An open source LTE sniffer that allows you to monitor, analyze and decode data traffic on mobile networks like no other application has allowed you to do until today.
The sniffer LTE (Long-Term Evolution) are tools used for monitoring and analyzing network traffic in fourth generation mobile networks: they allow you to examine packets in transit, control signals and gather information on the connection status. They allow you to intercept and register data packets transmitted between mobile devices and base station LTE network as well as survey network performance, signal quality, latency metrics, bandwidth, and other metrics relevant to network operation and optimization.
Importantly, using LTE sniffers for intercept network traffic may raise privacy and regulatory compliance issues. Therefore, the use of these tools must be done in compliance with data protection laws and policies.
Existing open-source LTE sniffers integrate limited functions and are not able to decode data in transit: however, a group of researchers presented and published on GitHub the LTESniffer software, the first “open” application of its category to allow passive traffic decoding both uplink and downlink. In fact, the implementation of an LTE sniffer is not trivial, as it is necessary to understand the configurations and parameters that allow to successfully decode the data flow correlated with each client. “Using different techniques, we have found mechanisms that help understand these parameters, thus improving decoding performance“, note the authors of the project.
LTESniffer is capable of capture LTE messages that are exchanged between the mobile phone tower and the smartphones connected to it: it supports the acquisition of messages in both directions but obviously cannot decode the encrypted communications at the application level. It can therefore for example allow you to scan and log all the unencrypted parts, such as MAC headers and physical layers. Furthermore, the broadcast messages sent by the tower and those exchanged at the start of the connection are completely visible.
The newly introduced LTESniffer software first decrypts the Physical Downlink Control Channel (PDCCH) to obtain the downlink control information (DCI) and temporary radio network identifiers (RNTI) of all active users. Using decoded DCI and RNTI, LTESniffer can analyze streams more deeply Physical Downlink Shared Channel (PDSCH) and ill Physical Uplink Shared Channel (PUSCH) per recover data traffic in uplink e downlink.
PDSCH e PUSH they are two physical channels used in LTE communication networks for data transmission between the base station and mobile devices. The former is used for data transmission from the network access point (base station) to mobile devices. It is a physical channel that carries useful information such as user data, control messages, and other signals necessary for network operation. PDSCH is dynamically assigned to different mobile devices within a network cell, allowing them to receive data transmitted by the base station. PDSCH transmission uses advanced modulation techniques to maximize spectral efficiency and ensure good signal quality.
PUSCH, on the other hand, is used for data transmission from mobile devices to base station: client devices rely on this channel to send user data, ACK/NACK (acknowledgment/non-acknowledgment) to acknowledge receipt of packets, control messages, and other signaling information. PUSCH is a channel shared between mobile devices within a cell which must therefore coordinate for access to the channel and for data transmission.
LTESniffer supports aEmbeddable API in research and research applications. It also ranks far above previous mobile network sniffers as none of the alternative open source products are currently capable of decrypt packets of protocol via PDSCH and PUSCH.