Attack and Defence in Radio and Communication Warfare - PowerPoint PPT Presentation

1 / 46
About This Presentation
Title:

Attack and Defence in Radio and Communication Warfare

Description:

Attack and Defence in Radio and Communication Warfare Akib Sayyed akibsayyed_at_gmail.com Smart Jamming Block the food supply Means only block part which is important ... – PowerPoint PPT presentation

Number of Views:238
Avg rating:3.0/5.0
Slides: 47
Provided by: epr45
Category:

less

Transcript and Presenter's Notes

Title: Attack and Defence in Radio and Communication Warfare


1
Attack and Defence in Radio and Communication
Warfare
  • Akib Sayyed
  • akibsayyed_at_gmail.com

2
(electronic)Communication
  • Used by most of population in world
  • Used by Law Enforcement ,Defence in every mission
  • Plays most important role at time of WAR
  • We are blind without communication

3
What are we looking at
  • Radio Communication
  • Communication Jamming
  • Anti Jamming Communication
  • Locating Signal Source
  • Smart Radio Grid
  • Core Network
  • What's there is core network?
  • Disrupting Core Network
  • Threat of Imported Telco Equipments

4
Radio Communication
  • Its Communication using electro magnetic waves
    through atmosphere or free space.
  • Information is sent over radio waves using
    changing property of these waves such as pulse ,
    phase , amplitude , frequency
  • Consist of transmitter and receiver (TRX)

5
Types of Radio Frequency (Short Version)
  • Very high frequency
  • VHF
  • 30300 MHz
  • 10 m 1 m
  • Ultra high frequency
  • UHF
  • 3003000 MHz
  • 1 m 100 mm
  • Super high frequency
  • SHF
  • 330 GHz
  • 100 mm 10 mm

6
Usages
  • VHF
  • FM ,Television ,Amateur radio , Aircraft
    Communication
  • UHF
  • Television ,Microwave ,Mobile Communication ,GPS
    ,Bluetooth
  • SHF
  • Radio astronomy, microwave devices/communications,
    wireless LAN, most modern radars

7
How data is sent via Radio Waves
8
Different Ways to Send Receive Radio Waves
  • Commercial Radios
  • Cellphones
  • Walky Talkie
  • SDR
  • Blade RF
  • HackRF
  • USRP Series
  • Signal Generators
  • Spectrum Analyzer

9
How to block /Protect Signals
  • It is not possible to stop one from sending or
    receiving signals
  • Best way is jam , scramble , encrypt ,Hopping

10
Jamming
VS
Overlapping signals with more power so that
signal becomes garbage
11
Scrambling
VS
Transposing or inverting signals making it
unintelligible for receiver without
descrambler Performed in Analog Domain
12
EncryptionDigital Domain
Lorem Ipsum is simply dummy text of the printing
and typesetting industry. Lorem Ipsum has been
the industry's standard dummy text ever since the
1500s, when an unknown printer took a galley of
type and scrambled it to make a type specimen
book. It has survived not only five centuries,
but also the leap into electronic typesetting,
remaining essentially unchanged
uliAAg/XBrwuyJLBt9DkGqY4ZVEqXQ1uudlczuh3C4RyJR1aO
L4/WBpQszWidjdqbZEN/lKVnSgtFpuNWGkD5u0t38R6XWO5xeU
HMeeULvY9Ua51xQTx0fuBZxJ7uN6VMyv0gMs3SnmR6vSvSh
YO6sjoZRV917ASKYJMh6LVFubxYCTjG4aWpfwG00PYYRZePAKB
pJrfrKo8ivc7VJpcHVRTLrCO8RwR47FsYxXr6m/3PSOQHCSSie
b7iVAt9ZPkaFMpLBYipDJrLKpvDbdxAXgNybf4FFgmcnMMDuv
UhfafsKhD4UPFlFQ2SiZNgPXJBLjLfDon2n7yjyMfpxqMCXnpV
FhajzVNunha7OESzzfv6GM0ucWe0u6DV7bLk/lNn9b34FZk1m
VS
13
Hopping
14
Protecting Signals
  • Should have following qualities
  • Low Probability of Detection
  • Low Probability of Intercept
  • Low Probability of Exploitation

15
Low probability of Detection
  • Goal is to hide signal somehow such that
    unintended receiver has difficulty to determine
    that signal even present

16
Low probability of Intercept
  • If signal is not LPD type then unintended
    receiver can receive it
  • So to reduce probability of intercept one can use
    frequency hopping
  • Due to frequency one cannot easily receive signal
    which is hopping on different frequency unless he
    knows pattern of hopping

17
Low Probability of Exploitation
  • In case signal is not LPD/LPI or attacker finds
    out way to receive signal properly then getting
    meaningful information from that signal should be
    difficult
  • Encryption is example of LPE

18
Electronic warfare
  • Activities taken to accomplish the intercept or
    denial of communication
  • 3 main components
  • Electronic attack(EA)
  • Electronic support(ES)
  • Electronic protect(EP)

