SPYTEC 3000 The system for GSM communication monitoring



Similar documents
RADIUS. Brief brochure. Product Purpose

Ch GSM PENN. Magda El Zarki - Tcom Spring 98

CC5500 Interceptor HSS DEVELOPMENT INC. HSS Development Inc. 75S Broadway White Plains, NY Tel: Fax:

Introduction Ericsson Handheld Telephone 1341-B

GSM Research. Chair in Communication Systems Department of Applied Sciences University of Freiburg 2010

MicroNet dual band IMSI and IMEI catcher

The GSM and GPRS network T /301

Global System for Mobile Communications (GSM)

Module 5. Broadcast Communication Networks. Version 2 CSE IIT, Kharagpur

Location management Need Frequency Location updating

Mobile Communications

Mobile network security report: Poland

Quectel M72 Development Board

Global System for Mobile Communication Technology

!!! "# $ % & & # ' (! ) * +, -!!. / " 0! 1 (!!! ' &! & & & ' ( ' 3 ' Giuseppe Bianchi

GSM BASICS GSM HISTORY:

CHAPTER 1 1 INTRODUCTION

Cellular Analysis for Legal Professionals Larry E. Daniel Digital Forensic Examiner and Cellular Analyst EnCE, DFCP, BCE, ACE, CTNS, AME

GSM security country report: USA

GSM Channels. Physical & Logical Channels. Traffic and Control Mutltiframing. Frame Structure

GSM Voice Auto Dialer & SMS Sender JC-999

Coverage measurement systems. Radio Network Analyzer R&S TSMU. Interferences a frequent impairment in radio networks

Frequently Asked Questions

ENGN4536 Mobile Communications

Mobile network security report: Belgium

GSM security country report: Germany

Agilent Network Monitoring Content Intercept Manager

An Example of Mobile Forensics

How To Understand The Gsm And Mts Mobile Network Evolution

communication over wireless link handling mobile user who changes point of attachment to network

PW1 Monitoring a GSM network with a trace mobile

Mobile network security report: Netherlands

Verint GI2. Gi2 Features Verint Systems Inc. All rights reserved.

Overview. 1. GPS data tracking via GSM SMS / GPRS. 2. GPS data logging in internal memory. 3. Alarm alert via GSM SMS / Dialing / GPRS

Mobile network security report: Poland

Mobile network security report: Germany

Using TEMS Pocket. Johan Montelius

IDD-213T User Manual. (Rev. 1.0) China Aerospace Telecommunications Limited

Network analyzer and spectrum analyzer two in one

Mobile Communications TCS 455

Positioning in GSM. Date: 14th March 2003

Firmware version: 1.10 Issue: 7 AUTODIALER GD30.2. Instruction Manual

VTS. Vehicle Tracking Systems

Wireless Mobile Telephony

Introductory Concepts

2 System introduction

PRImaGate Switch RACK 3U

Wireless LANs vs. Wireless WANs

Guidance for Business Radio

GSM Risks and Countermeasures

GSM Architecture Training Document

Appendix C GSM System and Modulation Description

GSM and Similar Architectures Lesson 07 GSM Radio Interface, Data bursts and Interleaving

BlueGate SIP. VoIP GSM Gate. Quick Installation guide v 1.0

Wireless Phone GSM tracking. Denis Foo Kune, John Koelndorfer, Nick Hopper, Yongdae Kim

GSM System. Global System for Mobile Communications

Review of Cell Phone Technology

Environmental Monitoring: Guide to Selecting Wireless Communication Solutions

FLEET MANAGEMENT & CAR SECURITY SYSTEM GPRS/GPS

GSM System Architecture

Link Gate SIP. (Firmware version 1.20)

Evaluating GSM A5/1 security on hopping channels

Mobile network security report: Greece

9.1 Introduction. 9.2 Roaming

System Design in Wireless Communication. Ali Khawaja

CARLETON UNIVERSITY Department of Systems and Computer Engineering. SYSC4700 Telecommunications Engineering Winter Term Exam 13 February 2014

Mobile Computing. Basic Call Calling terminal Network Called terminal 10/25/14. Public Switched Telephone Network - PSTN. CSE 40814/60814 Fall 2014

Chapters 1-21 Introduction to Wireless Communication Systems

GSMPBX version 1.3 Datasheet

GSM Databases. Virginia Location Area HLR Vienna Cell Virginia BSC. Virginia MSC VLR

Spectrum and Power Measurements Using the E6474A Wireless Network Optimization Platform

FWT-8848 GSM (GATEWAY) USER S MANUAL

Wireless Telephone System Product Comparison

Cellular Network Organization. Cellular Wireless Networks. Approaches to Cope with Increasing Capacity. Frequency Reuse

2. OVERVIEW OF COMMUNICATION SYSTEMS

The main purpose of the study was to answer the three following questions:

