Wireless Communication Security: Software Defined Radio-based Threat Assessment

  • Simon Ballantyne

    Student thesis: Master's ThesisMaster of Science by Research


    The rapid evolution of radio technology into the software defined era, has accelerated the availability of advanced radio receivers that can cover very large portions of the radio spectrum (70MHz to 6GHz) at low cost. Coupled with the democratisation of knowledge that has occurred through the internet, the threat environment for Electronic Warfare (EW) has changed markedly over the last 5
    years. Previously EW threat would have arisen from a state actor that could fund the expensive equipment and antenna arrays that would be required for the intercept and disruption of military signals activities. Instead it is now possible to download freely available software to launch EW attacks on widely publicised
    radio link standards.

    The aim of this research is to explore the security of wireless communication systems when exposed to threats generated by Software Defined Radios (SDR). The research is aimed at exploring this vulnerability due to the rapidly decreasing cost and the lowering of skill barriers to launch advanced EW attacks on wireless
    communication systems.

    The first objective was to understand what current knowledge exists on the EW threat on the RF environment, allowing an understanding of this advanced threat against wireless infrastructure. The literature review has showed that the
    vulnerabilities of wireless networks are in existence and there are potential methods of protection that have been studied, although these protection schemes do not seem to have been implemented in production quality systems.

    The second objective is to validate this prognosis against a test bed, constructed as a threat source that could be typical of a hobbyist or script kiddie, allowing two threat scenarios to be demonstrated, validating the threat source. This research
    included the execution of two laboratory based attacks against wireless systems, namely a record and replay attack against the Personal Role Radio (PRR) and a Meaconing attack against GPS. These experiments showed that a flexible Vulnerability Analysis test bed can be assembled to conduct Vulnerability Investigation against wireless standards. Specifically, this also showed the
    Vulnerability of the PRR radio against record and replay attacks.
    Date of Award2016
    Original languageEnglish
    Awarding Institution
    • Coventry University
    SupervisorSiraj Shaikh (Supervisor)


    • Cyber Security
    • Software Defined Radio
    • Waveform Vulnerability
    • Threat Assessment
    • ; Cyber Vulnerability Investigation (CVI)

    Cite this