SNIFFER FOR LOST MOBILE PHONES

Submitted in partial fulfilment of the requirements for the award of the degree of

Bachelor of Technology
In
Electronics and Communication Engineering
by

DEDIPYA HANUMANOLA
PIN No. – 2210416215
Dept.of ECE
Under the Supervision of

Mr. M.Naresh Kumar

Assistant Professor

Dept.of ECE

Department of Electronics and Communication Engineering

GITAM School of Technology

GITAM Deemed University

Hyderabad Campus

2018-19
 GITAM School of Technology
Deemed to be University
(Estd.u/s 3 of the UGC Act, 1956)

Hyderabad Campus

Accredited by NAAC with ‘A+’ Grade

Rudraram Village, Patancheru Mandal, SangareddyDist

Department of Electronics and Communication Engineering

-----------------------------------------------------------------------------

CERTIFICATE

This is to certify that the Technical Seminar work entitled "MULTICORE PROCESSOR" being
submitted by ‘H.DEDIPYA'(PIN No:2210416215) for partial fulfilment of the requirement for the award
of Bachelor of Technology in Electronics and Communication Engineering to GITAM School of
Technology, GITAM Deemed University,Hyderabad campus during the academic year 2018 - 2019 is a
record of bonafide piece of work, undertaken by him/her the supervision of the undersigned.
 DECLARATION

We submit the Technical Seminar Report entitled "SNIFFER FOR LOST MOBILE PHONES"
to GITAM School of Technology, Hyderabad in partial fulfilment of the requirements for the
award of the degree of Bachelor of Technology in "Electronics and Communication
Engineering". We declare that it was carried out independently by us under the guidance of
(Mr. Bhaskar Srinivas), Assistant Professor, GITAM Hyderabad

Place: Dedipya.H
Date: 2210416215
 ABSTRACT

The sniffer is a small base station, it includes transceiver section. It should operate at a frequency
that is much different from the frequency of the current cell in which the operation of detection is
being carried out. Some of the main important things are the frequency that has to be generated
by the transceiver section is around 900MHz range which is a VHF range and it is necessarily to
design the oscillator circuit for that frequency range .Another important is the cooling that has to
be provided to the circuit while designing the circuit that is to be operated at 900MHz range of
frequency.

Hence proper design of base station is an important thing in the design of the sniffer. Mobile
phones as well as the base station has low power transmitter is also transmitting at low power.
The transmitter of the sniffer has to be a low power transmitter. This helps in the process of
reducing the interference of the device with the devices that are in the other cells.

1
INTRODUCTION
One of the most interesting things about cell phone is that it is really a radio an extremely
sophisticated radio, which uses some band of frequency that has the basic working similar to the
ordinary cordless phone. The mobile cellular communication has been appreciated since its birth
in the eary 70’s and the advancement in the field of VLSI has helped in designing less power,
smaller size but efficient transceiver for the purpose of communication. But however the
technology has not yet answered the loss or misplacement of the lost mobile phone which is
significantly increasing. In this paper we discuss the problem and the probable solution that
could be done. The IMEI number is a unique number that is embedded in the mobile phone the
main purpose of which is the blocking of calls that is made by unauthorized person once the
mobile is reported as stolen but here we use it effectively for the purpose of detection.

International Mobile Equipment Identity

The International Mobile Equipment Identity or IMEI is a number, usually unique, to

identify 3GPP and iDEN mobile phones, as well as some satellite phones. It is usually found
printed inside the battery compartment of the phone, but can also be displayed on-screen on most
phones by entering *#06# on the dialpad, or alongside other system information in the settings
menu on smartphone operating systems.

GSM networks use the IMEI number to identify valid devices, and can stop a stolen phone from
accessing the network. For example, if a mobile phone is stolen, the owner can have their
network provider use the IMEI number to blacklist the phone. This renders the phone useless on
that network and sometimes other networks, even if the thief changes the phone's subscriber
identity module (SIM).

The IMEI only identifies the device and has no particular relationship to the subscriber. The
phone identifies the subscriber by transmitting the International mobile subscriber identity
(IMSI) number, which it stores on a SIM card that can, in theory, be transferred to any handset.
However, the network's ability to know a subscriber's current, individual device enables many
network and security features

2
IMEI and the law
Many countries have acknowledged the use of the IMEI in reducing the effect of mobile phone
thefts. For example, in the United Kingdom, under the Mobile Telephones (Re-programming)
Act, changing the IMEI of a phone, or possessing equipment that can change it, is considered an
offence under some circumstances. In the United States, changing the IMEI of a phone is not
illegal. A bill was proposed to Congress by Senator Chuck Schumer in §3186 of the 112th
Congress in 2012 but has not been approved.

