Welcome back, my aspiring radio hackers!
Software Defined Radio (SDR) is one of the little-known, leading edges of cybersecurity!
If you have not read SDR for Hackers, Part 1 and Part 2, please do so now. There you learn how to setup and install your inexpensive software defined radio (SDR) hardware and software as well as learn a little radio fundamentals.
In this tutorial, we will be using our software defined radio to intercept aircraft communication. Aircraft communication uses AM radio signals or amplitude modulation because they can extend over long distances. Just like AM radio, you can listen to some AM radio signals over hundreds of miles under the right conditions. As aircraft are sometimes many miles or kilometers from the airport, AM signals are ideal for this type of communication.
Note that this is aircraft communication and not aircraft geographic information. We will cover that in another upcoming tutorial covering ADS-B information that includes both information about the aircraft and it’s geographic position.
Analog Aircraft Communication
The ITU assigns all frequencies in the radio spectrum. The ITU has assigned aircraft analog voice dialogue in the High Frequency (HF) band between 3-30MHz and in the Very High Frequency (VHF) band at 118-137 Mhz. High Frequency communication is capable of intercontinental communication as the signals bounce off the ionosphere.
High frequency (HF) signals are used for variety communications including amateur radio, maritime mobile, military and governmental communication, shortwave broadcasting and many others.
In this tutorial, we will be focusing upon the latter range (VHF) as the audio quality is significantly better. The High Frequency band has much lower audio quality while longer range, whereas the VHF signals are only line-of-sight but much higher audio quality.
Step #1: Open HDSDR Software
The first step is to open HDSDR. Next, set the Mode to “AM” and Frequency Manager to “Air”. Check out the arrows in the screenshot below.
To obtain the best audio quality, your sampling rate must 2x the maximum frequency of the human voice. The human voice ranges from 2hz to 20Khz, so your sampling rate should be set to 2x 20khz or greater.
Step #2: Find the Analog Communication Frequency of the Local Airport
Next, search on Google for your local airport. When you open their website, you should find the frequency that the aircraft and the control tower communicate on. The listing below is for the Farmington, New Mexico airport.
Note that Farmington Ground communicates at 121.7 KHz and Farmington Tower communicates at 118.9. To listen into their communications, navigate to either of those frequencies in the HDSDR by sliding the vertical bar to those frequencies. When you see a red spike, this indicates activity at that frequency. Move the red vertical bar to that location to listen in.
Step #3 Sample Recording of Air Traffic Controller Intercept
Here is a sample of my regional airport about 7 (11km) miles away.
You should be able to hear similar conversations from your local airport as well. If you are near a large international airport, you will likely hear a constant stream of communication from controllers and pilots as they navigate their way to and around the airport.
Summary
Software defined radio is the leading edge of information security! While using a simple and inexpensive receiver and antenna, we can intercept and listen to a variety of signals including encrypted communication (coming soon). In this tutorial, we were able to intercept communication from our local airport and listen in as the air traffic controllers guide the pilots.