[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Discuss-gnuradio] Trigger 5GHz-WLAN radar detection?
|
From: |
Markus Heller |
|
Subject: |
Re: [Discuss-gnuradio] Trigger 5GHz-WLAN radar detection? |
|
Date: |
Sat, 09 Jan 2016 01:44:45 +0100 |
you can start to detect the delta time of the pulses, but please also
consider the usual staggering of about 8% in Delta t.
interval times are definitely not constant in order to allow to
distinguish between second time round signals that fall into the next
pulse period, i.e. which come from outside the radar range.
The method to tell them from echos from objects within the intrumented
radar range is a staggering scheme, by changing the moment of the
pulse.
PRFs can vary greatly. Coastal radars generally have a lower PRF
(~1500), river radars have around 3000 and short range radars may have
quite hight PRFs (5000-8000) or even higher.
The PRF depends greatly of the instrumented radar range. Radial offset
of 150km will allow a maximum prf of 1000 at most. Lower is better.
Whereas an intrumented radar range of 150m will allow a theoretical PRF
of 1*10⁶.
Another factor for the PRF is the magnetron lifetime. Generally any
radar operator will set the PRF as low as necessary.
Other modern radars (solid state) however rather use frequency shifts
and therefore generally transmit for longer periods in order to extend
lifetime of the PA stage. That's a completely different strategy again
which would exceed an explanation attempt in an email.
br / vy73
markus
dl8rds
Am Freitag, den 08.01.2016, 23:23 +0100 schrieb Jawad Seddar:
> I managed to find an old document that details the output from the
> driver and the pulses I generated.
>
>
> I tried it with 2 different pulse characteristics :
> - Pulse width of 15 μs and PRF equal to 1000 Hz
> - Pulse width of 15 μs and PRF equal to 3000 Hz
>
> Image below details the second signal (PRF = 3kHz).
> Images intégrées 1
>
> This is some log when detecting the first signal
> Images intégrées 2
>
> This is some log when detecting the second signal
> Images intégrées 3
>
>
> You can see the driver recognizes the PRF quite well.
>
>
>
>
> I hope this helps a bit,
>
> Jawad
>
>
>
>
> 2016-01-08 23:13 GMT+01:00 Jawad Seddar <address@hidden>:
> Hi Ralph,
>
>
> I did this 2 and half years ago and I basically followed the
> directions in pages 60-61 of the ETSI document linked by
> Marcus to generate the signals.
>
>
> By watching the channel on which the WiFi card was operating,
> I generated the signal at the right frequency and I could see
> the card changing frequencies. I could then access some log
> files that detailed why the frequency change happened (In this
> case it was saying that it had detected a radar with a given
> Pulse Repetition Frequency and gave some details about the
> detected signal).
>
>
> I believe I was using the ath5k drivers (see madwifi-project).
>
>
> Regards,
>
> Jawad
>
>
> 2016-01-08 22:56 GMT+01:00 Marcus Müller
> <address@hidden>:
> Hi Ralph,
>
> hm; depends, I think.
>
> So, there's two things:
> If you're referring to a channel switch announcement,
> that can be part
> of a management frame [1]. But I think it can also be
> part of a beacon
> frame. Or a probe response frame.
> Luckily, 802.11 is not confusing the least.
> Blind guess is that you should look into airprobe-ng's
> "aireplay"
> program and see whether it can synthesize such a
> frame. Basically, you
> should be able to forge at least beacon frames, which
> might be helpful
> as soon as you deauthenticated a station; a very
> common attack.
>
> More likely, even, is that you're talking about
> mimicking a fake radar.
> I guess the appropriate way to do that is probably
> sending something
> that looks sufficiently close enough to a chirp to the
> OFDM demod, I think.
> I'm too lazy to read this myself :D, so go and read
> 5.3.8.1 and
> following of ETSI EN 301 893 [2], and refer to a
> trustworthy free and
> open WiFi card driver (hint hint: atheros 9k,
> dfs_pattern_detector.c).
>
> Best regards,
> Marcus
>
> [1]
>
> https://mentor.ieee.org/802.11/dcn/10/11-10-0097-06-00ae-management-frame-analysis.xls
> [2]
>
> https://www.etsi.org/deliver/etsi_en/301800_301899/301893/01.05.01_60/en_301893v010501p.pdf
>
> On 08.01.2016 21:47, Ralph A. Schmid, dk5ras wrote:
> > Hi,
> >
> > Does anybody know how a signal must look to trigger
> a 5 GHz WLAN for a
> > frequency change? I intend testing this feature by
> transmitting a radar-like
> > signal with gnuradio, but for this I should know how
> this detection works,
> > how such a signal does look :)
> >
> > Ralph.
> >
> >
> > _______________________________________________
> > Discuss-gnuradio mailing list
> > address@hidden
> >
> https://lists.gnu.org/mailman/listinfo/discuss-gnuradio
>
>
> _______________________________________________
> Discuss-gnuradio mailing list
> address@hidden
> https://lists.gnu.org/mailman/listinfo/discuss-gnuradio
>
>
>
>
>
> _______________________________________________
> Discuss-gnuradio mailing list
> address@hidden
> https://lists.gnu.org/mailman/listinfo/discuss-gnuradio