From 8e18e2cc688296fb05fd04b7490e5bf4d9efdf3a Mon Sep 17 00:00:00 2001 From: Tom Date: Mon, 12 Mar 2012 18:26:12 +0100 Subject: some changes to rules and presentation uploaded --- Tex/Presentation/beamerouterthemezusatz.sty | 192 ++++++++++++++++++++ Tex/Presentation/neighbourhood1.dot | 12 ++ Tex/Presentation/neighbourhood1.png | Bin 0 -> 13704 bytes Tex/Presentation/neighbourhood2.dot | 9 + Tex/Presentation/neighbourhood2.png | Bin 0 -> 10492 bytes Tex/Presentation/presentation.tex | 262 ++++++++++++++++++++++++++++ 6 files changed, 475 insertions(+) create mode 100644 Tex/Presentation/beamerouterthemezusatz.sty create mode 100644 Tex/Presentation/neighbourhood1.dot create mode 100644 Tex/Presentation/neighbourhood1.png create mode 100644 Tex/Presentation/neighbourhood2.dot create mode 100644 Tex/Presentation/neighbourhood2.png create mode 100644 Tex/Presentation/presentation.tex (limited to 'Tex') diff --git a/Tex/Presentation/beamerouterthemezusatz.sty b/Tex/Presentation/beamerouterthemezusatz.sty new file mode 100644 index 0000000..72cbfce --- /dev/null +++ b/Tex/Presentation/beamerouterthemezusatz.sty @@ -0,0 +1,192 @@ +% das wird ein Styll damit beamerthemeFreiburg auch eine Fussleiste mit +% einer Seiten angabe erhaelt + +% Copyright 2003 by Till Tantau +% +% This program can be redistributed and/or modified under the terms +% of the GNU Public License, version 2. + +\newdimen\beamer@sidebarwidth +\newdimen\beamer@headheight +\usebeamerfont{frametitle} +\beamer@sidebarwidth=2.5\baselineskip +\beamer@headheight=2.5\baselineskip +\reset@font + +\def\beamer@lefttext{left} + +\DeclareOptionBeamer{hideothersubsections}[]{\beamer@nav@subsectionstyle{show/show/hide}} +\DeclareOptionBeamer{hideallsubsections}[]{\beamer@nav@subsectionstyle{hide}} + +\DeclareOptionBeamer{width}{\beamer@sidebarwidth=#1} +\DeclareOptionBeamer{height}{\beamer@headheight=#1} +\DeclareOptionBeamer{left}{\def\beamer@sidebarside{left}} +\DeclareOptionBeamer{right}{\def\beamer@sidebarside{right}} +\ExecuteOptionsBeamer{left} +\ProcessOptionsBeamer + + +\mode + +\setbeamercolor*{author in head/foot}{parent=palette primary} % das macht die Farbe unten einheitlich +\setbeamercolor*{title in head/foot}{parent=palette primary} +\setbeamercolor*{date in head/foot}{parent=palette primary} + +\defbeamertemplate*{footline}{infolines theme} +{ + \leavevmode% + \hbox{% + \begin{beamercolorbox}[wd=.333333\paperwidth,ht=2.25ex,dp=1ex,center]{author in head/foot}% + \usebeamerfont{author in head/foot}\insertshortauthor%~~(\insertshortinstitute) + \end{beamercolorbox}% + \begin{beamercolorbox}[wd=.333333\paperwidth,ht=2.25ex,dp=1ex,center]{title in head/foot}% + \usebeamerfont{title in head/foot}\insertshorttitle + \end{beamercolorbox}% + \begin{beamercolorbox}[wd=.333333\paperwidth,ht=2.25ex,dp=1ex,right]{date in head/foot}% + \usebeamerfont{date in head/foot}\insertshortdate{}\hspace*{2em} + \insertframenumber{} / \inserttotalframenumber\hspace*{2ex} + \end{beamercolorbox} }% + \vskip0pt% +} + + + +\ifdim\beamer@headheight>0pt +% if head height is 0pt, use default frame title + + \setbeamercolor*{frametitle}{parent=sidebar} + + \defbeamertemplate*{frametitle}{sidebar theme} + {% + \nointerlineskip% + \vskip-\beamer@headheight% + \vbox to \beamer@headheight{% + \vfil + \leftskip=-\beamer@leftmargin% + \advance\leftskip by0.3cm% + \rightskip=-\beamer@rightmargin% + \advance\rightskip by0.3cm plus1fil% + {\usebeamercolor[fg]{frametitle}\usebeamerfont{frametitle}\insertframetitle\par}% + {\usebeamercolor[fg]{framesubtitle}\usebeamerfont{framesubtitle}\insertframesubtitle\par}% + \vbox{}% + \vskip-1em% + \vfil + }% + } + + \defbeamertemplate*{headline}{sidebar