Wifi Jammer Detector?

Moderators: grovkillen, Stuntteam, TD-er

Post Reply
Message
Author
Oetsch
Normal user
Posts: 139
Joined: 13 Jul 2020, 12:10

Wifi Jammer Detector?

#1 Post by Oetsch » 17 Sep 2021, 20:35

Hi
currently I´m reading much to get into the topic of possibilities to create simple alarm central by the usage of standard devices.

So very soon I recognized that wifi/zigbee operated deviced by battery are optimized for low energy consumption and it is not possible make use of them because of non gauranteed cycle time of the data, they normaly transmit new information when they are chaneged. So every hour one signal is not unusual.
Therefore this sensores become unusable for alarm purpose because it´s not possible to differentiate if the 2,4GHz signal is disturbed by a jammer or simply no change. Now I found sensors for jammer detection which can switch a dry relay contact in case they detect a 2,4GHz Jammer.

For my understanding this is a special way of analyzing the 2,4GHz band and changes in this band. Do you have an idea if this is also possible by a esp8266 and maybe use of ESPEasy (wifi environment scanner) to detect such changes/jammer in action?

My feeling is that for a whole buildung one jammer detector might not be enough so maybee several esp8266 units are required?

To be honest I do not have idea how complex this is and maybe you can help to discuss to get an idea.

Thx and best regards.

Edit: Of course a ESP32 with ethernet should be used to transmitt the jammer detection alarm because ESP8266/wifi is disturbed and cannot be used.

TD-er
Core team member
Posts: 5524
Joined: 01 Sep 2017, 22:13
Location: the Netherlands
Contact:

Re: Wifi Jammer Detector?

#2 Post by TD-er » 18 Sep 2021, 15:07

There are many ways to jam a signal, but it basically comes down to 2 methods:
- Prevent receiving of signals
- Prevent to make of keep a connection.

The first one is rather difficult to do it right.
It is like shouting really hard, so you cannot hear those speaking at lower volume.
Only you need to do that on all channels you want to jam and it may need quite some power.
You can optimize it to only start jamming when you receive the first packet, but that may still allow the first packets to be received.
Also you need to place the jammer close to the receiver.

Preventing to make or keep a connection is simpler, but really hard to detect.
It can be used to target specific devices to "annoy".
The way it operates is however specific to protocols.
So such a jammer for WiFI is not one for Zigbee and vice verse.

A 'disconnect jammer' for WiFi for example will send disconnect messages to a WiFi node as if it was sent by the access point.
DeAuther does exactly this: https://github.com/SpacehuhnTech/esp8266_deauther

Oetsch
Normal user
Posts: 139
Joined: 13 Jul 2020, 12:10

Re: Wifi Jammer Detector?

#3 Post by Oetsch » 18 Sep 2021, 15:19

Thx @ TD-er, think you got me wrong and I would had never expect a feedback in this direction. Don´t want to learn how to be the bad guy :)

I am really looking for a jammer detector, means somebody tries to kill my 2.4GHz network like you explained by huge power or preventing in authorisation.

My impression especially in the first case it should be possible to detect this new very strong transmitter in the wifi environment and identify this as jammer to activate an alarm. First easy step could be to save the current wifi environment at a dedicated time (by activation trigger) and in case a new participant joins, this could be a jammer. A better/additional step could be: the jammer should be more or less equal strong on each wifi channel which never should be the case for normal wifi devices. So single point of identification for a jammer that can be used? For the deauther I am not sure how to do this theoretically.

As example I found such devices: https://www.shop-alarm.de/GPS_GSM_Stoer ... acker.html

And asked myself if this could not also be done by an ESP32/ESP8266?

Of course, such a selfmade detector might not be perfect but I guess based on a good logic how jammer can be identified it should be a big improvement in security for the system.

Best regards

User avatar
ThomasB
Normal user
Posts: 892
Joined: 17 Jun 2018, 20:41
Location: USA

Re: Wifi Jammer Detector?

#4 Post by ThomasB » 19 Sep 2021, 20:17

I think periodically pinging all the critical wifi devices would be effective enough. The pings could be sent from a single ESPEasy device (a Ping plugin is available). If one or more important remote devices don't respond, then perform whatever action you need.

BTW, my DSC residential alarm has jammer detection. Most of the sensors are hardwired, but a couple are wireless (433 MHz). The wireless sensors periodically transmit to the alarm controller. If these "ping" messages aren't received in the allowed time the keypad Trouble light is turned on. Basically the same concept as I explained above.

- Thomas

Oetsch
Normal user
Posts: 139
Joined: 13 Jul 2020, 12:10

Re: Wifi Jammer Detector?

#5 Post by Oetsch » 20 Sep 2021, 11:27

Hello,
thx and based on the outcome I agree. For wifi devices this seems to be very simple and effective. Because all of my wifi devices also send data within fix cycle time I see 2 options: active checking by ping result or checking the device data if the data is updated in time. If not maybe use a counter before directly switching into alarm sequence to have a step in between to make it less sensitve/tolerant against false detection.

