Countering the parking lot attack: employing monopulse radar methods to detect and geo-locate RF targets operating in the 2.4 GHz ISM band
Many attacks on information systems occur when an adversary exploits wireless networking technology to remotely gain access to sensitive or confidential data housed within a targeted facility. Where such attack vectors exist, even the most stringent physical security safeguards can fail in preventing an attacker from executing a stand-off attack aimed at compromising facility systems. This class of attack, where the attacker remains positioned outside the physical confines of a facility and instead penetrates a network using a wireless vulnerability, is commonly referred to by security researchers as the “Parking Lot Attack”.
In this work, we present a scheme deploying an integrated network of sensors intended to detect and geo-locate any wireless emitter attempting the Parking Lot Attack. A novel feature of our system is the use of monopulse radar methods to assign Line-of-Bearing estimates to any detected RF target. Our design provides for a series of cooperative, mechanically steered, detection sensors each employing a remotely controlled monopulse antenna array. Combining the Line-of-Bearing estimates obtained from multiple detection sensors supports the processing functionality required to geo-locate any RF station actively transmitting within range of our system.
Our research program encompasses three facets, presented as separate chapters in this dissertation. We first describe our system design and architecture, and then we proceed into a quantitative study focused on analyzing the performance of a prototype detection sensor we developed to support field-operational experimentation. We also constructed a software model of our detection system, suitable for simulation studies. We describe how the simulation toolset can be utilized to answer questions about system deployment and operational strategy.