SuperGuard VT-05 Vehicle Tracking Device

GSM and UMTS security

COFDM Transmission systems

Mobile network security report: Norway

NeoConnect Home Suite

CDMA Network Planning

Teltonika FM41XX. Configurator v. 1.0

Product Overview. Steve Erickson

Mobile Communications Chapter 4: Wireless Telecommunication Systems slides by Jochen Schiller with modifications by Emmanuel Agu

Implementation of Mobile Measurement-based Frequency Planning in GSM

Special Conditions and Service Description for amaysim Mobile Broadband

GSM - Global System for Mobile Communications

Attenuation (amplitude of the wave loses strength thereby the signal power) Refraction Reflection Shadowing Scattering Diffraction

User Manual (UDTTV01 V 1.6

Voice services over Adaptive Multi-user Orthogonal Sub channels An Insight

Figure 1: cellular system architecture

Analysis of GSM Network for Different Transmission Powers

GSM frequency planning

Agilent Technologies E7475A GSM Drive-Test System Product Overview

GSM Network and Services

Lecture overview. History of cellular systems (1G) GSM introduction. Basic architecture of GSM system. Basic radio transmission parameters of GSM

2G/3G Mobile Communication Systems

Nokia Call Connect v1.1 for Cisco User s Guide. Part Number: N Rev 003 Issue 1

CS263: Wireless Communications and Sensor Networks

Transcription:

SPYTEC 3000 The system for GSM communication monitoring The SPYTEC 3000 system is intended for passive (if system encryption is absent of if A5.2 encryption is used) or semi-active (if A5.1 encryption is used) monitoring of GSM 900 and DCS-1800 standard communication systems. The system consists of: - Receivers unit for 8 32 channels; - Control notebook PC of P4 class (with control and A5.2 deciphering software installed); - Omni-directional antenna system for 900/1800 MHz bands; - Directed antenna system for 900/1800 MHz bands; - Carrying case; - Connection cables set and power cables for power supply from car battery (9 18 V) and from industrial network 220 V; - User documentation; - Installation software (HDD image on DVD for fast system recovery). Also the delivery pack includes the Operator Workstation software (OW). OW provides the procession of following types of information: Voice records; SMS-messages; Fax images; Fax text; Data transmissions. OW provides: Graphic user interface; Analysis of records of communication sessions by viewing or listening them; Transcribe features (simultaneous listening ant typing) with possibility to chose the temp of listening of voice records; Generation of reports about communication sessions content after review or listening; Forming of the requests to the database and data search; The system can operate either in stationary or mobile variants. The quantity of channels received and recorded by the system could be from 8 to 32 for one control computer. The requirements to the control computer are: not worse than Pentium4 2 GHz, RAM 2 Gb, DVD (for operation of A5.2 deciphering software). The system software works in Windows 2000/ХР OS environment. An extensive set of selection parameters enables the interception of certain subscriber with high probability. Receivers with high dynamical range (80 db) and special methods of signal procession enable to gain the high quality of reception, high level of computation of session key (Kc), high speech intelligibility, the possibility to control the reverse channel at essential distance from subscriber. The software enables to use the encryption switch off mode together with software search of encryption key, that provides the high percentage of interception in the networks where encryption is used. Compactness, light weight and low power consumption of the system (power consumption of 16-channel unit is not more then 15 W without control PC and additional power amplifier) enable carrying the system in small case and long operation using car battery without additional power sources.

The presence of transmitter between the components of the system enables its usage for switching of the encryption (if A5.1 encryption is used), and implementation of such modes as forced cancellation of communication session, definition of subscriber s phone number during the call, substitution of number dialed by the subscriber. The module structure of the system provides fast repair and the possibility to increase channels quantity easily. The SPYTEC 3000 system provides the following features: Control of forward and reverse voice channels and SMS messages. Fast channels scanning in GSM900/1800 MHz band and definition of control channels numbers and appropriate cellular providers. Automatic computation of session key (Kc) in real time for A5.2 algorithm, without any disclosing traces for subscriber. The possibility to switch off the encryption including both A5.1 and A5.2, if the controlled network supports the operation of the phones without encryption. Recording to HDD of voice sessions, SMS messages and call related information. Subscriber s location finding relatively to the base station (LAC, BS, sector, distance with accuracy of 550 m) with possibility of its indication on the digital map (optionally). Definition of MSISDN TMSI correlation for the controlled subscriber. The possibility of finding of MSISDN number of the controlled subscribed during the call (optionally). The possibility to substitute the number, dialled by subscriber without any disclosing traces for subscriber (optionally). Proper operation of the system in networks, using Frequency Hopping mode (in contrast to other monitoring systems). Tracing of subscriber s movement to another base station coverage area ("handover") if the signal from that base station is strong enough on the receiver input. The extended set of selection criteria: Control of all communications; By TMSI (IMSI if transmitted in the air); By phone type (classmark); By presence of reverse channel, for control of subscribers within the nearby area (100-1500 m from the system); By IMEI (if transmitted in the air) at interception of reverse channel; By interlocutor s phone number; Selection of communications by distance from the base station; Selection of SMS messages only; By Ki or Kc of the subscriber (at that the operation in networks, using A5.1 encryption is provided without any disclosing traces); Combination of several selection criteria above.

