A forensic tool to acquire radio signals using software defined radio

The adoption of radio technologies and wireless devices in our society has been increasing with the time. A wide range of devices use radio communications for sending and receiving data. The increasing number of attack vectors used in the radio field, and wireless technology’s use in recent terrorist incidents, make spectrum forensics essential to gathering intelligence, especially while the crime is still unfolding, and the attackers remain at large. When most of the wireless acquisition tools on the market work either on Wi-Fi or Bluetooth protocols, using software defined radio technology or SDR can allow us to capture signals regardless of the protocol or modulation. This paper describes the development of a forensically valid extension to the HackRF toolset which includes a SDR module capable of logging details of files for penetration testing. The tools and methods presented in this paper provide the specification and experimental validation of the SDR technology for forensic investigation of potentially vulnerable wireless devices. The two case studies reported here use radio controls to simulate intruder attacks and walkie-talkies to simulate intelligence gathering during a terrorist attack.