Introduction to reverse engineering of radio signals
Have you ever wondered how practical COMINT operations take place in real life? In this talk I will show how to do it by reversing the LRPT signal of an existing open-access russian weather satellite (Meteor-M 2), assuming that the channel parameters are unknown. In the process, I’ll enumerate all the signal parameters required to successfully demodulate the signal and explain (with practical examples) how to deduce them. This includes signal frequency, modulation parameters (baudrate, modulation, constellation order, etc), data encoding, forward error correction and scrambling. I will also talk about existing literature on the subject, and how feasible is to put these techniques into practice. All the code will be released to the public with the aim of being integrated with existing tools, like Suscan or GnuRadio.
I am Innovation Advisor in Tarlogic Security. In the past I have been working as pentester, cybersecurity consultant and software engineer. I used to play in CTFs in the past, played in 2010’s DEFCON on-site CTF (as a member of painsec) and reverse engineered malware and embedded firmwares for my current employer. My education was mainly focused on computer science and mathematical engineering. I maintain a bunch of open source projects on radio science, radioastronomy and digital signal processing. I also find unexplainable pleasure on receving extremely distant radio signals. The farther, the better. In fact, when I grow up there will be a day when I will have my own 25-meter radiotelescope and study FRBs. I enjoy melodic death metal, psytrance, Mike Oldfield, brew my own mead and take drama classes. I’m also studying a degree of physics in my spare time at a surprisingly slooooow pace.
PS I’m not a nerd.