From 559006a2fc59705e68c1f8be1a6b362827be2bca Mon Sep 17 00:00:00 2001 From: Tom Date: Thu, 31 May 2012 21:29:15 +0200 Subject: finished suggestions on chapter 3 --- Tex/Master/Master.toc | 111 ++++++++++++++++++++++++++------------------------ 1 file changed, 57 insertions(+), 54 deletions(-) (limited to 'Tex/Master/Master.toc') diff --git a/Tex/Master/Master.toc b/Tex/Master/Master.toc index b206b1e..08bfdfb 100644 --- a/Tex/Master/Master.toc +++ b/Tex/Master/Master.toc @@ -7,12 +7,12 @@ \contentsline {chapter}{\numberline {2}GSM}{5} \contentsline {section}{\numberline {2.1}A Historical Perspective}{5} \contentsline {section}{\numberline {2.2}The GSM Network}{7} -\contentsline {subsection}{\numberline {2.2.1}Mobile Station}{9} +\contentsline {subsection}{\numberline {2.2.1}Mobile Station}{8} \contentsline {subsection}{\numberline {2.2.2}Network Subsystem}{11} -\contentsline {subsubsection}{Mobile Switching Center}{12} +\contentsline {subsubsection}{Mobile Switching Center}{11} \contentsline {subsubsection}{Home Location Register}{12} \contentsline {subsubsection}{Visitor Location Register}{13} -\contentsline {subsubsection}{Authentication Center}{13} +\contentsline {subsubsection}{Authentication Center}{14} \contentsline {subsection}{\numberline {2.2.3}Base Station Subsystem}{15} \contentsline {subsubsection}{Frequencies and the Cellular Principle}{15} \contentsline {subsubsection}{Base Transceiver Station}{17} @@ -20,9 +20,9 @@ \contentsline {section}{\numberline {2.3}The $U_m$ Interface}{20} \contentsline {subsection}{\numberline {2.3.1}Radio Transmission}{20} \contentsline {subsubsection}{Frame Numbering}{21} -\contentsline {subsubsection}{Burst Types}{22} +\contentsline {subsubsection}{Burst Types}{21} \contentsline {subsection}{\numberline {2.3.2}Logical Channels}{24} -\contentsline {subsubsection}{Dedicated Channels}{25} +\contentsline {subsubsection}{Dedicated Channels}{24} \contentsline {subsubsection}{Common Channels}{25} \contentsline {subsubsection}{Combinations}{26} \contentsline {subsection}{\numberline {2.3.3}Layers}{26} @@ -36,59 +36,62 @@ \contentsline {paragraph}{MS is already connected to a network:}{30} \contentsline {subsubsection}{Risks and Irregularities}{31} \contentsline {subsection}{\numberline {2.4.2}Law Situation in Germany}{31} -\contentsline {chapter}{\numberline {3}IMSI Catcher Detection}{33} +\contentsline {chapter}{\numberline {3}IMSI Catcher Detection System}{33} \contentsline {section}{\numberline {3.1}Framework and Hardware}{33} \contentsline {subsection}{\numberline {3.1.1}OsmocomBB}{33} \contentsline {subsubsection}{Project Status}{34} \contentsline {subsection}{\numberline {3.1.2}Motorola C123}{35} \contentsline {subsection}{\numberline {3.1.3}OsmocomBB and ICDS}{36} \contentsline {section}{\numberline {3.2}Procedure}{37} -\contentsline {subsection}{\numberline {3.2.1}Information Gathering}{37} -\contentsline {subsection}{\numberline {3.2.2}Information Evaluation}{40} -\contentsline {subsubsection}{Neighbourhood Structure}{42} -\contentsline {subsubsection}{Base Station Evaluation}{43} -\contentsline {subsection}{\numberline {3.2.3}Forged Parameters}{45} +\contentsline {subsection}{\numberline {3.2.1}Information Gathering}{38} +\contentsline {subsection}{\numberline {3.2.2}Information Evaluation}{41} +\contentsline {subsubsection}{Configuration Rules}{42} +\contentsline {subsubsection}{Context Rules}{43} +\contentsline {paragraph}{Neighbourhood Structure}{44} \contentsline {subsubsection}{Database Rules}{46} -\contentsline {subsubsection}{Remaining Issues and Paging}{47} -\contentsline {section}{\numberline {3.3}IMSI Catcher Detection System}{48} -\contentsline {subsection}{\numberline {3.3.1}Implemetation}{48} -\contentsline {subsection}{\numberline {3.3.2}Configuration}{49} -\contentsline {subsection}{\numberline {3.3.3}Operation}{50} -\contentsline {paragraph}{Sweep scans:}{53} -\contentsline {paragraph}{CellID Information:}{55} -\contentsline {paragraph}{Location Area Database:}{55} -\contentsline {paragraph}{PCH Scan:}{55} -\contentsline {paragraph}{User Mode:}{56} -\contentsline {section}{\numberline {3.4}Related Projects}{56} -\contentsline {chapter}{\numberline {4}Evaluation}{59} -\contentsline {section}{\numberline {4.1}Performance Evaluation}{59} -\contentsline {subsection}{\numberline {4.1.1}Scan Duration}{60} -\contentsline {subsection}{\numberline {4.1.2}Cell ID Databases}{61} -\contentsline {subsection}{\numberline {4.1.3}PCH Scans}{61} -\contentsline {section}{\numberline {4.2}IMSI Catcher Detection}{62} -\contentsline {subsection}{\numberline {4.2.1}Open Source IMSI Catcher}{62} -\contentsline {subsubsection}{Nokia 3310}{63} -\contentsline {subsection}{\numberline {4.2.2}Rule Evaluation}{65} -\contentsline {subsection}{\numberline {4.2.3}Long Term Test}{66} -\contentsline {subsection}{\numberline {4.2.4}Attack Scenarios}{67} -\contentsline {subsubsection}{IMSI Catcher as a new Cell}{67} -\contentsline {subsubsection}{IMSI Catcher replacing an old Cell}{68} -\contentsline {chapter}{\numberline {5}Conclusion}{71} -\contentsline {section}{\numberline {5.1}Summary}{71} -\contentsline {section}{\numberline {5.2}Future Work}{73} -\contentsline {chapter}{Bibliography}{75} -\contentsline {chapter}{\numberline {A}GSM}{79} -\contentsline {section}{\numberline {A.1}Interfaces}{79} -\contentsline {section}{\numberline {A.2}Channel Combinations}{80} -\contentsline {chapter}{\numberline {B}OsmocomBB}{81} -\contentsline {section}{\numberline {B.1}Installation}{81} -\contentsline {section}{\numberline {B.2}Usage}{82} -\contentsline {section}{\numberline {B.3}Serial Cable Schematics}{83} -\contentsline {chapter}{\numberline {C}IMSI Catcher Detection System}{85} -\contentsline {section}{\numberline {C.1}Extextions}{85} -\contentsline {section}{\numberline {C.2}Example Configuration}{86} -\contentsline {chapter}{\numberline {D}System Information}{89} -\contentsline {chapter}{\numberline {E}Evaluation Data}{95} -\contentsline {section}{\numberline {E.1}Rx and LAC Change Test}{95} -\contentsline {section}{\numberline {E.2}Long Term Test}{95} -\contentsline {chapter}{Acronyms}{97} +\contentsline {subsubsection}{Scan Rules}{47} +\contentsline {subsubsection}{Remaining Issues and Paging}{48} +\contentsline {subsection}{\numberline {3.2.3}Base Station Evaluation}{49} +\contentsline {section}{\numberline {3.3}Implementation}{49} +\contentsline {subsection}{\numberline {3.3.1}Architecture}{49} +\contentsline {subsection}{\numberline {3.3.2}Configuration}{51} +\contentsline {subsection}{\numberline {3.3.3}Graphical User Interface}{52} +\contentsline {subsection}{\numberline {3.3.4}Usage}{54} +\contentsline {paragraph}{Conducting sweep scans:}{56} +\contentsline {paragraph}{Using and obtaining Cell ID Information:}{56} +\contentsline {paragraph}{Building or using a Local Area Database:}{56} +\contentsline {paragraph}{Conducting a PCH Scan:}{57} +\contentsline {paragraph}{Utilising User Mode:}{57} +\contentsline {section}{\numberline {3.4}Related Projects}{58} +\contentsline {chapter}{\numberline {4}Evaluation}{61} +\contentsline {section}{\numberline {4.1}Performance Evaluation}{61} +\contentsline {subsection}{\numberline {4.1.1}Scan Duration}{62} +\contentsline {subsection}{\numberline {4.1.2}Cell ID Databases}{63} +\contentsline {subsection}{\numberline {4.1.3}PCH Scans}{63} +\contentsline {section}{\numberline {4.2}IMSI Catcher Detection}{64} +\contentsline {subsection}{\numberline {4.2.1}Open Source IMSI Catcher}{64} +\contentsline {subsubsection}{Nokia 3310}{66} +\contentsline {subsection}{\numberline {4.2.2}Rule Evaluation}{67} +\contentsline {subsection}{\numberline {4.2.3}Long Term Test}{68} +\contentsline {subsection}{\numberline {4.2.4}Attack Scenarios}{69} +\contentsline {subsubsection}{IMSI Catcher as a new Cell}{70} +\contentsline {subsubsection}{IMSI Catcher replacing an old Cell}{70} +\contentsline {chapter}{\numberline {5}Conclusion}{73} +\contentsline {section}{\numberline {5.1}Summary}{73} +\contentsline {section}{\numberline {5.2}Future Work}{75} +\contentsline {chapter}{Bibliography}{77} +\contentsline {chapter}{\numberline {A}GSM}{81} +\contentsline {section}{\numberline {A.1}Interfaces}{81} +\contentsline {section}{\numberline {A.2}Channel Combinations}{82} +\contentsline {chapter}{\numberline {B}OsmocomBB}{83} +\contentsline {section}{\numberline {B.1}Installation}{83} +\contentsline {section}{\numberline {B.2}Usage}{84} +\contentsline {section}{\numberline {B.3}Serial Cable Schematics}{85} +\contentsline {chapter}{\numberline {C}IMSI Catcher Detection System}{87} +\contentsline {section}{\numberline {C.1}Extextions}{87} +\contentsline {section}{\numberline {C.2}Example Configuration}{89} +\contentsline {chapter}{\numberline {D}System Information}{93} +\contentsline {chapter}{\numberline {E}Evaluation Data}{99} +\contentsline {section}{\numberline {E.1}Rx and LAC Change Test}{99} +\contentsline {section}{\numberline {E.2}Long Term Test}{99} +\contentsline {chapter}{Acronyms}{101} -- cgit v1.2.3-55-g7522