Detecting car keyfob jamming using a Raspberry Pi and a DVB-T dongle

The use of RF jammers or blockers by criminals to break into cars is spreading – this BBC News report is from December 2016, and this from May 2017.  How can you protect yourself?  This Hackaday post describes a simple “yes/no” receiver to detect jamming on the car-keyfob frequency.  Better than nothing, but it doesn’t tell you whether you’re right in the crims’ target zone, or half a mile away.

I had been messing around with a cheap RTL-2832 DVB-T dongle, and it seemed like it should be quite straightforward to use it as a direction-finding/homing receiver to give a “warmer/colder” indication and work out exactly where a jammer was being used.  As it turned out, the software-radio bit was quite easy – the tricky part was making Linux generate simple beep-tones to indicate the signal-strength!  (anyone else fondly remember the ZX Spectrum Basic BEEP command?)

Low_cropped

Jammer-Detect running on a laptop – the bar-graph extends across the screen and changes colour to indicate RSSI on every “sample”, while beep-tones about play once a second indicating the maximum signal-strength received in the last 32 samples.

The main part of the code is written in Python 3, with the RF-power calculation implemented in C for efficiency.  It can be run on a laptop, but the real fun starts when you install it on a Raspberry Pi that fits in your pocket – a single earphone feeds you audio tones that indicate “warmer / colder”, and you can then walk or drive around an area to track down the source of a jamming signal.

Jammer_detection_setup

Pocket-size jammer-detection kit: Raspberry Pi 2 in plastic case, right-angle micro-USB cable to rechargeable power-pack, small DVB-T dongle (larger alternative in background), antenna and earphones.

How to build it

Create a Raspbian bootable micro-SD card by following the instructions here.  Raspbian Lite will boot faster than the “With Desktop” version, so I used that.

Put the micro-SD card into the Pi, and connect a monitor, USB keyboard, network cable and power-supply.  When the Pi finishes booting and shows a “raspberrypi login:” prompt, log in as “pi”, “raspberry” and execute the following commands to install required packages and download the source-code from Github:

mkdir jamdet
cd jamdet
sudo apt install git automake shtool libtool libusb-1.0 python3 python3-pip libasound-dev
wget http://www.portaudio.com/archives/pa_stable_v190600_20161030.tgz
sudo pip3 install --upgrade pip wheel setuptools
git clone https://github.com/mikeh69/librtlsdr
git clone https://github.com/mikeh69/pyrtlsdr
git clone https://github.com/mikeh69/JammerDetect

Build and install PortAudio and its Python bindings:

tar -xvf pa_stable_v190600_20161030.tgz
cd portaudio
./configure
make && sudo make install && sudo ldconfig
sudo pip3 install pyaudio

At this point you can disconnect the Pi from the Internet if you prefer to.

Now build and install the RTL-SDR library and Python bindings for it:

cd librtlsdr
autoreconf -i 
./configure
sudo rm /usr/lib/librtlsdr.*
make && sudo make install && sudo ldconfig 
cd ../pyrtlsdr 
sudo python3 setup.py install 
cd ..

Finally, install a Udev rule and driver-blacklist to allow user-mode access to the DVB-T dongle:

cd JammerDetect
sudo cp 88-dvb-t.rules /etc/udev/rules.d/
sudo cp blacklist-dvb-t.conf /etc/modprobe.d/
sudo reboot

(and log in again as pi – raspberry).  The Udev rules file also includes an “unplug” rule that tells the Pi to shut down in an orderly fashion if the DVB-T dongle is unplugged – a cleaner solution than just pulling the power!

Now try out the program.  The first time it runs, it will take a minute or so to generate the audio-tone data and save it to a file.  On subsequent runs, the tone-data will be loaded from the file, which is much quicker.  Plug in your DVB-T dongle, and type:

sudo amixer cset numid=1 100%

to set the audio-output volume to 100%, then:

cd jamdet/JammerDetect/src
python3 jammer_detect_main.py

(Press Ctrl – C to break out of the program).

To make the program run automatically when the Pi boots, do:

crontab -e

(which opens the “cron table” file in an editor), and to the end of the file add this line:

@reboot /usr/bin/python3 /home/pi/jamdet/JammerDetect/src/jammer_detect_no_ui.py

(Press Ctrl-X, Y to save and exit from the Nano editor).  This runs a version of the program that has no graphical display, just the audio tones, because an automatically-run program has no console to send graphics to.

sudo reboot

and listen to the earphone…

The centre-frequency of the band is currently hard-coded to 433.92MHz (the European car-keyfob band), but the Python script (jammer_detect_main.py or jammer_detect_no_ui.py) can simply be edited to change this to any frequency that the DVB-T dongle is able to tune to – see this page for tuning ranges of various dongles.

The antenna doesn’t have to be particularly “good”, or well-matched to the frequency of interest – if a jammer is putting out enough power to be effective, your receiver won’t need great sensitivity to pick it up!

Next bit of work might be to improve the large-area survey (driving around a city) – go back to running on a laptop, add a USB GPS puck and keep a log of signal-strength against lat/long, then generate a “heat-map” KML file to display on Google Earth…


Acknowledgements:  Thank you to Steve Markgraf for LibRtlSdr, and to “Roger” for the Python bindings.  I’m standing on the shoulders of giants…


I mentioned earlier the trouble I had generating simple audio tones.  The difficulty was in preventing unpleasant clicks at the start and end of a “beep”.  It turned out to be necessary to fade IN, as well as fade out, each tone.  audio_tones.py generates sets of samples for PortAudio to create beeps at semitone intervals – it’s completely self-contained and can be used in other projects.

Advertisements