A couple of weeks ago, I posted a video on YouTube showing how I can monitor transponder data from airplanes flying over head using a Raspberry Pi and a simple SDR (Software Defined Radio) USB dongle. You can see the video embedded at the bottom of this article. In the description for that video, I mentioned that I would share the details showing how you too can create your own ground station for monitoring transponder data also. After I posted that, I spent the next several days debating about whether or not I should show how to do this. Even though you can already find the same information on other websites, I still worried about people using this technology for malicious purposes and debated about whether or not I too should share this information. However, I finally came to the conclusion that I should provide this information for the same reasons why I got into researching this in the first place.
A couple of weeks before I posted the YouTube video, I was reading an article about how countries around the world are replacing RADAR based airplane tracking systems with a new system called ADS-B. Basically, when airplanes are tracked using the RADAR system, planes have to be close enough to the RADAR antennas that they can be picked up by the RADAR. However, this causes problems for a couple of reasons. The first reason RADAR based systems aren’t as efficient is because there are lots of places that planes can go that RADAR can’t see them. For example, when a plane flies across water (such as the Gulf of Mexico), there aren’t enough RADAR antennas within range of the planes, leaving gaps in the traffic monitoring until the planes fly within range of another RADAR antenna. Another reason RADAR based systems aren’t very efficient is that they only monitor location and direction. They are not capable of tracking altitude.
As a frequent flyer, this really disturbs me. Imagine several airplanes within the same area, an area that is always extremely congested such as Atlanta or Washington, D.C. If RADAR can’t detect the altitude of the planes in these areas, the planes are required to keep a much farther distance from each other as to prevent mid-air collisions. Because planes have to keep farther distances from one another, fewer airplanes can fly within the same area. Congested areas such as Atlanta and Washington, D.C. can’t simply build up more airports to help offset the flight traffic that comes thru these areas because flights from one airport would interfere with flights from another and so on.
To help with issues that RADAR based systems present, countries such as the U.S. have begun adding newer technologies to airplanes that use GPS to help track the location of airplanes so that their locations can be pinpointed better than RADAR based solutions can. Since most airplanes are already equipped with GPS and altimeters for identifying their location and altitude, they have also begun adding systems called ADS-B which stands for “Automatic Dependent Surveillance – Broadcast”. Instead of depending on air traffic controllers (ATC) on the ground to always track where airplanes are, the airplanes themselves are now capable of transmitting their locations back down to the ground which greatly improves the tracking and monitoring of air traffic. But, there’s a problem with ADS-B systems that worries the hell out of me and this is one of the reasons I started looking into this.
ADS-B systems transmit data from airplanes to ATC on the ground and even to other nearby airplanes. However, this data that is being transmitted is unencrypted and can be picked up by anyone with a little bit of know how. Can you see why this bothers me? I don’t like the idea that anyone with a simple rig like the one I am about to show you can monitor the precise location of all planes within their area. But, that isn’t stopping anyone from building these anyways. After all, there are thousands of operators around the world running their own transponder monitoring systems like the one shown here to gather information about flight paths and are uploading this data to sites like PlaneFinder.net. Even though many people use this for ethical purposes, I’m afraid that there are people out there that will use this information for unethical / illegal purposes.
In this article, I am only going to show you how to listen to the data that is being transmitted from airplanes. However, as you have probably already guessed, if you can read the data (since it is unencrypted), it is also possible to transmit the same data using similar methods. Because of that, I worry what would happen if someone were to transmit hundreds or thousands of ghost planes within proximity of an ATC? Since there is nothing in the data stream that identifies whether the flights are legit or not, I’m assuming that ATC would see all of these ghost planes on their screen and wouldn’t be able to distinguish between what is real and what is not. Planes in the area that are equipped with the ADS-B receivers would also pick up these ghost planes and would begin taking necessary measurements to avoid any issues which could in turn lead to other problems. That is why I finally decided to post this article. I believe that hackers like myself should collaborate on ideas that can improve this type of technology to make our skies safer, especially since I am on a plane at least twice a week. Even though others such as the FAA and DHS are (hopefully) working on ways to secure this technology and information, I believe that the hacker community can & should also help out since we have the skill sets that could “fix” this whole mess. I believe it is our duty to help improve and secure this technology to provide a safer world. So, let’s begin.
The first thing you will need for this project is of course a Raspberry Pi. Even though you can do this using a typical computer, I’ll be focusing on the Raspberry Pi just because I can. Also, the Raspberry Pi can be ran off of batteries to make it portable, is smaller than a laptop, and is easier to transport than a laptop. Plus, I am kind of on a RPi binge right now. 🙂 The RPi that I’m using is the B model which you can pick up from Amazon for about $40.00. BTW, if you haven’t read my other articles about working with the Raspberry Pi, you might want to check those out sometime as well as they contain a lot of valuable information.
The next thing you will need is an SDR (Software Defined Radio). I’ve been working with the NooElec DVB-T USB dongle that I got from Amazon for $19.95. It’s a very inexpensive receiver that works with many SDR software packages including the one I’m using here. Along with the USB dongle itself, it also comes with a 5″ antenna and remote control. After you’ve played around with monitoring transponder data, you can also use this same device for many other projects. So, it’s definitely worth the $19.95 as it can provide lots and lots of opportunities for other projects.
Once you have all of your parts and have setup & booted your Raspberry Pi for the first time, you will need to log into your RPi and start up a terminal shell. Once you have a command prompt, you will want to update your OS by issuing the following command:
sudo apt-get update
Next, you will also want to make sure your OS is upgraded to the latest version. If it’s not, you can run the following command. One word of caution here is that this command will take a while to run. So, if you want, you can actually skip this command for now if you want.
sudo apt-get upgrade
Once you have everything upgraded, you will need to install the git repository client. Many of the RPi OS’s already have git installed. But, I still want to mention it here as you’ll be needing it if you don’t already have it.
sudo apt-get install git-core
Next, you will need to issue the following commands to download, build, and install the components needed to get your SDR running.
sudo apt-get install git
sudo apt-get install cmake
sudo apt-get install libusb-1.0-0-dev
sudo apt-get install build-essential
git clone git://git.osmocom.org/rtl-sdr.git
cmake ../ -DINSTALL_UDEV_RULES=ON
sudo make install
At this point, you are ready to plug in your SDR. With your SDR connected to your RPi, run the following commands which will test the connection to the SDR.
sudo cp ./rtl-sdr/rtl-sdr.rules /etc/udev/rules.d/
Wait on your RPi to reboot and then run the test command.
If everything worked accordingly, you are ready to download and install a tool called “dump1090” which will take care of displaying all of the flight data being captured by your SDR. To do that, run the following commands:
git clone git://github.com/MalcolmRobb/dump1090.git
sudo apt-get install pkg-config
That’s it. You are now ready to run the dump1090 tool at which point you should see some actual flight data being displayed on your screen. For that, you will need to be in your “dump1090” directory at which point you will issue the following command to start dumping all data from the SDR into a table like format which makes it easy to read.
(Note: There are 2 hyphens before “interactive”.)
If everything worked accordingly, you should see something like shown in the image below.
Now that you have the flight data, there are lots of things you can do with it such as plotting the coordinates on Google Maps. You can also lookup flight information on Google like shown below.
Here is what my Raspberry Pi + SDR setup looks like.
Please use this information responsibly! Also, be sure to come back here and share your ideas with the rest of us on what we can do to improve and secure this information.
PayPal will open in a new tab.