Telecom Security Glossary

The 5G NR base station component responsible for radio communication with high-speed UE.

The 4G LTE hardware that communicates directly with mobile handsets.

A movement toward disaggregated, multi-vendor RAN using open-source software and general-purpose hardware.

High-capacity antenna technology using large arrays to focus signals and increase spectral efficiency.

The functional decomposition of a base station into Centralized, Distributed, and Radio units.

Precision signal processing that focuses radio energy toward specific users to reduce interference.

Protocols used for the high-bandwidth interface (fronthaul) between Radio Units and baseband units.

The legacy backbone of global telephony signaling, vulnerable to location tracking and SMS interception.

The 4G evolution of RADIUS, providing AAA (Authentication, Authorization, Accounting) for LTE.

The transport protocol for the 5G Service-Based Architecture, replacing Diameter with RESTful APIs.

High-level signaling between the handset and the Core network (e.g., MME or AMF).

Low-level signaling between the handset and the base station managing radio bearer setup.

An SS7 protocol used for roaming management and subscriber authentication in 2G/3G.

The tunneling protocol used to carry user data across 4G and 5G core networks.

Intelligent network protocol enabling prepaid and advanced roaming services in legacy networks.

The cloud-native heart of 5G, utilizing microservices and containerized network functions. Central to our [Corporate Training](/services/corporate-training/) modules.

The IP-based core infrastructure for 4G LTE networks, often simulated in our [Dedicated Labs](/services/dedicated-labs/).

The single point of entry for control plane signaling in 5G.

The 4G legacy counterpart to the AMF, managing tracking and paging.

The high-performance gateway in 5G that handles all subscriber data traffic.

Databases containing subscriber profiles, authentication keys, and service permissions.

The framework responsible for delivering Voice over LTE (VoLTE) and advanced messaging.

The 4G gateways responsible for routing traffic and assigning IP addresses to mobile devices.

The orchestration platform for managing containerized network functions at scale.

The practice of replacing specialized hardware with software on commodity servers.

An architecture that decouples network control from the data forwarding plane.

A telecom application designed to run natively in containerized cloud environments.

A dedicated infrastructure layer for managing service-to-service communication (e.g., Istio).

A low-power wide-area (LPWA) technology designed for small-data device connectivity.

An embedded SIM that allows for remote carrier provisioning without physical card swapping.

A wide-area network designed to support long-range communication at low bit rates.

A lightweight messaging protocol designed for high-latency, low-bandwidth networks.

The core mechanism for mutual authentication between a device and the network.

An encrypted version of the IMSI, preventing passive identity theft in 5G.

A high-security proxy located at the edge of the 5G Core to protect roaming interconnects.

Algorithms used to generate cryptographic keys from a shared secret anchor.

The equipment that transmits and receives radio signals, usually mounted on the cell tower.

The "brain" of the base station that processes digital signals before sending them to the core.

The fiber or microwave links connecting RRUs to BBUs (fronthaul) and BBUs to the Core (backhaul).

Low-power radio nodes used to increase capacity in high-density urban areas or indoor environments.

Hardware like USRP or BladeRF used by researchers to transmit/receive cellular signals.

Open-source implementations of the 5G/4G core and radio stack used for security testing.

The primary tool for analyzing captured telecom traffic with specialized dissectors.

A software toolkit for signal processing used to build custom cellular transceivers.

The use of deceptive SMS messages to trick users into revealing sensitive data or installing malware.

An attack or failure where a massive number of control plane messages cripples the network core.

Exploiting vulnerabilities in inter-carrier signaling to bypass billing or intercept traffic.

Denial of Service (DoS) attacks targeting finite radio or compute resources in the RAN.