- IMSI-Catcher De.. - The "Android IMSI-Catcher Detector" (short: AIMSICD) is an open-source Android-based project to detect and avoid fake base stations (IMSI-Catchers) or other base-stations (mobile a
The "Android IMSI-Catcher Detector" (short: AIMSICD) is an open-source Android-based project to detect and avoid fake base stations (IMSI-Catchers) or other base-stations (mobile antennas) with poor/no encryption in GSM/UMTS networks. AIMSICD aims to warn you when ciphering is turned off on the device, whether it has been tracked via SSMS as well as enabling several protection mechanisms.
In principle AIMSICD identifies the differences between standard operations of legit cell networks and the behavior of fake base stations, this is accomplished by:
checking the identity of the base station the device is connected to. This is basically the main failure when the GSM standard was developed, more than 20 years ago, because there is no function or component that ensures a connection with an identified base station; the only viable fallback is checking the parameters received by the base station against databases from the Internet. These databases were collected by open source projects (e.g. OpenCellID) and can be used free of charge.
finding unusual behaviour of the current base station. This can be achieved by analysing statistic calculations; a suddenly rising signal strength to an unusual level can be caused by an IMSI-Catcher, therefore we need measurements under certain conditions over a longer period of time. Although there is another way to spot unusual behaviour by monitoring the current connection protocol, this is actually not supported by the network or by the cell phone yet.
Basic requirements and recommendations to ensure a better AIMSICD experience:
• Stock AOS (many ROMs lack or have modified system locations the software depends on)
• ROOT (the software should work without it, but for Alpha-testing root is advised)
• Detect IMSI based device location tracking
• Detect and prevent the use of false BTS towers used for illegal interception
• Detect and prevent the use of broken ciphering algorithms (A5/1) during calls
• Detect and prevent remote hidden application installation
• Detect and prevent remote hidden SMS-based SIM attacks
• Provide counter measures against tracking
• Prevent leakage of sensitive GPS data
• Provide swarm-wise-decision-based cellular service interruption
• Provide secure wifi/wimax alternative data routes through MESH-like networking
• Aims to be recommended and added to the Guardian Project's list of secure Apps
• Aims to be recommended by the SSD Project of the Electronic Frontier Foundation
• Aims to be recommended by Privacy International (and like-minded organizations)
This software does NOT:
• Provide full device encryption
• Provide secure data transmission (VPN, Tor)
• Provide secure phone calls (we recommend: RedPhone)
• Provide secure SMS (we recommend: TextSecure)
• Provide secure application sand-boxing
• Provide application permission control (we recommend: XPrivacy)
• Provide firewalls (we recommend: AFWall+)
• Prevent already installed rogue applications from full access and spying
• Provide ROOT and remove bloatware (we recommend: search XDA)
This project is licensed under GPL v3+ (https://github.com/SecUpwN/Android-IMSI-Catcher-Detector/blob/master/LICENSE).