Presentation is loading. Please wait.

Presentation is loading. Please wait.

Layer One challenge Biró László Miklós HA5YAR

Published byJulian Walters Modified over 8 years ago

Similar presentations

Presentation on theme: "Layer One challenge Biró László Miklós HA5YAR"— Presentation transcript:

1 Layer One challenge Biró László Miklós HA5YAR Laszlo.biro@samunet.hu

2 The well-known OSI layers... When we are talking about protecting our network almost everybody think about Layer 2-3 or 4 But what about Layer 1?

3 What type of media can we use? Copper, optical fiber are not dangerous. The line tapping can easily be detected. Wireless part is an other story

4 Local wifi? Not a big deal... Eavesdropping is easy and traceless... But almost useless...

5 Let's see something more interesting...

6 ...or this one?... Non of participants would be happy if you could capture this communication...

7 Wireless layer one - cannot be encrypted - cannot be protected - eavesdropping cannot be detected - eavesdropping cannot be prevented … but you can try to make the eavesdropping difficult...

8 Traditional two-way radio communication You only have to set the appropriate frequency and push (then release) the button...

9 Digital radio communication - Integrated voice- and data transfer - Encrypted digital content - Multiple communication frequencies - Quasi-random and rapid frequency changes (“hopping”)

10 What is the “frequency hopping”? (aka spread-spectrum communication) Conventional receiver cannot read it!

11 How does it work?

12 If you want to recover the message: - You have to capture all of transmitted packages - You have to concatenate them in the appropriate sequence - Then, you have to break the encryption It's really easy if you know the frequency generating algorithm. Otherwise the life is hard... A commercial “hopping table” contains 17 frequencies with about 1 MHz spacing.

13 Do you have a frequency- hopping device in your pocket? I was pretty sure you did... How can it work?

14 What type of receiver can be used? We will need a so-called software defined radio. That receiver is able to “see” together significant part of RF spectrum. It's like the good old “panoramic receivers” but SDRs can read several frequencies simultaneously

15 This is a professional SDR and I will use this nice receiver for the demonstration.

16 Let's check my mobile phone! It's a very simple dual band GSM phone and now I will turn it on: What's happened?

17 Next step: continuous communication with the tower

18 Let’s have a closer look! Power envelope shows the spreaded use of the band.

19 More closer!

20 Even more closer… The bursts between the principal frequencies came from the distortion of the power stage of the transmitter!

21 Every moving dot is a data package! Waterfall diagram

22 Why frequency hopping is useful? In wireless communication: - Protected against jamming - Protected against QRM - Hard to capture the conversation - Conversation can be hidden into the backgroud noise. - convetional receivers cannot read it

23 Why frequency hopping is useful? In (military) radar application: If the radar station randomly changes its frequency - hard to detect the target tracking mode - hard to find the location of the radar station Search/Tracking

24 How can we disguise the tracking mode? If the frequency of the beam randomly changes the aircraft will not consider it a tracking beam!

25 How capture we read the spread- spectrum conversation? We need SDR receiver. The problem with the Rohde & Schwarz receiver shown above is the price tag: 100.000 euros… Could we use something less expensive?

26 Those SDRs are between 10 and 50 $. The problem is the speed and the sampling resolution

27 If I want to capture and concatenate the transmitted blocks I must be able to recognize what blocks come from the same transmitter. Major (identifying) peculiarities of any transmitter: - harmonic content of the first some ten waves - envelope of the first some ten waves

28 Harmonic content: can be determined by FFT A Hungarian name who added a lot to this technique: Dr. Székely Vladimir

29 Shape of the envelope

30 Why the first some ten waves? Neither the harmonic content nor the envelope shape can be forged! Those are the fingerprints of the radio/radar transmitter!!!

31 What a surprize! The name of this technique is Transmitter fingerprinting!

32 We only have to… - Inspect every single newly active frequencies - Calculate their harmonic contents and levels - Digitize and store the envelope shape - Store the whole staff in a „peculiarity table” If the harmonic levels and the envelope shapes are the same in two line, the transmission comes from the same source/transmitter

33 Calculation takes time… How much time do we have? Let’s see: - one full hop is 1/3200 sec = 311 usec - dwell time can be about 250 usec - if the frequency is 300 MHz the first 20 waves take 70 nsec During this 7 nsec we should be able to calculate everything! It is impossible!!!