IMEI blocking is not the only way to fight phone theft. For example, Singapore's regulator does
not require mobile operators to implement phone blocking or tracing systems, IMEI-based or
other. The regulator has expressed doubts about the effectiveness of this kind of system in the
context of the mobile market in Singapore.Instead, mobile operators are encouraged to take
measures such as immediate suspension of service and replacement of SIM cards in case of loss
or theft.

The existence of a formally allocated IMEI number range for a GSM terminal does not mean that
the terminal is approved or complies with regulatory requirements. The linkage between
regulatory approval and IMEI allocation was removed in April 2000, with the introduction of the
European R&TTE Directive.Since that date, IMEIs have been allocated by BABT (or one of
several other regional administrators acting on behalf of the GSM Association) to legitimate
GSM terminal manufacturers without the need to provide evidence of approval.

Blacklists of stolen devices

When someone has their mobile equipment stolen or lost, they can ask their service provider to
block the phone from their network, and the operator does so if required by law. If the local
operator maintains an Equipment Identity Register (EIR), it adds the device IMEI to it.
Optionally, it also adds the IMEI to shared registries, such as the Central Equipment Identity
Register (CEIR), which blacklists the device with other operators that use the CEIR. This
blacklisting makes the device unusable on any operator that uses the CEIR, which makes mobile
equipment theft pointless, except for parts.

To make CEIR blacklisting effective, the IMEI number is supposed to be difficult to change.
However, a phone's IMEI may be easy to change with special tools. In addition, IMEI is an un-
authenticated mobile identifier (as opposed to IMSI, which is routinely authenticated by home
and serving mobile networks.) Spoofed IMEI can thwart all efforts to track handsets, or target
handsets for lawful intercept.
Australia was the first nation to implement IMEI blocking across all GSM networks, in 2003]In
Australia the Electronic Information Exchange (EIE) Administration Node provide a blocked
IMEI lookup service for Australian customers

In the UK, a voluntary charter operated by the mobile networks ensures that any operator's
blacklisting of a handset is communicated to the CEIR and subsequently to all other networks.
This ensures that the handset is quickly unusable for calls, at most within 48 hours.

All UK Police forces, including the Metropolitan Police Service actively check IMEI numbers of
phones found involved in crime, against the National Mobile Property Register (NMPR). The
NMPR draws its information from many property databases. One of the databases consulted is
Immobilise, which allows optional (and free) registration of devices by the public. Such
registration ensures that a device coming into police possession may be easily reunited with its
registered owner.

In New Zealand the NZ Telecommunications Forum Inc provide a blocked IMEI lookup service
for New Zealand consumers. The service allows up to three lookups per day and checks against a
database that is updated daily by the three major mobile network operators. A blocked IMEI
cannot be connected to any of these three operators.

In Latvia the SIA "Datorikas institūts DIVI" provide a blocked IMEI lookup service for checks
against a database that is updated all major mobile network operators in Latvia.

In some countries, such blacklisting is not customary. In 2012, major network companies in the
United States, under government pressure, committed to introducing a blacklisting service, but
it's not clear whether it will interoperate with the CEIR. GSM carriers AT&T and T-Mobile
began blocking newly reported IMEIs in November 2012. Thefts reported prior to November
2012 were not added to the database. The CTIA refers users to websites at
www.stolenphonechecker.org[18] and the GSMA where consumers can check whether a
smartphone has been reported as lost or stolen to its member carriers. It's unclear what the
relationship between the former and any national or international IMEI blacklists.

It is unclear whether local barring of IMEI has any positive effect, as it may result in
international smuggling of stolen phones.
Limitations
IMEIs can sometimes be removed from a blacklist, depending on local arrangements. This would
typically include quoting a password that was chosen at the time the blacklisting was applied.

Lawful interception
A target for lawful interception (wiretapping) can be specified by its IMEI number as well as
IMSI and MSISDN.

