- Cyber sniffing of passive data
- Designed to track suspicious messages and sessions in monitored traffic
- Supports a range of pre-defined detection algorithms to spot abnormal events on GSM-R and ETCS procedures
- Sends alerts in real-time
- Conduct further analysis at protocol level in post-processing to better understand the pattern of attacks
- Uses existing hardware, where possible
Supporting cyber-attack detection
The deployment of digital rail and interconnected telecoms, interlocking and ETCS signaling systems, opens new avenues for potential security threats. NetProbe Owl is a security monitoring solution designed to be used in conjunction with NetProbe Wayside monitoring solutions. Developed as a cyber sniffing tool for a range of pre-defined tests, NetProbe Owl can track suspicious messages and sessions in monitored traffic and send alerts in real-time. Engineers can then conduct further analysis at protocol level in post-processing, to better understand the pattern of attacks.
NetProbe Owl Use Cases
- Identify calls to RBCs starting from an unauthorized BTS
- Identify ETCS connection attempts made by unauthorized SIM cards
- Identify eurobalises, reported by trains, not included in a database of known ones or detected outside the expected location
- Identify ETCS level and mode changes in unexpected positions
- Identify a high number of call attempts to an RBC over a period of time.
- Identify simultaneous calls from the same SIM card