The System Main Application Window SelectionWindow Channel control window. The information about controlled BS and intercepted session parameters is shown. The list of viewable BS SMS messages window Protocol window

Subscriber search and MS-ISDN TMSI (IMSI) correlation definition window

The main technical features of «SPYTEC 3000» system in comparison with other monitoring systems. Parameter Technical features 1. System Name «GA 900/901» «Jasmin» / «G-Track» 2. Interception Method Active ( Base station emulation, the communication goes: subscriber system base station) Passive (the system controls the data exchange between MS and BS if encryption is not used or A5.2 encryption is used) «SPYTEC 3000» Passive (the system controls the data exchange between MS and BS if encryption is not used or A5.2 encryption is used) 3. The types of controlled communication systems Semi-active (the system controls the data exchange between MS and BS. In strictly defined moments of time it replaces the operation of МS to switch off the encryption mode) GSM 900/1800 GSM-900/1800 GSM900/1800 4. The information selection criteria for GSM: - IMSI, IMEI, - The presence of subscriber in certain zone in present time - The phone number of called party - IMSI (TMSI), - IMEI (by reverse channel) - Ki Definition of MSISDN to IMSI or TMSI correlation - IMSI (TMSI), - IMEI, - MS Classmark, - distance to BS, - counter party MSISDN - by reverse channel presence, - Ki, - Ks Definition of MSISDN to IMSI or TMSI correlation

5. The quantity of controlled channels 1 duplex 6 channels for control of service information with possibility of upgrade up to 16 channels, the quantity of channels available for listening is 1(2) duplex. 8 or 16 duplex channels depending on configuration with possibility of expansion. The quantity of channels available for listening is equal to quantity of duplex channels. 6. Type or information registered Service information, registered communication session, SMS 7. Subscriber s location definition With accuracy to cell and distance to BS. With accuracy to 550 m or in zone, defined by transmitter power level with possibility to output the information about frequency and time-slot to special direction finder 8. The possibility of deciphering The system switches off the encryption in zone of its operation Additionally: - signal level from MS Provides decryption by A5/2 algorithm in 1-3 sec. With accuracy to cell and distance to BS. Additionally: - signal level from MS, - level of signal, received by MS from neighbour BS. In passive mode provides decryption by A5/2 algorithm in 30 msec. In semi-active mode switches off the A5/1 or А5/2 encryption by short-term transmissions in zone of controlled base stations, if network supports the operation of MS without encryption. 9. The possibility of operation in mobile variant Yes, in standing or moving vehicle Yes, in standing vehicle Yes, in standing or moving vehicle

10. The disclosing factors of system s operation 11. The possibility to block subscriber s communications Yes 1. on some models of mobile phones subscriber can see that encryption is switched off 2. the call receiving party can not see the number of calling party, 3. the bills for communications become smaller, 4. it is impossible to control the incoming calls, only outgoing calls and SMS can be controlled No In passive mode - no In semi-active mode - yes : - on some models of mobile phones subscriber can see that encryption is switched off Yes No Yes

12. Main disadvantages 1. The necessity of SIM card presence, which will be charged for all calls of controlled subscriber. 2. Impossibility to control the incoming calls. 3. Difficulty of operation near the base station, because the level of signal from original base station is higher the level of signal from the System. 4. Impossibility to control the subscribers of several providers simultaneously. 5. There is no possibility to increase the quantity of ТСН (traffic channels), for simultaneous listening of several subscribers. 6. A lot of disclosing factors. 1. Interception of subscriber in case if TMSI is used and it is changing at each communication session is possible just in case if subscriber did not left the controlled area. 2. The operation in networks, using frequency Hopping is not supported. 3. The system is tuned for operation in certain country (by cellular network identifiers, transferred in the air). 1. Interception of subscriber in case if TMSI is used and it is changing at each communication session is possible just in case if subscriber did not left the controlled area. 2. In semi-active monitoring mode on some models of mobile phones subscriber can see that encryption is switched off 13. Additional features The possibility of integration with direction-finding equipment of DDF series, manufactured by Rohde&Schwarz is implemented The possibility of simultaneous combined operation with several mobile communications providers The possibility of simultaneous combined operation with several mobile communications providers Additional features: -replacement of phone number, dialled by subscriber; - definition of subscriber s number during the active call;

14. Power consumption Main Unit -230 Wt Control computer 20-50 Wt «Jasmin» Main Unit (8 channels) up to 250 Wt «G-Track» Main Unit up to 50 Wt Control computer 20-50 Wt. Main Unit (16-channel) 20 Wt. Control computer 20-50 Wt

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information