DESIGNING FOR THE SNIFFER

As stated this proposal is about the detection of lost mobile phone and for this purpose we are
designing a new device called the Sniffer. The sniffer device has to be designed precisely and
size should be reduced for easy mobility for the purpose of detection. The device can be called as
a mobile base station that includes the following important components:

1. Sniffer base station

2 .Unidirectional antenna

3 .Tracking software
SNIFFER BASE STATION:

The sniffer is a small base station, it includes transceiver section. It should operate at a frequency
that is much different from the frequency of the current cell in which the operation of detection is
being carried out. Some of the main important things are the frequency that has to be generated
by the transceiver section is around 900MHz range which is a VHF range and it is necessarily to
design the oscillator circuit for that frequency range .Another important is the cooling that has to
be provided to the circuit while designing the circuit that is to be operated at 900MHz range of
frequency. Hence proper design of base station is an important thing in the design of the sniffer.
Mobile phones as well as the base station has low power transmitter is also transmitting at low
power. The transmitter of the sniffer has to be a low power transmitter. This helps in the process
of reducing the interference of the device with the devices that are in the other cells.

DESIGN OF UNIDIRECTIONAL ANTENNA:

Though the transceiver in a sniffer plays an important role in the detection of the mobile phone
but however it is the directional antenna that has a major role in the design of the transmitter.
The directional antenna acts as the eyes for the sniffer for the purpose of the detecting the lost
mobile phones. Hence the proper design of the directional antenna is required. Antenna is a
device which works at specified frequencies range for transmitting or receiving the data signal.
In general, antennas transmit power depending on lobe pattern which varies from one antenna to
the other. The lobe pattern is a two dimensional diagrams that is used to show radiation pattern.
Radiation pattern of directional antenna is shown in fig1.
A directional antenna or beam antenna is an antenna which radiates or receives greater power in
specific directions allowing increased performance and reduced interference from unwanted
sources. Directional antennas provide increased performance over dipole antennas—or
omnidirectional antennas in general—when greater concentration of radiation in a certain
direction is desired.

A high-gain antenna (HGA) is a directional antenna with a focused, narrow radiowave beam
width. This narrow beam width allows more precise targeting of the radio signals. Most
commonly referred to during space missions, these antennas are also in use all over Earth, most
successfully in flat, open areas where no mountains lie to disrupt radiowaves. By contrast, a low-
gain antenna (LGA) is an omnidirectional antenna with a broad radiowave beam width, that
allows the signal to propagate reasonably well even in mountainous regions and is thus more
reliable regardless of terrain. Low-gain antennas are often used in spacecraft as a backup to the
high-gain antenna, which transmits a much narrower beam and is therefore susceptible to loss of
signal.
All practical antennas are at least somewhat directional, although usually only the direction in
the plane parallel to the earth is considered, and practical antennas can easily be omnidirectional
in one plane. The most common types are the Yagi antenna, the log-periodic antenna, and the
corner reflector antenna, which are frequently combined and commercially sold as residential TV
antennas. Cellular repeaters often make use of external directional antennas to give a far greater
signal than can be obtained on a standard cell phone. Satellite Television receivers usually use
parabolic antennas. wavelength frequencies, tower.

In addition to this it is necessary that the transmitter should be a low power transmitter. The Gain
and directivity are intimately related in antennas. The directivity of an antenna is a statement of
how the RF energy is focused in one or two directions. Because the amount of RF energy
remains the same, but is distributed over less area, the apparent signal strength is higher. This
apparent increase in signal strength is the antenna gain. The gain is measured in decibels over
either a dipole (dBd) or a theoretical construct called an Isotropic radiator (dBi).

The isotropic radiator is a spherical signal source that radiates equally well in all directions. One
way to view the omni directional pattern is that it is a slice taken horizontally through the three
dimensional sphere. The graphical representation of Radiation pattern of the unidirectional
antenna is shown in figure. The spherical co-ordination system has three main components for
the pattern representation and they are (R, _ , _ ) .The shape of the radiation system is
independent of R, as long R is chosen to be sufficiently large and much greater than the
wavelength as the largest dimension of the antenna. The magnitude of the field strength in any
direction varies inversely with R. A complete radiation pattern requires the three dimensional
representation.

The other factors that are to be taken into account during the development of the antenna for the
sniffer should be the gain and the directivity .As these features have a greater effect while
designing the antenna. The gain of the antenna is defined as the ability of the antenna to radiate
the power in a particular direction. The power radiated per unit area in sany direction is given by
the pointing vector and is equivalent to E2/_2 W/m2

Total of the power that is being radiated by the antenna is given as

W=__d_

The average power that gets radiated is given as _(avg)=W/4_ (watts per steradian) The
Directivity of the antenna is the direction in which there is maximum gain for the radiation that is
being radiated, the gain of the antenna is given as a function of the angles. The directivity value
is constant for a particular direction. In addition to the directivity and the gain of the antenna the
other important thing that has to be taken into account is the power that is being radiated by the
antenna. The total power is given as W and is the summation of the radiated power and the
ohmic loss of the antenna. Here the Wl represents the ohmic losses of the antenna.