theme} + {% + \begin{beamercolorbox}[wd=\paperwidth]{frametitle} + \ifx\beamer@sidebarside\beamer@lefttext% + \else% + \hfill% + \fi% + \ifdim\beamer@sidebarwidth>0pt% + \usebeamercolor[bg]{logo}% + \vrule width\beamer@sidebarwidth height \beamer@headheight% + \hskip-\beamer@sidebarwidth% + \hbox to \beamer@sidebarwidth{\hss\vbox to + \beamer@headheight{\vss\hbox{\color{fg}\insertlogo}\vss}\hss}% + \else% + \vrule width0pt height \beamer@headheight% + \fi% + \end{beamercolorbox} + } +\fi + + +\def\beamer@sidebarformat#1#2#3{% + \begin{beamercolorbox}[wd=\beamer@sidebarwidth,leftskip=#1,rightskip=1ex plus1fil,vmode]{#2} + \vbox{}% + #3\par% + \vbox{}% + \vskip-1.5ex% + \end{beamercolorbox} +} + +\defbeamertemplate*{section in sidebar}{sidebar theme} +{% + \vbox{% + \vskip1ex% + \beamer@sidebarformat{3pt}{section in sidebar}{\insertsectionhead}% + }% +} + +\defbeamertemplate*{section in sidebar shaded}{sidebar theme} +{% + \vbox{% + \vskip1ex% + \beamer@sidebarformat{3pt}{section in sidebar shaded}{\insertsectionhead}% + }% +} + +\defbeamertemplate*{subsection in sidebar}{sidebar theme} +{% + \beamer@sidebarformat{5pt}{subsection in sidebar}{\insertsubsectionhead}% +} + +\defbeamertemplate*{subsection in sidebar shaded}{sidebar theme} +{% + \beamer@sidebarformat{5pt}{subsection in sidebar shaded}{\insertsubsectionhead}% +} + + +\ifdim\beamer@sidebarwidth>0pt + + % Sidebar + \setbeamersize{sidebar width \beamer@sidebarside=\beamer@sidebarwidth} + \defbeamertemplate*{sidebar \beamer@sidebarside}{sidebar theme} + { + \beamer@tempdim=\beamer@sidebarwidth% + \advance\beamer@tempdim by -6pt% + {\usebeamerfont{title in sidebar}% + \vskip1.5em% + \hskip3pt% + \usebeamercolor[fg]{title in sidebar}% + \insertshorttitle[width=\beamer@tempdim,center,respectlinebreaks]\par% + \vskip1.25em% + }% + {% + \hskip3pt% + \usebeamercolor[fg]{author in sidebar}% + \usebeamerfont{author in sidebar}% + \insertshortauthor[width=\beamer@tempdim,center,respectlinebreaks]\par% + \vskip1.25em% +% \qquad \insertframenumber{} / \inserttotalframenumber\hspace*{2ex} + }% + + + + + + + + \insertverticalnavigation{\beamer@sidebarwidth}% + \vfill + \ifx\beamer@sidebarside\beamer@lefttext% + \else% + \usebeamercolor{normal text}% + \llap{\usebeamertemplate***{navigation symbols}\hskip0.1cm}% + \vskip2pt% + \fi% + }% + + + \ifx\beamer@sidebarside\beamer@lefttext% + \defbeamertemplate*{sidebar right}{sidebar theme} + {% + + \vfill% + \llap{\usebeamertemplate***{navigation symbols}\hskip0.1cm}% + + + \vskip2pt} + \fi + % Margins + \setbeamersize{text margin left=0.5cm,text margin right=0.5cm} +\fi + + + +\mode + diff --git a/Tex/Presentation/neighbourhood1.dot b/Tex/Presentation/neighbourhood1.dot new file mode 100644 index 0000000..d0bda44 --- /dev/null +++ b/Tex/Presentation/neighbourhood1.dot @@ -0,0 +1,12 @@ +digraph neighbourhood { + +a -> b +a -> c + +b -> a +b -> c + +c -> b +c -> a + +} diff --git a/Tex/Presentation/neighbourhood1.png b/Tex/Presentation/neighbourhood1.png new file mode 100644 index 0000000..6b2ace8 Binary files /dev/null and b/Tex/Presentation/neighbourhood1.png differ diff --git a/Tex/Presentation/neighbourhood2.dot b/Tex/Presentation/neighbourhood2.dot new file mode 100644 index 0000000..b2542df --- /dev/null +++ b/Tex/Presentation/neighbourhood2.dot @@ -0,0 +1,9 @@ +digraph neighbourhood { + +a -> b +a -> c + +c -> b +c -> a + +} diff --git a/Tex/Presentation/neighbourhood2.png b/Tex/Presentation/neighbourhood2.png new file mode 100644 index 0000000..d39c651 Binary files /dev/null and b/Tex/Presentation/neighbourhood2.png differ diff --git a/Tex/Presentation/presentation.tex b/Tex/Presentation/presentation.tex new file mode 100644 index 0000000..83c81d9 --- /dev/null +++ b/Tex/Presentation/presentation.tex @@ -0,0 +1,262 @@ +\documentclass{beamer} + +\usepackage{xspace} +\usepackage{default} +\usepackage{pgfplots} +\usepackage{tabularx} +\usepackage{listings} +\usepackage{booktabs} +\usepackage{etex} +\usepackage{courier} + + +\lstset{language=Python, + basicstyle=\footnotesize\ttfamily, % Standardschrift + breaklines=true, % Zeilen werden Umgebrochen +} + + +\title[IMSI Catcher Detection]{IMSI Catcher Detection System using the OsmocomBB Framework} +\author[Thomas Mayer]{Thomas Mayer\\[3mm]\footnotesize {Advisors: Prof.