Home : Our Work : Areas of Research : Information Technology : Center for High Assurance Computer Systems : Flying Squirrel


 

Flying Squirrel is a Government-off-the-Shelf (GOTS) software application developed by the U.S. Naval Research Laboratory to provide real-time discovery, analysis, and mapping of IEEE 802.11a/b/g/n wireless networks.

With the advantages that wireless technologies provide, many organizations are seeking the means to securely integrate wireless capabilities into their networks. In an effort to standardize wireless security for the purpose of detecting, and thus deterring, unauthorized wireless activity, the Department of Defense (DoD) Enterprise-Wide Information Assurance and Computer Network Defense Enterprise-Wide Solutions Steering Group (ESSG) identified the need to enhance network security through the employment of a Wireless Discovery Device capability.

To enhance the security posture of DoD networks, Flying Squirrel provides real-time wireless discovery, integrated visualization and mapping, and post-hoc analysis capabilities. These capabilities are provided in Flying Squirrel (interchangeably referred to as Flying Squirrel Wireless Assessment Tool Suite) via the Flying Squirrel, Caribou, Woodchuck, MeerCAT-FS, and Orb-weaver components.

Flying Squirrel (FS) is designed to run on a standard laptop on both Windows and Linux operating system (OS) platforms and can detect and segregate wireless transmitters that are acting as a WLAN client or Access Point (AP). Unlike many wireless discovery tools, FS is at no time connected to the organization’s network in order to operate. Instead, it employs passive detection to identify wireless stations or AP’s operating within a geographic area on a real-time basis. FS also provides a real-time integrated visualization and mapping capability called Woodchuck, which allows users to generate a “Radiation Field (RF) Map” based on the signal strength information for any selected transmitter. With this RF-map, users can conduct basic geo-location by visual inspection.

To compare and analyze multiple FS data capture sessions, MeerCAT-FS can be launched as a plug-in from within FS or from its desktop icon, to perform further post-hoc analysis. By utilizing its key features, such as time trend analysis, wireless topology, profile filters, and communication patterns, the operator can turn Flying Squirrel’s wealth of data into meaningful, actionable information.

To aid in performing wireless discovery and mapping of wireless transmitters indoors, Caribou provides FS position information using inertial measurement sensors in the absence of a global positioning system (GPS) signal. This ruggedized (3”x1.25”x2.5”) device integrates seamlessly with FS, requiring the operator to simply clip the unit to their belt, plug in the USB cable, and pick a starting location. The sensor data is transferred to FS via USB.

Bluetooth exhibits most of the same vulnerabilities inherent to wireless systems in general. A Bluetooth transmitter sends signals across free space to any receiver, legitimate or not, located within range. Vulnerabilities associated with the legacy Bluetooth cryptography have been known for a long time. Problems like "bluejacking," "bluebugging" and "Car Whisperer" have turned up as Bluetooth-specific security issues. Flying Squirrel uses the Ubertooth One to passively scan for Bluetooth devices.

Running on a standalone network, Orb-weaver provides continuous wireless monitoring for Wi-Fi, cellular, and Bluetooth devices. Orb-weaver can be deployed using a combination of sensors: Ubiquiti UniFi (AP or AP Pro) for Wi-Fi, and/or Flying Fox for cellular, Wi-Fi, and Bluetooth detection. The passive cellular detection capability provided by the Flying Fox sensors promote compliance with organizational policies such as “no cell phone” policy.

 

For more information, please contact us via email: fsadmin@nrl.navy.mil.