Wt=Wr+Wl
The power gain of the antenna is given as

gp=4__/wt

The ratio of power to the directivity is referred as a measure of efficiency of the antenna

gp/gd=Wr/(Wr+Wl)

The power radiated by the antenna should be properly designed as this causes more penetration
of the electromagnetic radiation and thus it might have some effect in the near by cells. The
effective area of the antenna is another important factor that is mainly required in the receiving
antenna and it may be referred as the effective aperture or capture area and is related to the
directive gain of the antenna through the relation A=gd_2/4

Since the sniffer device that is constructed is a device that has both the transmitting and the
receiving antenna. Effective gain has to be taken into account and this shows the ability of the
antenna to capture the signal that the lost mobileis transmitting.

The directivity of antenna is a statement of how the RF energy is focused in one or two
directions, because the amount of RF energy remains the same, but it is distributed over a less
area, the apparent signal strength is higher.This apparent increase in signal strength is the
antenna gain.The gain is measured in decibels over either a dipole (dBd) or theoretical construct
called anisotropic radiator(dBi).The isotropic radiator is a spherical signal source that radiates
equally well in all directions.One-way to view the Omnidirectional pattern is that it is it is a slice
taken horizontally through the three dimensional sphere.
SOFTWARE FOR THE TRACKING:

The software part plays a major role in the tracking of the lost mobile phone It is the base for the
antenna to track the lost mobile the main feature of this software is that it helps in the process of
creation of the data base and this is mainly done using a Random Access Memory. The mobile
phone that is lost has certain IMEI number that is embedded in the chip. This RAM of the sniffer
device stores the IMEI number of the lost mobile phone. Thus this acts as a data base or the
directory of the lost mobile phone number/The software that is to be designed in such a way that
the software has the input as the IMEI number of the lost mobile phone from the RAM and this
ID done using the SQL query that fetches the IMEI number.

After getting the input of the lost mobile phones IMEI number it checks the comport for getting
the information whether it obtains any signaling information from the lost device that might
respond to the signal sent by the sniffer The programming is done with C or Java. However the C
is most preferred as it is easily embedded with the chips. With VB the front end is designed. The
oracle SQL is the back end as it helps in retrieving the input data from the RAM using the query.
But however the sample program that we have designed does not use the oracle it takes the input
directly from the keyboard and this is an example and a dummy program that has been created
that helps in the understanding of how the device would work.
Working Of The Sniffer Device

The sniffer is basically a transceiver that works in the frequency which is in the special unused
range that is operated by the service provided or it can designed to operate at a frequency that is
of much different frequency than the one that is being used by the nearby cells as there may be
possibility of interference by the device with the devices in the nearby cells. The working for the
device is as follows. The fig 2 &3 shows the working of the sniffer ; as given in the fig2 it gives
the normal operation of the mobile with the base station and there is a BTS that acts as a middle
man in the process of communication between the mobile and the MTSO which is popularly
known as MSC or Mobile Switching Centre .

There is always a two way communication between devices and before the establishment of the
communication the authentication of the SIM card that has the IMSI or the International Mobile
Subscriber Identifier .This IMSI number helps in the authorization of the user. The second
authentication is the authentication of the handset, which is done in EIR or the Equipment
Identifier Register. This register is located at the MSC and it contains the IMEI number of the
lost handset and if the signal is obtained from the normal one then the two way communication is
established. The IMEI of the lost mobile phone number once has been reported to the service
provider, who keeps in track of the record of lost mobile phones.

The MTSO or the MSC which keeps in track of all the mobile phones with IMEI number and the
IMSI number has the information of the lost mobile phones location which means the location of
the cell where the lost device is because of the two way communication with the device the BTS
of the lost device is known to MSC. From this information regarding the cell in which the device
is located the sniffer device is introduced.