19
Electronic Attack (EA)
  • Using active signals to deny communication system
    from actively exchanging information
  • It could be
  • Jamming
  • Transmit noise on those freq
  • Deception
  • Send wrong information to mislead
  • Directed energy
  • Similar to jamming but goal is to permanently
    harm or destroy equipment

20
Electronic Support (ES)
  • Supporting function for EA
  • Its more like spectrum sensing and find signal
    with specific characteristics
  • Cause if jamming is being performed on non
    utilized frequency then time and energy is wasted

21
Electronic Protect (EP)
  • Protecting friendly communication from EA and ES
    attacks
  • In case both are using same frequency then one
    should transmit signals towards target and away
    from friendly units

22
AntiJam Communication
  • Communication with ability to fight jamming of
    communication system
  • Type of Anti Jamming signals
  • Direct-Sequence Spread Spectrum
  • Frequency-Hopping Spread Spectrum
  • Time-Hopping Spread Spectrum

23
Direct-Sequence Spread Spectrum
  • Technique involves spreading signal across a
    wider bandwidth and entire bandwidth is occupied
    instantly
  • Due wider band, energy present at particular
    frequency is low
  • Causing less probability of detection as
    unintended receiver mistake it as noise

24
Frequency Hopping Spread Spectrum
  • Based on concept of hopping
  • Occupies single channel at given instant
  • Bandwidth about be from -10khz to -200khz
  • Signal hops in predefined hopping sequence called
    hop set
  • 2 types
  • SFHSS (Slow Frequency Hopping SS)
  • FFHSS (Fast Frequency Hopping SS)

25
Time Hopping Spread Spectrum
  • TH changes time of transmission randomly causing
    receive noise most of time
  • Best example is PTT used by military and law
    enforcement

26
SDR Connections for DEMO
27
Demo of Anti Jam Signals
28
Jamming Anti-Jam Signals
  • Partial Dwell Jamming of FHSS Systems
  • Noise Jamming
  • Tone Jamming
  • Pulse Jamming
  • Follower Jamming
  • Smart Jamming

29
Partial Dwell Jamming of FHSS
  • Portion of Signal is jammed
  • There is finite amount of time to insert jam
    signal if detect energy belongs to correct signal
    to jam
  • One cannot jam whole spectrum but partial is
    possible

30
Noise Jamming
  • Carrier Signal is modulates with Noise Waveform
  • Main aim is to insert noise at receiver end
  • Types
  • Broadband Noise Jamming (Entire Spectrum)
  • Partial Band Noise Jamming (Partial Spectrum)

31
Tone Jamming
  • Continuous Tone is generated on spectrum in
    narrowband
  • Could be single or multiple
  • In case of multiple tones power is distributed
    among all tones
  • Type
  • Single Tone
  • Multiple Tones

32
Pulse Jamming
  • Similar to Partial Band Noise jamming
  • Its partial band noise jamming with no continuous
    transmission
  • Have low avg power than some of other jamming
    technique

33
Follower Jamming
  • Follow hopping path and predict hopping sequence
  • Once predicted jam next possible hopping channel
  • Jamming could be in tones or modulated tones
  • AKA responsive jamming , repeater jamming ,repeat
    back jamming

34
Smart Jamming
  • Block the food supply ?
  • Means only block part which is important for sync
  • As most of sync channel are not spread or hopping
    (e.g. GSM FCCH or C0)
  • One can simply jam main sync source

35
SDR Connections for DEMO
36
Demo of Jamming Signals
37
Smart Radio Grid
  • For whom ?
  • Why we need this?
  • Applications
  • SDR arch

38
For Whom?
  • Metro Cities
  • Air Port
  • Borders

39
Why We need this?
  • Signal generators are easy to get and use
  • Imagine case
  • Airport security radios are jammed
  • Terrorist using satellite phone to communicate in
    Metro Cities
  • Law enforcement radio are picking up misleading
    signals
  • Tracking such case is nearly impossible in real
    time (at least in India)

40
Applications
  • Detect Jamming Signals
  • Find Illegal Transmitters
  • Fake cell towers
  • Illegal broadcast stations
  • Locate signalling source
  • Smart Jamming
  • Intercept Communication

41
SDR Arch
42
Core Network
  • Traditional Telecom Protocol
  • Less scrutinized for security flaws for both
    protocol and implementation
  • Uses custom distro using collecting bits and
    pieces

43
Awareness in Telco Security
  • Telcos are testing there network for security
    flaws lately
  • Awareness is taking place in telco people as only
    gentlemen network is now open to all
  • But vendors co-operations is lacking due to
    contracts and money

44
Threat of imported equipments
  • Recently researchers found
  • Hidden commands in equipments
  • Some default password
  • Trojan horse embedded which sends data back to
    device manufacturer

45
Steps Taken by Indian Government
  • Setup Telecom Equipment Testing Lab
  • Which will
  • Test equipments for protocol implementation flaw
    and for security flaws
  • Certify equipment
  • Pilot lab was setup in banglore under Prof. N.
    Balakrishnan

46
Questions
  • ?
Write a Comment
User Comments (0)
About PowerShow.com