\ Dr.\ Gerhard Schneider}\\\footnotesize{\hspace{-5mm}Dennis Wehrle}\\\footnotesize{\hspace{-6mm}Konrad Meier}} +\institute[Uni Freiburg]{Albert-Ludwigs-Universit\"at Freiburg \\ Technische Fakult\"at \\ Institut f\"ur Informatik \\ Lehrstuhl f\"ur Kommunikationssysteme} +\date{19.\,03.\,2012} + +\mode{ + \useoutertheme[width=0pt]{zusatz} + \usetheme{Frankfurt} + \setbeamertemplate{section in toc shaded}[default][40] + \setbeamertemplate{subsection in toc shaded}[default][40] +} + +\newcommand{\tocsection}[1]{ + \section{#1} + \begin{frame}{Content} + \tableofcontents[sectionstyle=show/shaded,subsectionstyle=show/show/hide] + \end{frame} + } + +\begin{document} + +\begin{frame}[empty]{} +\maketitle +\end{frame} + +\begin{frame}{Content} +\tableofcontents[sectionstyle=show/show,subsectionstyle=show/show/hide] +\end{frame} + +\tocsection{Background} +\subsection{IMSI Catcher} +\begin{frame}{Mode of Operation} +\centering +\end{frame} +\begin{frame}{Threats} +\begin{block}{Technical Possibilities} +\begin{itemize} + \item Tapping and recording of phone calls + \item Localisation of subscribers + \item Suppression of communication +\end{itemize} +\end{block} +Other concerns: +\begin{itemize} + \item Cannot target individuals + \item No emergency calls possible + \item Procedural law situation + \item Hard to prove operation in retrospect +\end{itemize} +... risk intensified by homebrew IMSI catcher projects! +\end{frame} + +\subsection{IMSI Catcher Detection} +\begin{frame}{Passive Detection} +Why no active connection? +\begin{itemize} + \item Localisation possible once connected + \item Already lost ability to initiate emergency calls +\end{itemize} +\vspace{.8cm} +Procedure: Information that is publicly available +\begin{itemize} + \item Broadcast Control Channel + \begin{itemize} + \item System Information Messages 1-4 + \item SI 1 and 2 of special interest + \end{itemize} + \item Parameters that can be measured + \begin{itemize} + \item Signal strength + \end{itemize} +\end{itemize} +\end{frame} + +\begin{frame}{Parameters} +Parameters measured: +\begin{itemize} + \item Signal Strength +\end{itemize} +\vspace{.3cm} +Parameters harvested from SI: +\begin{itemize} + \item ARFCN + \item Country and Provider Codes + \item Cell ID and Location Area Code + \item Neighbouring Cell List + \item Base Station Identification (not yet used) +\end{itemize} +\begin{alertblock}{Main Problem} +Parameters that can be set, can be forged! +\end{alertblock} +\end{frame} + +\tocsection{Current State} +\subsection{Architecture} +\begin{frame}{Overview} +\centering +\end{frame} + +\begin{frame}{Components} +MVC oriented design with plug-in rules and evaluators +\begin{itemize} + \item Data Model: + \begin{itemize} + \item Constantly updated by the OsmocomBB Framework + \end{itemize} + \item Rules: + \begin{itemize} + \item Mapping: $\text{DataModel}~\rightarrow~\{\text{Ok}\vert\text{Warning}\vert\text{Critical}\}$ + \item Different kinds of rules + \item Constant re-evaluation + \end{itemize} + \item Evaluators: + \begin{itemize} + \item Gathers and aggregates rule results for a base station + \item Conservative Evaluator + \item Weighted Evaluator + \end{itemize} +\end{itemize} +\end{frame} + +\subsection{Rules} +\begin{frame}{Rules}{Parameter Mapping and Context Rules} +Parameter Mappings: +\begin{itemize} + \item Simple implication rules + \item Mapping of parameter to range + \item Integrity checks on single base stations +\end{itemize} +Context Rules: +\begin{itemize} + \item Compare parameters with surrounding base stations + \item See how well a base station fits in its neighbourhood +\end{itemize} +\begin{exampleblock}{Examples} +\begin{itemize} + \item Check whether the ARCFN is in the registered range of the respective provider + \item Check whether LAC is consistent with neighbouring LACs +\end{itemize} +\end{exampleblock} +\end{frame} + +\begin{frame}{Rules}{Neighbourhood Rules} +Analyse structure of the neighbourhood graph: +\begin{center} +\includegraphics[width=.3\textwidth]{neighbourhood1}\hspace{1cm} +\includegraphics[width=.3\textwidth]{neighbourhood2} +\end{center} +\end{frame} + +\subsection{Demo} +\begin{frame}{Demo} +\begin{center} + \huge{Time for some shiny graphics!} +\end{center} +\end{frame} + +\tocsection{Extensions} +\subsection{Rules} +\begin{frame}{Rules}{Databases} +\begin{alertblock}{Problem} +Forged parameters! +\end{alertblock} +Possible solution: +\begin{itemize} + \item Cell ID Databases: + \begin{itemize} + \item Many official and open databases (Nokia/OpenCellID) + \item Used for localisation, but can also be used vice versa! + \item GPS to refine results + \end{itemize} + \item Local Area Database: + \begin{itemize} + \item Learn surroundings + \item 'Trustworthiness Score' + \item Can use signal strength + \end{itemize} +\end{itemize} +\end{frame} + +\subsection{Evaluators} +\begin{frame}{Evaluators}{Bayes Filter} +\begin{block}{Bayesian Filtering} +A statistical algorithm that can be used to predict the class of an object given certain evaluations and base probabilities. +Uses Bayes theorem: +\[P(A\vert B)= \frac{P(B\vert A) \cdot P(A)}{P(B)}\] +\end{block} + +\begin{exampleblock}{Bayes for a single Rule} +\[P(\text{B1 is catchter}\vert \text{R1 yields warning})\] +\[=\frac{P(\text{R1 yields warning}\vert \text{B1 is catchter}) \cdot P(\text{B1 is catchter})}{P(\text{R1 yields warning})}\] +\end{exampleblock} +\end{frame} + +\begin{frame}{Evaluators}{Bayes Filter (contd.)} +Bayes Theorem is recursive: +\begin{itemize} + \item Evaluate P(B1 is catcher$\vert$R1 yields warning, R2 yields ok, $\ldots$) + \item Further refinement possible: + \begin{itemize} + \item Refine base probabilities (enlarge database) + \item Finer grained rule results than only three classes + \item $\ldots$ + \end{itemize} +\end{itemize} +After databases are implemented foundations for other machine learning approaches are given: +\begin{itemize} + \item Boolean Decision Tree Learning + \item Implication Rule Learning + \item $\ldots$ +\end{itemize} +\end{frame} + +\tocsection{Roadmap} +\begin{frame}{Roadmap} +\begin{itemize} + \item Until mid of April: + \begin{itemize} + \item Implementation of CellID Database + \item Implementation of Local Area Database + \item Implementation of Bayes Filter Evaluator + \end{itemize} + \item Until mid of May: + \begin{itemize} + \item Writing practical part + \item Writing evaluation part + \end{itemize} + \item Until mid of June: + \begin{itemize} + \item Buffer for correction reading + \item Incorporating suggestions + \item If enough time is left, implement Boolean Decision Tree Learning to compare with Bayes Filter Learning + \end{itemize} +\end{itemize} +\end{frame} +\begin{frame}{The End} +\begin{center} + \huge{Thank you for your attention! Questions?} +\end{center} +\end{frame} +\end{document} + + +\end{document} -- cgit v1.2.3-55-g7522