The system and methods described herein aids in the defense of unmanned vehicles, such as aerial vehicles, from wifi cyber attacks. Such attacks usually do not last long and in the case of many point-to-point command and control systems, the attacks originate from close proximity to the unmanned vehicle. The system and methods described herein allow a team to rapidly identify and physically respond to an adversary trying to take control of the unmanned vehicle. Another aspect of the embodiment taught herein is to allow for the location of a wifi signal in a hands-free manner by able to visualize the source of the signal using an augmented reality display coupled to an antenna array.

A method for inhibiting jammed signal use includes: receiving a desired signal wirelessly at a receiver; receiving an undesired signal wirelessly at the receiver, the undesired signal varying in strength over time; and inhibiting measurement of the desired signal, or use of a measurement of the desired signal, based on a determination that the undesired signal is a jamming signal based on a variation of the undesired signal being indicative of jamming.

A method, a node and a detector for detecting an interfering signal in a wireless network communication system comprising a network manager and several nodes, each node (202B) comprising a detector (204) for receiving input signals from at least one antenna, a delay component (205) for delaying a received input signal, and a receiver (206RX) for determining an energy pattern of expected received input signals. The detector (204) is configured to send an alarm signal to the receiver (206RX) depending on the presence or absence of an interfering signal from an interferer 203 and an active/inactive state of the receiver (206RX).

A null steering adjuster in a stationary wireless network identifies the presence or absence of a current set of phase differences in a dataset. The dataset includes legitimate sets of phase differences detected between radio frequency signals received by multiple antennas from respective legitimate sources. The current set of phase differences is detected between radio frequency signals currently received by the antennas. When the current set of phase differences is absent from the dataset, a null is created in the antenna pattern of the antennas in the direction of the currently-received radio frequency signals. When the current set of phase differences is present in the dataset, the antenna pattern is maintained.

Methods, systems, and apparatus, including computer programs encoded on a storage device, for triggering an alarm during a sensor jamming attack. In one aspect, a monitoring system sensor unit is disclosed that includes a sensor, a communication unit configured to communicate with a monitoring system using a range of frequencies, and a jamming detection unit. The jamming detection unit may include a processor and a computer storage media storing instructions that, when executed by the processor, cause the processor to perform operations. The operations include detecting a sensor jamming event, selecting a different form of communication other than the range of radio frequencies for the communication unit to communicate with the monitoring system, and providing, to the communication unit, an instruction to communicate with the monitoring system using the form of communication, wherein the communication unit may communicate, to the monitoring system using the form of communication, the sensor data.

A wireless communication system having base stations and remotely located terminal units. The base stations and the remotely located terminal units communicate data over operational wireless communication links assigned to respective sub-channels having tiles separated by frequency and time. Detectors for analyzing extraneous received signals in unassigned tiles of the communication links discriminate between a first type of extraneous signals detected in unassigned tiles of one sub-frame and also detected in other unassigned tiles, and a second type of extraneous signals detected in the unassigned tiles but not detected in other unassigned tiles. The reaction of the base stations is different based on the type of extraneous signals.

Aspects of the present invention disclose a method for identifying indications of an attack on a cellular network. The method includes one or more processors scanning a geographic area of a cellular network, wherein the geographic area includes a plurality of transceivers of the cellular network. The method further includes identifying a symptom that impacts a transceiver of the cellular network based at least in part on connectivity between a computing device and the plurality transceivers of the cellular network. The method further includes performing one or more assessments on the transceiver of the cellular network impacted by the symptom. The method further includes determining whether the symptom of the cellular network is associated with an attack on the cellular network based at least in part on the one or more assessments.

A threat monitoring and vulnerability management system is disclosed. The system includes one or more sensors configured to scan a frequency spectrum of a project 25 (P25) network and to collect data on the P25network. The system further includes a server coupled to the sensors and configured to receive the collected data from the plurality of sensors, compare the collected data with previously stored historical data to determine whether an anomaly exists within data patterns of the collected data, responsive to determining that the anomaly exists, determine at least one of: whether use of a cloned radio that mimics an authorized connection occurs, whether jamming of a radio frequency (RF) communication occurs, or whether jamming of a voice communication occurs within the P25 network by comparing the collected data with preset thresholds, and send a real-time alert to a dispatch and control console unit coupled to the server and the P25 network in response to determining that some of the collected data exceeds at least one of the preset thresholds, such that the dispatch and control console unit provides one or more corrective actions to the P25 network.

A method and apparatus for providing a standalone anti-jamming (AJ) nuller-beamformer. Signals from an antenna array include a sum of Global Navigation Satellite System (GNSS) signals and jamming signals from a plurality of spatial sources. A front end is configured to amplify, filter, down-convert, and sample the input signals which are then filtered, downconverted, and decimated prior to frequency-domain and time-domain partitioning. Weights are computed and applied for spatial nulling of jamming signals in each frequency bin for the partitioned signals. Frequency and time-domain reconstruction generates a reconstructed signal with suppressed jamming.

Described is a system for detecting attacks on mobile networks. The system includes the relevant hardware and components to perform a variety of operations including continuously measuring time-varying signals at each node in a network. The system determines network flux on the time-varying signals of all nodes in the network and detects a network attack if the network flux exceeds a predetermined threshold. Further, a reactive protocol is initiated if the network flux exceeds the predetermined threshold.