After the information regarding the IMEI number of the lost device is provided by the MTSO or
MSC .This is then fed into the sniffers main memory the sniffer's located in particular cell gets
into action of detecting the lost device. The sniffer uses a frequency that is different from the one
that is being used by the base station and the located nearby cells .The base station disconnects
the connection with the lost mobile phone, as there is a request regarding this action from the
EIR part of the MSC. This causes the lost device to search the BTS to get locked with since each
base station does not have authorization capability the lost device send appropriate connection
request signal. Now when the sniffer device is being deployed and this device has in built
authorization capability the lost device finds the sniffer to get itself locked to the frequency of
the sniffer .
Since the boom of the mobile phone for the purpose of the communication there has been a large
no. of complaints regarding the mobile phone that is being lost and there has been no effective
method developed for detecting the lost device. The given paper dealt about the idea of
development "Sniffer for the detection of lost Mobile phones" paves a way by means of which
the lost mobile phones can be recovered. But the process of detection is yet to be developed
through the software and demo has been developed and is with the authors.

The demo has been written in VB that gives the over view of how the lost mobile is being
detected and the software has been written in C. The SQL has to be used for the purpose of
querying and the internal architecture is of lesser complexity compared to the base station as this
mainly involves the control signal and there is no need for the voice process. The design
involved the following: Design of the sniffer base station design of unidirectional l antenna,
development of software for tracking. Though this method appears to be a little bit complex
involving the design of the sniffer but however for large scale detection the overall effective cost
of the design and the detection scales down.

There are certain boundary conditions or criteria that have to be qualified for the identification of
the lost mobile like the power of the mobile should be good enough , the mobile phone should
not be in the shadow region etc., but however this method can be improved by using modern
technologies and devices.
Merits and Demerits:

Each and every technology has its own merits and demerits, at times the merits overcome the
demerits and at other it is vice versa. Though the sniffer device for the mobile phones has it’s
own merits in terms for the of using the IMEI number for the detection of lost mobile, the
frequency that it uses is high frequency in the range of 850-950 MHZ where there is a slight
effect of the reflection of the signal from the ground, but however the effect is less pronounced
and the other demerit here is that even though the directivity of the antenna is less the distance of
the propagation should be restricted and the device is handheld andautomated one. But
howeverthis new technique that provides a light for the detection of the lost mobile
phones.Because network sniffers are able to monitor all traffic passing through a connection,
they are very useful for monitoringand analysis of a specific network. Networks are becoming
more and more complicated as they expand, and it’s a very time consuming and tiresome task to
pin point a problem. New technology for network sniffers now allows network administrators to
capture, decode, and analyze packets in real time.With this technology, a system captures
packets off the network, decodes them into human-readable format, runs the packet through an
expert system for analysis, and finally displays the information to the administrator. Today a
network administrator might be alerted to a network issue before users experience any significant
problems.In EtherPeek NX, for example, packets can be grouped together by source address,
destination address, port, conversation, and protocol tokens. With this feature, analyzing
specificnetwork communications no longer requires poring over logs and having hard time
searching in a log file, but is as easy as a click of the mouse.
CONCLUSION

Sniffer technology is very useful in case of the mobile stealing. This technology works on the
frequency that is usually used for military purposes. The technology contains its tracking
softwares that make it very popular among theft detecting techniques.The design involved the
following steps:·Design of a sniffer base station.·Design of unidirectional antenna.·Development
of software for tracking a lost mobile phone.The idea of development “Sniffer for the detection
of lost Mobile phones” paves away by means of which the lost mobile phones can be recovered
.Let all of us hope for the advancement of thetechnology in this domain which will be very
helpful for each andevery persons who are lost mobiles.Though this method appears little bit
complex involving the design of the sniffer but however the large-scale detection the overall
effective cost of thedesign and detection scales down. Though there are certain boundary
conditions or criteria that have to be qualified for the identification of lost mobile like the power
of the mobile should be good enough. The mobile phone should not be in the shadow region etc.,
but however this method can be improved by using modern technologies and devices.
REFERENCES
[1] Network Sniffers,Alan Joch, 2001(Intro&Use.doc).

[2] http://www.infoworld.com/articles/tc/xml/01/12/03/011203tcpackets.

[3] Mandy Andress, 2001 (get to know your

network.htm).http://online.securityfocus.com/infocus/1549.

[4] MathiewTanase, 2002 (SecurityFocus Home infocus Sniffers what they are and how to
protectyourself.htm).

[5] http://123seminarsonly.com/Seminar-Reports/043/78605740-
Whitepaper.pdf[6]http://www.itpathshala.com/forums/showthread.php?114-Detection-of-lost-
mobile-Seminar-reports-amp-ppt-downloads-for-btech-
students&s=f857b08ed3ab10cbccb934bd46895500