summaryrefslogtreecommitdiffstats
path: root/vorlagen/thesis/src/kapitel_x.tex
diff options
context:
space:
mode:
authorRefik Hadzialic2012-09-01 12:18:02 +0200
committerRefik Hadzialic2012-09-01 12:18:02 +0200
commit03e3e6d036127d290a8fdb5b825bf18f8141d432 (patch)
treebabe162b47fa04e7bf1b2b39bda5e237655c3261 /vorlagen/thesis/src/kapitel_x.tex
parentAlrogithm (diff)
downloadmalign-03e3e6d036127d290a8fdb5b825bf18f8141d432.tar.gz
malign-03e3e6d036127d290a8fdb5b825bf18f8141d432.tar.xz
malign-03e3e6d036127d290a8fdb5b825bf18f8141d432.zip
Implementation OpenBSC description
Diffstat (limited to 'vorlagen/thesis/src/kapitel_x.tex')
-rw-r--r--vorlagen/thesis/src/kapitel_x.tex60
1 files changed, 38 insertions, 22 deletions
diff --git a/vorlagen/thesis/src/kapitel_x.tex b/vorlagen/thesis/src/kapitel_x.tex
index 9602bf6..0ab4210 100644
--- a/vorlagen/thesis/src/kapitel_x.tex
+++ b/vorlagen/thesis/src/kapitel_x.tex
@@ -88,7 +88,7 @@ BTS has a unique identifier code name and hence can be distinguished from other
Using this method even higher accuracies
can be achieved than the known shape of signal reception \citep[Chapter 8]{0470092319}. Basically, provided that the
\textit{timing advance} (TA) value is known. The TA is the rough prediction of the \textit{round trip time} (RTT), time
-required for a data packet to be received and acknowleded by the MS. Using this measure a rough circle can be made between
+required for a data packet to be received and acknowledged by the MS. Using this measure a rough circle can be made between
the BTS and the bordering points of the Cell-ID region since TA multiplied with speed of light produces the radius distance
of the circle. To obtain the TA value a connection between the MS and the BTS has to exist or a silent call can be made
where the GSM subscriber does not even notice that he/she is being called since there is no ringing
@@ -2677,24 +2677,10 @@ the RRLP protocol. The generated assistance data packets by the module were used
for comparison and a template to build author's RRLP assistance data generator. The nanoBTS
is operated by OpenBSC which is explained in the following section.
-\section{OpenBSC}
-OpenBSC is an open source implementation of a GSM network software by Osmocom.
-It was developed for experimentation and security research of the GSM networks \citep{obsc1}.
-OpenBSC is ``implementing the minimal necessary parts to build a small,
-self-contained GSM network'' \citep{obsc}. This self-contained GSM network
-consists of following functional components: Base Station Controller (BSC),
-Mobile Switching Center (MSC), Home Location Register (HLR),Authentication
-Center (AUC), Visitor Location Register (VLR) and Equipment Identity
-Register (EIR). OpenBSC was written in C and operates on Linux. OpenBSC connects
-to the BTS using the Abis or Abis/IP interface. At the moment OpenBSC
-supports Voice calls, SMS, handovers, support for multiple BTS and other features
-not of the interest for this work. OpenBSC has an implemented module for sending only
-RRLP requests however without assistance data. This module was tested
-
\section{RRLP assistance data generator application}
-
-At the point of writing this thesis there was no working open source
-implementation of generating RRLP assistance data.
+At the point, two different RRLP implementations on two different hardware platforms have been tested
+without successfully obtaining a GPS localization.
+\ref{img:RRLPAlgFlowchart}
In this work two programming languages have been employed, C and C++
whereas basic knowledge of Erlang was required to understand an implementation of a similar RRLP assistance
data generation. The Erlang implementation by Kurtis Heimerl was used as a guide while the author
@@ -2706,7 +2692,7 @@ sections. OpenBSC is an open source implementation of
\begin{figure}[hb]
\centering
- \includegraphics[scale=0.4]{img/algorithmRRLP.pdf}
+ \includegraphics[scale=0.39]{img/algorithmRRLP.pdf}
\caption{Flowchart for the RRLP assistance data generators}
\label{img:RRLPAlgFlowchart}
\end{figure}
@@ -2725,6 +2711,37 @@ opposite direction. The decision to use the ARFCN 877 channel was derived from
the fact that the channel was free, measurements were carried out with a
spectrum analyser built on the USRP hardware.
+\section{OpenBSC}
+OpenBSC is an open source implementation of a GSM network software by Osmocom.
+It was developed for experimentation and security research of the GSM networks \citep{obsc1}.
+OpenBSC is ``implementing the minimal necessary parts to build a small,
+self-contained GSM network'' \citep{obsc}. This self-contained GSM network
+consists of following functional components: Base Station Controller (BSC),
+Mobile Switching Center (MSC), Home Location Register (HLR),Authentication
+Center (AUC), Visitor Location Register (VLR) and Equipment Identity
+Register (EIR). OpenBSC was written in C and operates on Linux. OpenBSC binds
+to the BTS using the Abis or Abis/IP interface. At the moment OpenBSC
+supports Voice calls, SMS, handovers, support for multiple BTS and other features
+not of the interest for this work. OpenBSC has an implemented module for
+transmitting RRLP requests however without assistance data. This module was
+tested but without successfully obtaining a position from the MS.
+While the tests have been performed, no results were obtained due to a
+watchdog time out produced by OpenBSC. In order to send an RRLP request in
+OpenBSC, a silent SMS would be sent to the cell phone followed by the RRLP
+request. Silent SMS is the equivalent of a normal SMS but without notifying
+the user of its reception \citep{silentSMS}. When the silent SMS is received
+on the cell phone, the message content is not displayed to the user
+neither is it stored in the SMS inbox. In other words, its arrival
+remains completely unknown to the user to whom it was sent \citep{silentSMS}.
+An acknowledgement is sent back to the GSM network operator that the MS
+received the silent SMS. The watchdog timer in OpenBSC has been triggered
+because the acknowledgement was not received within a certain time limit
+while the MS was attempting to obtain a GPS position. To overcome this problem
+another approach had to be taken by the author to send RRLP assistance data
+with position requests. This shall be further analysed and explained in more
+details in the following sections.
+
+
\chapter{Hardware}
In the following chapter the author shall introduce the reader to the hardware
components used in the thesis. The hardware components shall be presented
@@ -3203,8 +3220,7 @@ thesis with other relevant studies due to the lack of any research
studies compleyed using the equivalent hardware and type of
assistance data. In the relevant studies different
hardware test equipment is used while this thesis was carried
-out without that test equipment \citep{agpsTests} \citep{agpsTests1}
-\citep{gpsTest2}.
+out without that test equipment \citep{gpsTest2}.
In addition, no research has been found that surveyed the amount of
time required to get a position response from a MS where only
almanac, ephemeris, UTC model, ionospheric model and reference
@@ -3253,7 +3269,7 @@ movement of GSM users \citep{predictMovements}.
%Test if it can be tricked out by the software Dennis mentioned (protect my privacy)!
-\chapter{Summary}
+\chapter{Summary and security issues}
\chapter*{Dictionary of acronyms}
\begin{itemize}