Adding that bit of efficiency to your day to day operations...
Reliable and cost efficient wireless networks solutions, communications intelligence systems and software applications for police, military and law enforcement agencies
In GSM cellular networks, an absolute radio-frequency channel number (ARFCN) is a code that specifies a pair of physical radio carriers used for transmission and reception in a land mobile radio system, one for the uplink signal and one for the downlink signal. This network parameter is used to force the cell phones to send registration requests to a false BTS (IMEI/IMSI-Catcher).
Authentication Key (Ki) The Authentication Key or Ki is a 128 bit key used in the authentication and cipher key generation process. In a nutshell, the key is used to authenticate the SIM on the GSM network. Each SIM contains this key which is assigned to it by the operator during the personalization process. The SIM card is specially designed so the Ki can't be compromised using a smart-card interface.
Ciphering Key (Kc) The SIM contains the Ciphering Key generating algorithm (A8) which is used to produce the 64-bit Ciphering Key (Kc). The Ciphering Key is computed by applying the same random number (RAND) used in the authentication process to the Ciphering Key generating algorithm (A8) with the individual subscriber authentication key (Ki). The Ciphering Key (Kc) is used to encrypt and decrypt the data between the MS and BS. However, a passive GSM Interceptor can extract and calculate remotely the Ciphering Key and using it for deciphering in real time.
A broadcast control channel (BCCH) is a point to multipoint, unidirectional (downlink) channel used in the Um interface of the GSM cellular standard. The BCCH carries a repeating pattern of system information messages that describe the identity, configuration and available features of the base transceiver station (BTS).
BCCH Manipulation A special technique. GSM Interceptors (IMEI/IMSI-Catchers) uses BCCH manipulation to give a "virtual power" effect of up to several hundred watts. By doing that, a GSM Interceptor will trick the handsets, which will always choose the "BTS" with the strongest signal. As well, by changing Cell ID (all other network parameters remains the same - MCC, MNC, LAC) and ARFCN, the Interceptor is forcing the cell phones within the area to send registration requests, collecting this way phones identifiers: IMSI, IMEI, classmark, etc.
The Base Transceiver Station contains the equipment for transmitting and receiving radio signals (transceivers), antennas, and equipment for encrypting and decrypting communications with the base station controller (BSC).
Carrier/Provider A company that provides GSM telecommunications services.
In personal communications systems (cellular mobile phone systems) a cell is the geographic area served by a single base station. Cells are arranged so that base-station frequencies can be reused between cells. The area surrounding a cell site. The area in which calls are handled by a particular cell site.
Cell ID A GSM Cell ID (CID) is a generally unique number used to identify each Base transceiver station (BTS) or sector of a BTS within a Location area code (LAC) if not within a GSM network. In some cases the last digit of CID represents cells' Sector ID. This network parameter is used in so called BCCH manipulation by GSM Interceptors. By changing Cell ID (all other network parameters remains the same - MCC, MNC, LAC) and ARFCN, the system is forcing the cell phones within the area to send registration requests, collecting this way phones identifiers: IMSI, IMEI, classmark, etc.
Cell Site The transmission and reception equipment, including the base station antenna, that connects a cellular phone to the network.
Channel Coding Channel coding is the technique of protecting message signals from signal impairments by adding redundancy to the message signal.
Core Network (UMTS). The Core Network is divided in circuit switched and packet switched domains. Some of the circuit switched elements are Mobile services Switching Centre (MSC), Visitor location register (VLR) and Gateway MSC. Packet switched elements are Serving GPRS Support Node (SGSN) and Gateway GPRS Support Node (GGSN). Some network elements, like EIR, HLR, VLR and AUC are shared by both domains. The Asynchronous Transfer Mode (ATM) is defined for UMTS core transmission. ATM Adaptation Layer type 2 (AAL2) handles circuit switched connection and packet connection protocol AAL5 is designed for data delivery. The architecture of the Core Network may change when new services and features are introduced. Number Portability DataBase (NPDB) will be used to enable user to change the network while keeping their old phone number. Gateway Location Register (GLR) may be used to optimize the subscriber handling between network boundaries. MSC, VLR and SGSN can merge to become a UMTS MSC
Frequency Division Duplex. FDD requires two separate wireless communications channels on separate frequencies, one for transmit and the other for received data.
GSM 1800 The GSM 1800 band provides for a GSM uplink in the range 1710-1785 MHz, a GSM downlink in the range 1805-1880 MHz.
GSM 1900 The GSM 1900 band provides for a GSM uplink in the range 1850-1910 MHz, a a GSM downlink in the range 1930-1990 MHz
GSM 900 The GSM 900 band provides for a GSM uplink in the range 890-915 MHz, a a GSM downlink in the range 935-960 MHz.
GSM Air Interface The GSM air interface operates in the UHF frequency band.
GSM Architecture A GSM network consists of the mobile station, the base station system, the switching system, and the operation and support system. GSM Base Station System (BSS) The GSM base station system (BSS) provides the interface between the GSM mobile phone and other parts of the GSM network.
