DEFCON 23 – LTE Recon and Tracking with RTLSDR

Back on Dec 5 we posted about some Defcon 23 talks that were released from the Wireless Village set of talks. Recently some more talks from other tracks have been released and one of interest to our blog is the talk by Ian Kline titled “LTE Recon and Tracking with RTLSDR”. The talk’s blurb reads:

Since RTLSDR became a consumer grade RX device, numerous talks and open source tools enabled the community to monitor airplanes, ships, and cars… but come on, what we really want to track are cell phones. If you know how to run cmake and have $50 to pick up an RTLSDR-E4000, I’ll make sure you walk out of here with the power to monitor LTE devices around you on a slick Kibana4 dashboard. You’ll also get a primer on geolocating the devices if you’ve got a second E4000 and some basic soldering skills.

DEF CON 23 - Ian Kline - LTE Recon and Tracking with RTLSDR

Tweet
Share69
Reddit
Vote
Email
69 Shares

Related posts:

  1. Software defined radio talks from Defcon 23
  2. RTLSDR Scanner Standalone Application Released
  3. RTLSDR-Airband V2 Released
  4. Triangulation of a VHF Signal with RTLSDR-Scanner
  5. Signal Mapping using RTLSDR Scanner and GPS on an iOS Device
Subscribe
Notify of
guest

5 Comments
Inline Feedbacks
View all comments
JamaicaJoe
#79936

I would like to see more explanation;
1) He is solving the receiver drift problem by daisy chaining the receiver oscillators directly together. That is fine but indicates that the receivers and antennas are separated only by a few inches or feet. How much precision can the triangulation produce at such acute angles and small timing differentials? Am I missing something?

2) The Kibana dashboard seems a bit pricey. Are there other alternatives to doing this real time? Can Excel provide a dashboard?

0
Reply
W6ZTM
#79934

The slides make me less impressed than the presentation. LTE is characterized by packets only a few milliseconds long. The minimum data packet length is 67 microseconds. So Doppler is of no use. Not sure why Doppler is the only technique he specifically mentioned in his talk, or in his slides. I would be interested in monitoring the effectiveness of these pico-cells that T-Mo (and other carriers) are getting homeowners to install. An LTE DF would be great for locating them. But this talk, and slides, give not an inkling of what capabilities are available to do that…

0
Reply
Michael Robertson
#79929

I wouldn’t exactly say I have “the power to monitor LTE devices around you on a slick Kibana4 dashboard”
It seemed like it was all feathers and no meat.

0
Reply
KD0CQ
#79927

Well, all talk and no demonstration on this video. Do you happen to have one of the later demo he mentioned, or a more in depth description of the setup?

0
Reply
admin
#79930

I guess that this presentation was maybe an intro to a workshop or something. He has more slides here, but not much info in them. https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Ian-Kline-LTE-Recon-and-Tracking-with-RTLSDR.pdf

0
Reply