Also by reading this article: https://medium.com/worldsensing-techblo ... e3dd919faa
The effect/effort value seems to be good enough.

Problem I see is that this is limited to wifi devices and cannot be used e.g. for Zigbee which also operates in the 2,4GHz band.

For 433Mhz (which I have not in use) are you sure that there is fix cycle time to ping devices? My thought was that based on small cycle time the batterie usage would be also very high for 433MHz and isn´t used in this way therefore. But I´m very interested to learn about the different soltuion and pros&cons.
At the moment when we are talking about ping results and cycle time, my thought is when we want be effective this has to be checked within minutes cycle time and cycle time in hours (save battery life) would be to big. Within 1 hour most bad guys should have left again.

TD-er
Core team member
Posts: 5524
Joined: 01 Sep 2017, 22:13
Location: the Netherlands
Contact:

Re: Wifi Jammer Detector?

#6 Post by TD-er » 20 Sep 2021, 19:03

433 MHz is completely different as it is almost always 1-way traffic.
So what CoCo (KaKu in the Netherlands) devices do, is that they send the same code twice in quick succession.
On the other hand, for 433 MHz lots of people have very effective jammers without them knowing.
For example weather stations often start jamming the spectrum continuously when their batteries are almost empty.
The result is that you can't open/close your car for example.

User avatar
ThomasB
Normal user
Posts: 892
Joined: 17 Jun 2018, 20:41
Location: USA

Re: Wifi Jammer Detector?

#7 Post by ThomasB » 20 Sep 2021, 19:19

For 433Mhz (which I have not in use) are you sure that there is fix cycle time to ping devices? My thought was that based on small cycle time the batterie usage would be also very high for 433MHz and isn´t used in this way therefore.
Mine do indeed send periodic messages. The 433MHz sensors have a lithium battery that lasts several years.
For example weather stations often start jamming the spectrum continuously when their batteries are almost empty.
The result is that you can't open/close your car for example.
True that. It happened to me. Weather station's temperature sensor was outdoors, out of sight and out of mind. I used a portable spectrum analyzer to find this offending RF jammer. New batteries was all it took to stop the jamming signal. Dumb/bad design!

- Thomas

Oetsch
Normal user
Posts: 139
Joined: 13 Jul 2020, 12:10

Re: Wifi Jammer Detector?

#8 Post by Oetsch » 21 Sep 2021, 12:07

Thx. Very interesting report out of real practical usage.

So for real intrusion dection by an alarm system there are possibilities but I also found in addition to your information many reports that reported problems because of other devices also used same frequency.
Nevertheless at the moment I´m not willing to replace my existing door/window sensors and if this changed I should look for a real alarm system and will do some research which systems are well designed and a cable solution should still be first choice if possible.

For my Wifi/Zigbee sensors I have to check if it´s reasonble possible to place or use a wifi sensor close to each zigbee sensor. These wifi sensors then can be monitored (ping or data actuality) to have an indiaction if there is sth. going on. I strongly assume that in case of jammer usage for the 2,4GHz band and the zigbee sensors will stop operation the wifi sensors will also stop operation so the information can be used for both systems. Of course this is not rockstable but it is a first supportive step and better then having nothin in place.

Maybe if I´m realy interested in this I should buy such a cheap chinese 2,4GHZ jammer and test by myself the effects in my network and how many and big the effect of such jammers are to have the right countermeasurs in place.

User avatar
Ath
Normal user
Posts: 1163
Joined: 10 Jun 2018, 12:06
Location: NL

Re: Wifi Jammer Detector?

#9 Post by Ath » 21 Sep 2021, 13:36

To dive into a possible solution: (just a sketch I thought up in a few minutes)
You could set up 2 or 3 ESPEasy units, using the Ping plugin as already suggested, to test for a known external site on a regular interval.
If a quorum (in fact all units) is not able to access the configured site (Fails count incrementing) they could switch a relay to activate an alarm.
The quorum could be implemented by placing the ESP within a reasonable distance so wiring them to the relays is feasible, and by placing those relays close to each other, and use the relays serially connected so all must be on to activate the alarm.
/Ton

Oetsch
Normal user
Posts: 139
Joined: 13 Jul 2020, 12:10

Re: Wifi Jammer Detector?

#10 Post by Oetsch » 21 Sep 2021, 17:49

Thx, for my environment I guess the devices I can ping from ESP units are very limited because out of critical area for jamming.
So my idea is to use the ESP units themself if they are able to communicate and the relais in series can be done by software in the central automation system which is used for control and alarming including internet connection to send these alarms to me.

At the moment I´m using a watchdog from an ESP unit to check if the automation system is alive. This I could turn around in addition and check if dedicated data points from the ESP units are updated in time, if not use an incremental counter before the alarm situation is activated.

I do not really like to make single use of additional ESP units only for jamming detection maybe i can combine with e.g. temperature & humidity measurements and checking these data if they are updated in time will be a good idea anyway :)

Post Reply

Who is online

Users browsing this forum: No registered users and 11 guests