Cell Site Analysis: Capturing a Snapshot of the Cellular Network’s Coverage

Share This Post

New Tools Deliver More Accurate Carrier Tower Information and Signal Identification, Saving Examiners and Network Operators Time and Resources

By Bill Teel, Teel Technologies

When crime scene or accident investigators examine a location, they take all the necessary measures to accurately collect, record and document the environment and characteristics, so as to have the best chance of accurately determining what happened, or to build on clues in pursuit of the truth.    

One area of crime scene analysis that has been a challenge for law enforcement in the U.S is expediently obtaining accurate cellular network coverage and tower identifications of a location of interest. This valuable information, which can serve as a critical time saver in exigent circumstances (i.e. obtaining tower dumps), or in instances where a suspect or victim’s mobile devices are being referenced with Call Data Records, improves the accuracy of the investigation, and saves valuable time and resources.

Presently, the exercise to obtain signal coverage of an area is somewhat of a laborious task for both LE and the network operators, and what is delivered is largely based on the theoretical coverage maps of the carriers. The requests can often entail a lot of back and forth between LE (providing location information) and the carriers (determining serving towers and delivering info), and the resulting coverage maps assume conditions that may not be present at the time. Environmental conditions, equipment conditions and signal diffraction alter coverage, and can spread the signal to areas unknown to the carrier.

Enter Cell Site Analysis – a practice that has been around for more than a decade, but not widely adopted outside of Europe. Cell Site Analysis is the collection of the cellular network coverage and tower identifications using equipment that emulates a mobile device. Combined with Call Data Records (CDRs), Cell Site Analysis helps determine location or paths of users on the network. In the U.S., the tools for examining network coverage have often been network engineering survey gear that are both expensive and often a challenge to use for the non-engineer. In addition, in the U.S. there have been multiple tools required for such analysis of the two network types, which have been, until recently, GSM and CDMA.

While in Europe and other regions, it is fair to say Cell Site Analysis has become a more common practice than the U.S., due to their GSM-exclusivity and dedicated tools. But the game is changing in America and elsewhere with the consolidation to GSM standards, such as 4G LTE and true 5G. Today, with just one tool, an investigator can survey and capture all GSM network information.

Affordable and easy-to-use equipment from the likes of VesperEye and SecurCube enable a comprehensive view of all networks in their proximity and display tower info, signal strength and base station equipment identification information.

On a single dashboard, an investigator can identify all serving towers around them, record that info and create a report that can be used to communicate to the network operator(s) for CDR or tower dump data. Saving the investigator, as well as the network operator, crucial time in an investigation, the exchange of relevant network and user information can happen a lot faster and with more accuracy of the network signal coverage.

As opposed to providing a physical address or coordinates of a location, which can take the network operator time to determine which cells can cover the location, the investigator can deliver timely, accurate information of the area.

For investigations, Cell Site Analysis tools assist in the investigation in the following ways:

  1. Tower Dump Requests. When it comes to tower dump requests, where expediency is crucial to finding victims or pursuing suspects, being able to provide accurate coverage information and network characteristics can make a huge difference in the return of users on the network at any given time.
  2. Crime Scene Analysis. If an investigation is occurring just after an incident, capturing the coverage characteristics, or that “signal fingerprint” provides the best opportunity for preserving the signal characteristics and serving towers at, or near, the time of the event being investigated.
  3. After-the-fact investigations. Whereby CDR data puts a subject potentially in an area due to the networks coverage map, using a Cell Site Analysis tool to survey a location (for an extended period of time if required) to collect information may reveal signals do (or confirm they do not) cover an area. When challenged or claimed the network does or does not cover a location, a Cell Site Analysis tool can help confirm whether a user on the network was able to communicate from a location. Often in such cases, the tool is left at the location for several hours or days to collect the signal coverage changes, due to environmental or other possible signal differences.

In each of these scenarios, valuable time and resources can be saved, and more accurate coverage readings are produced.   

The below image is from VesperEye’s Scout product interface. This is a snapshot of the network coverage of the Teel Technologies offices in Norwalk, Connecticut. You’ll see the network name and ID, and the tower and base station information. A CSV or Word Document report is generated with this information for submission to the network operator, as required.

The below image is a theoretical coverage map provided by a network operator in Italy.

The below image shows the surveying results provided by SecurCube’s BTS tracker tool, and confirms the network coverage, but also shows where the signal travels beyond the network’s coverage. The blue dots with red glow behind are where the signal is identified by both the BTS Tracker and by the network operator map. The areas circled in orange are where tower coverage was identified by the BTS Tracker, but is not represented by the network operator map.

5G Evolution and Cell Site Analysis

As the wireless carriers build out their 5G networks, the need for Cell Site Analysis by investigators is potentially more important. 5G networks promise speeds that are 10x or more than that of 4G, which will inevitably lead to exponentially more devices on these networks, including IOT, vehicles and wearable devices. The challenge will be in defining the coverage, and for the networks to deliver quality information on this coverage. While footprints will be smaller, with greater overlap, the 5G higher frequencies are more susceptible to signal degradation due to weather conditions, such as humidity and rain, not to mention the greater opportunity for signal diffraction. Ultimately, this portends a greater onus on the investigator to survey for themselves to determine what the coverage truly is.

Today, Cell Site Analysis is a worthwhile endeavor for law enforcement to save time, resources and produce more accurate results. Moving forward, as the world continues to connect via faster cellular networks, in ways we’re likely not even anticipating yet, Cell Site Analysis has the potential to become a critical part of most investigations involving connected devices.

More Articles


Navigating SEC Regulations In Cybersecurity And Incident Response

Free video resource for cybersecurity professionals. As 2024 approaches, we all know how vital it is to keep up to date with regulatory changes that affect our work. We get it – it’s a lot to juggle, especially when you’re in the trenches working on an investigation, handling, and responding to incidents.