GSM Channels GSM provides two types of channel: traffic channels and signaling channels.
GSM Handover Handover refers to the process by which a GSM mobile phone's affiliation is transferred from one base station to another.
GSM Security GSM provides a number of security services, including authentication, key generation, encryption and limited privacy.
The International Mobile Station Equipment Identity or IMEI is a number, usually unique, to identify 3GPP (i.e., GSM, UMTS and LTE) and iDEN mobile phones, as well as some satellite phones. On most phones you can dial *#06# to see this number. The IMEI number is used by a GSM network to identify valid devices and is only used for identifying the device and has no permanent or semi-permanent relation to the subscriber. It is also used by IMEI/IMSI-Catchers / GSM Interceptors in order to identify your phone and performing call interception.
IMSI-Catcher IMSI-Catcher is essentially a fake mobile tower acting between the target mobile phone(s) and the service providers real towers. As such it is considered a Man In the Middle (MITM) attack. It is used as an eavesdropping device used for interception and tracking of cellular phones and usually is undetectable for the users of mobile phones. Such a virtual base transceiver station (VBTS) is a device for identifying the International Mobile Subscriber Identity (IMSI) of a nearby GSM mobile phone and intercepting its calls. The IMSI-Catcher masquerades as a base station and logs the IMSI numbers of all the mobile stations in the area, as they attempt to attach to the IMSI-Catcher.
Location Area Code, unique number broadcast by a "base transceiver station" in GSM. A "location area" is a set of base stations that are grouped together to optimize signaling. Typically, tens or even hundreds of base stations share a single Base Station Controller (BSC) in GSM, or a Radio Network Controller (RNC) in UMTS, the intelligence behind the base stations. The BSC handles allocation of radio channels, receives measurements from the mobile phones, controls handovers from base station to base station.
LNA Low-noise amplifier. A low-noise amplifier (LNA) is an electronic amplifier that amplifies a very low-power signal without significantly degrading its signal-to-noise ratio. An amplifier increases the power of both the signal and the noise present at its input. LNAs are designed to minimize additional noise.
MCC Mobile Country Code (MCC), used in wireless telephone network station addressing.
A Mobile Network Code (MNC) is used in combination with a mobile country code (MCC) (also known as an "MCC / MNC tuple") to uniquely identify a mobile phone operator/carrier using the GSM/LTE, CDMA, iDEN, TETRA and UMTS public land mobile networks and some satellite mobile networks.
MSISDN is a number uniquely identifying a subscription in a GSM or a UMTS mobile network. Simply put, it is the telephone number to the SIM card in a mobile/cellular phone. This abbreviation has several interpretations, the most common one being "Mobile Subscriber Integrated Services Digital Network-Number". See also Silent Call.
Silent Call In terms of GSM interception, a silent call is a call originated from the GSM Interceptor to a specific IMEI/IMSI, in order to make correlations between IMEI/IMSI and MSISDN (Mobile Subscriber Integrated Services Digital Network-Number, which is actually the telephone number to the SIM card in a mobile/cellular phone). By using the silent call, an GSM Interceptor can find out a certain phone number allocated to a specific IMEI/IMSI. Silent calls are a result of process known as pinging. This is very similar to an Internet Protocol (IP) ping. A silent call cannot be detected by a phone user. Not to be confused with Spy Call, which mean listen to phone surroundings.
Silent SMS Many foreign police and intelligence services use clandestine "Silent" SMS to locate suspects or missing persons. This method involves sending an SMS text message to the mobile phone of a suspect, an SMS that goes unnoticed and sends back a signal to the sender of the message.
Time Division Duplex. TDD uses a single frequency band for both transmit and receive. Then it shares that band by assigning alternating time slots to transmit and receive operations. The information to be transmittedwhether its voice, video, or computer datais in serial binary format. Each time slot may be 1 byte long or could be a frame of multiple bytes.
The Temporary Mobile Subscriber Identity (TMSI) is the identity that is most commonly sent between the mobile and the network. TMSI is randomly assigned by the VLR to every mobile in the area, the moment it is switched on. The number is local to a location area, and so it has to be updated each time the mobile moves to a new geographical area. The network can also change the TMSI of the mobile at any time. And it normally does so, in order to avoid the subscriber from being identified, and tracked by eavesdroppers on the radio interface. This makes it difficult to trace which mobile is which, except briefly, when the mobile is just switched on, or when the data in the mobile becomes invalid for one reason or another. At that point, the global "international mobile subscriber identity" (IMSI) must be sent to the network. The IMSI is sent as rarely as possible, to avoid it being identified and tracked
UMTS Terrestrial Radio Access Network. Wide band CDMA technology was selected to for UTRAN air interface. UMTS WCDMA is a Direct Sequence CDMA system where user data is multiplied with quasi-random bits derived from WCDMA Spreading codes. In UMTS, in addition to channelisation, Codes are used for synchronisation and scrambling. WCDMA has two basic modes of operation: Frequency Division Duplex (FDD) and Time Division Duplex (TDD).