I spent the last year researching, designing, then implementing an IMSI Catcher detector at first as a hobby then as my capstone project. There already exists working fairly mature solutions for this and they are very open about their detection metrics, specifically SnoopSnitch [1].
The major drawback of the SnoopSnitch solution is that they are phone apps and are tightly coupled with the hardware and drivers. We were attempting to demonstrate that it could be done in a way portable across desktop operating systems and phones and we succeeded in creating a proof of concept at a cost of $200 [2].
This solution is also better suited to use as a centralized device for organizations to use that can be audited by security personnel to protect against corporate espionage. This is a real threat demonstrated by the fact that by simply changing a few lines of code in the IMSI Catcher detector a few undergrads built we could have an IMSI Catcher. This need is often left out of the arguments for IMSI Catcher detectors and I think that is very harmful because the first thing said about the project has always been "They will just make it illegal." This is much more unlikely when you consider that anyone can build one.
I would like to continue development beyond the proof of concept but have lost most of my team now that school is out if anyone would be interested you can contact me. Some commercial IMSI Catcher detectors sell for as much as $40,000.
> This need is often left out of the arguments for IMSI Catcher detectors and I think that is very harmful because the first thing said about the project has always been "They will just make it illegal."
> This is much more unlikely when you consider that anyone can build one.
But that isn't true. Anybody can make fire-arms, explosives and all kinds of bad stuff and plenty of that is illegal depending on where you live.
The fact that something is easy does not have much to do with legality, if it did then pot would have been legal long ago.
True, I just found the argument for IMSI Catcher Detectors to be more effective once I changed from presenting it as "fighting state surveillance" to "protecting corporate IP" most people stopped even suggesting that it will be made illegal (usually citing radar detectors).
How interesting. Thanks for this info. The SeaGlass method is much more data-heavy, it seems, which is both good and bad. A good baseline is labor-intensive to create and requires lots of physical and temporal presence, but once you have it, it's a great way to vet outlier signals. Seems like that's the point you want to apply work like yours.
Yes, SeaGlass seems much more advanced of a technique than the commercial solution I discovered which also just consisted of a single board computer and an SDR. Certainly standalone IMSI Catcher detectors with hardcoded metrics would have a hard time keeping up with the rapidly evolving networks and new attacks without more data about what is going on to update them. I was considering the use of ML for more general detection beyond the hardcoded metrics.
I think I read that SnoopSnitch was gathering data but only for detection of known attacks not anomalies.
The major drawback of the SnoopSnitch solution is that they are phone apps and are tightly coupled with the hardware and drivers. We were attempting to demonstrate that it could be done in a way portable across desktop operating systems and phones and we succeeded in creating a proof of concept at a cost of $200 [2].
This solution is also better suited to use as a centralized device for organizations to use that can be audited by security personnel to protect against corporate espionage. This is a real threat demonstrated by the fact that by simply changing a few lines of code in the IMSI Catcher detector a few undergrads built we could have an IMSI Catcher. This need is often left out of the arguments for IMSI Catcher detectors and I think that is very harmful because the first thing said about the project has always been "They will just make it illegal." This is much more unlikely when you consider that anyone can build one.
I would like to continue development beyond the proof of concept but have lost most of my team now that school is out if anyone would be interested you can contact me. Some commercial IMSI Catcher detectors sell for as much as $40,000.
[1] https://opensource.srlabs.de/projects/snoopsnitch/wiki/IMSI_...
[2] https://gitlab.com/finding-ray/antikythera