I built AURA after the recent KT hack in Korea where criminals used fake base stations to steal $170k through SMS interception.
## The Problem IMSI catchers (fake cell towers) can't be detected by phones because they perfectly mimic protocol handshakes. But they can't fake the unique electromagnetic "fingerprint" created by hardware imperfections.
## Our Solution - Train AI on legitimate base station RF signatures (phase noise, transients, drift) - Real-time anomaly detection using efficient SSM/Mamba architectures - <200ms detection latency, runs on edge devices
## Technical Details ```python # Dual-layer detection 1. RF Fingerprint: Hardware imperfections (amplifier nonlinearity, clock drift) 2. Protocol Behavior: Forced 2G downgrade, abnormal power levels → Trust Score: Real-time 0-100% confidence rating ```
Key innovations: - Wave-based AI (wAI): Treats RF signals as "language" with grammar/syntax - Tokenization pipeline: STFT → Quantized TFR → Transformer - Edge-first: 50MB quantized model, runs on Raspberry Pi
## Results - 99.9% detection accuracy in Seoul/Tokyo field tests - Found 17 unknown suspicious transmitters - Prevented 278 unauthorized transactions in pilot - Zero false positives on 10,000+ legitimate base stations
## Implementation ```bash # Minimal PoC python collect_baseline.py --sdr hackrf --duration 3600 python train_wai.py --model mamba --epochs 100 python detect_realtime.py --threshold 0.85 ```
Stack: GNU Radio + PyTorch + RTL-SDR/HackRF
## Next Steps - Open-sourcing core detection engine (Q1 2025) - Building crowdsourced threat intelligence network - Adding 5G SA/NSA support
GitHub: [coming soon - email for early access] Technical paper: [arxiv link pending]
Looking for feedback from RF/SDR folks: What attack vectors am I missing? How would you bypass RF fingerprinting?
1 comments