|
|
|
|
|
|
by pacificresearch
1530 days ago
|
|
|
The Radio Sentinel app is our new solution, a combination of several offline heuristic detection methods designed to minimize false positives. It can detect not only IMSI catchers but also binary SMS, silent SMS and some SS7 attacks. You can read more in our followup article: https://armadillophone.com/blog/radio-sentinel LTrack is one of the stealthiest IMSI catchers I'm aware of, because it's almost entirely passive, and the victim never actually connects to the attacker. Radio Sentinel can detect AdaptOver style attacks that use empty paging requests for the DoS and downgrade attacks. We are working on further improving Radio Sentinel to also detect suspicious "Attach Reject" and "Identity Request" messages used by LTrack. We're also adding methods to detect connected messages without a MAC, and repeated overshadowing messages, as described in the Detection section of the AdaptOver paper. Unfortunately LTrack was published just after we released the initial version of Radio Sentinel so it wasn't added, but we're continuing to improve it. One big downside to the AdaptOver/LTrack style attacks is they require a signal at least 3dbm stronger than the real tower, which is not always feasible when dealing with noisy environments. This is a downside compared to traditional IMSI catchers that the victim directly connects to. In the AdaptOver paper they mention that even if the victim is 1km from the real tower, the attacker cannot be farther than 70m from the victim. |
|
|
I‘m interested to see if Radio Sentinel could/will detect the new improved version! Would you be willing to provide us with a test version/device?