34 If only we could use the whole dwell time (250 usec)… Delay line: -if you gain time, you gain information

35 How it works?

36 Running through the delay line neither the harmonic content nor the envelope of the signal changes!

37 How can I use it?

38 An advanced version:

39 Feel free to try it, feel free to use it, but don”t forget; this is a copyrighted method and I prefer the black beer…

40 Qestions? laszlo.biro@samunet.hu HA5YAR on 80 m CW

41 Thank you for your attention…

Download ppt "Layer One challenge Biró László Miklós HA5YAR"

Similar presentations

Nick Feamster CS 4251 Computer Networking II Spring 2008

Nick Feamster CS 4251 Computer Networking II Spring 2008
Safecom INGRESS GATE technology (Patent p)

Safecom INGRESS GATE technology (Patent p)
Determining and Characterizing the Number of Frequency Hopping Interferers using Time and Frequency Offset Estimation Alican Gök Prof. Danijela Cabric.

Determining and Characterizing the Number of Frequency Hopping Interferers using Time and Frequency Offset Estimation Alican Gök Prof. Danijela Cabric.
Hidden Terminal Problem and Exposed Terminal Problem in Wireless MAC Protocols.

Hidden Terminal Problem and Exposed Terminal Problem in Wireless MAC Protocols.
IE 419/519 Wireless Networks Lecture Notes #6 Spread Spectrum.

IE 419/519 Wireless Networks Lecture Notes #6 Spread Spectrum.
Denial of Service in Sensor Networks Szymon Olesiak.

Denial of Service in Sensor Networks Szymon Olesiak.
Computer Communication & Networks Lecture # 06 Physical Layer: Analog Transmission Nadeem Majeed Choudhary

Computer Communication & Networks Lecture # 06 Physical Layer: Analog Transmission Nadeem Majeed Choudhary
How is Information Transferred? Developing an Intuition for Network Communication Protocols a 6.UAT concept talk by Olga Stroilova.

How is Information Transferred? Developing an Intuition for Network Communication Protocols a 6.UAT concept talk by Olga Stroilova.
Wireless Computer Networking Melanie Hanson May 6, 2002.

Wireless Computer Networking Melanie Hanson May 6, 2002.
FHSS vs. DSSS Presented by Ali Alhajhouj. Presentation Outline Introduce the issues involved in the system behaviors for FHSS and DSSS systems used in.

FHSS vs. DSSS Presented by Ali Alhajhouj. Presentation Outline Introduce the issues involved in the system behaviors for FHSS and DSSS systems used in.
Wireless networking technology By Abbas Izadpanah January 2007.

Wireless networking technology By Abbas Izadpanah January 2007.
Overview.  UMTS (Universal Mobile Telecommunication System) the third generation mobile communication systems.

Overview.  UMTS (Universal Mobile Telecommunication System) the third generation mobile communication systems.
Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)

Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.
802.11b Vulnerabilities, Ad-Hoc Mode, RF Jamming and Receiver Design Ritesh H Shukla Graduate Student ECE Dept Under the Guidance of Prof. William R Michalson.

802.11b Vulnerabilities, Ad-Hoc Mode, RF Jamming and Receiver Design Ritesh H Shukla Graduate Student ECE Dept Under the Guidance of Prof. William R Michalson.
1 CMPT 371 Data Communications and Networking Spread Spectrum.

1 CMPT 371 Data Communications and Networking Spread Spectrum.
Wireless & Mobile Networking: Multiple Division Techniques

Wireless & Mobile Networking: Multiple Division Techniques
Modulation is the process of conveying a message signal, for example a digital bit stream or an analog audio signal, inside another signal that can be.

Modulation is the process of conveying a message signal, for example a digital bit stream or an analog audio signal, inside another signal that can be.
Advanced Radio and Radar

Advanced Radio and Radar
IT-101 Section 001 Lecture #15 Introduction to Information Technology.

IT-101 Section 001 Lecture #15 Introduction to Information Technology.

Similar presentations

Ads by Google