU flows for call forwarding or handover scenarios

  • Identify anomalies and security gaps

 

 

6. Best Practices and Future Trends

• PDU security in 5G, IoT, and cloud-based Telco networks

• Automation and AI-assisted monitoring of PDUs

• Best practices for secure PDU handling and network hardening

​

​