Description
Here is a list of the various detection items (flags) that we wish to implement. It's for developer reference only, and the details surrounding each item should (eventually) be found in our technical developer Wiki documents. So please don't ask questions here about how they work. We have a chatroom for that, which you can ask to be added to, if you think you have something important to share or contribute with.
| DB_id | GitHub | ShortName | API | Status | NM |
|---|---|---|---|---|---|
| 1 | #253 | DBe Consistency Check | * | 1 | |
| 2 | #91 | LAC/CID Consistency | * | 2 | |
| 3 | #73 | T3212 Registrations | - | ||
| 4 | #93 | TMSI changes | - | ||
| 5 | (#96) | Ciphering Consistency | - | ||
| 6 | A5/x Downgrade | - | |||
| 7 | #100 | Neighbors Consistency | / | ||
| 7a | #264 #208 | Check BTS for the NC List | / | 1 | |
| 8 | RX signal Quality | * | * | ||
| 9 | #97 | RX Signal Strength | * | 1 | * |
| 10 | TX Signal Power | - | * | ||
| 11 | #176 | MNO RAT Consistency | * | ||
| 12 | #69 | Silent SMS/WAP Push | / | 1 | |
| 13 | #151 | Silent App Install | - | 1 | |
| 14 | Silent Calls | ? | |||
| 15 | MDM Manipulation | - | |||
| 16 | TA inconsistency | / | * | ||
| 17 | #82 | LTE/3G downgrade | * | ||
| 18 | Out-of-band usage | - | |||
| 19 | MAR out-of-bounds | * | * | ||
| 20 | #6 | FemtoCell Detection | - | 1 | * |
| 21 | #221 | QC BP Signal Jamming | - | ||
| 22 | LTE RSRQ/RSRP analysis | / |
- NM = Non Moving condition (Device must not move for this detection to work.)
[*,/,-]= Is present in AOS API?[Yes, Partially, No ]
Implementation Status:
0 / empty = not implemented
1 = work in progress
2 = implemented and complete
3 = deprecated
Q: How do we intend to use this?
A: Each item on the detection list will have 3 associated values that will be added up individually to determine the final threat level (detection status color + icon.) The 3 values are:
- p1: A "color code"; Used to give a rough measure of variable precedence.
- p2: A "Variable Interception Priority"; To what extent the variable is used to for tracking your network connections.
- p3: A "Variable Localization Priority": To what extent the variable is used to localize the victim.
Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.