Pcap data collection

[cueltschey]

In this branch I have found a way to get more or less all the data we need from the UU interface without editing the UE itself.

Here is what the code will be able to do:

• collect PCAP data from srsRAN's output file
• decodes the data using the asn1 spec from 3GPP 17
• creates custom packets using scapy custom packet classes
• visualizes the data

Thus far the code can do some of everything, but I am wondering what you all think is the best approach. I am thinking that this is worth the effort because of how nice the visualizations will be. Let me know what you think.

how much data should I process? how many message types should I make custom classes for? should I enable some sort of code to highlight unusual or fuzzed data?

[cueltschey]

Here are some preliminary graphics showing how we can analyze packets going over the UU, then show the real data inside:

RRC Connection Request: This is the message that josh and I fuzzed for our paper Dedicated NAS Message: A subset of the Connection Request that carries most of the useful user data

[joshuamoorexyz]

Looks good to me. Before approving we need to make sure that this code goes in the right location in the Soft T UE Repo. I believe we can put the Attack e.g. "Fuzzing Attack" in Scripts/python-scripts/FuzzingAttack/..

[cueltschey]

Here is a much better way to decode the data that I found: test.pdf

Notice that important info is much easier to read. I think this will go a long as far as analyzing packets data more easily.