An approach to detect GNSS spoofing

Abstract

GNSS signal quality monitoring and authenticity verification is gaining importance as different types of interference signals including jamming and spoofing are becoming more likely. There have been several studies on jamming and spoofing detection at various levels of GNSS receiver operation layers. Spoofing signals are structural interference that take advantage of the known structure of legitimate signals and try to deceive their target receiver into a false position and/or timing solution. This becomes much more important if the receiver is used in safety-of-life applications [1]–[5]. The features of spoofing signals are similar to those of authentic GNSS signals; therefore, a stand-alone GNSS receiver may face challenges in detecting this type of interference. Spoofing signals can be designed to mislead the tracking procedure of GNSS receivers by generating synchronized pseudo random noise (PRN) codes, thereby leading to counterfeit correlation peaks. This means that the PRN index and signal parameters such as Doppler frequencies and code delays of spoofing signals match those of the authentic ones. These fake correlation peaks can overlay the authentic ones, distort the normal shape of authentic correlation peaks, and gradually misdirect the tracking process of the target receiver. Detection and mitigation of spoofing attacks on GNSS receivers in tracking mode have become one of the important antispoofing topics. In [4]–[6], the effect of interaction between authentic and spoofing peaks on the tracking process of a GNSS receiver is analyzed. Most spoofing detection metrics are designed to detect a spoofing attack assuming there are only two states, namely, clean data or a spoofing attack [7]–[10]. More specifically the spoofing detection threshold for a given probability of false alarm is set in the presence of a clean data set. However, in real operational conditions there might be several situations in which the spoofing detection test statistics exceed the predefined threshold due to other sources of interference signals and cause false spoofing detection. For instance, [3] has proposed a spoofing countermeasure method based on monitoring the receiver's automatic gain control (AGC) gain level. It is shown that the presence of spoofing signals increases the power content of the received signals, leading to changes in the AGC level. However, the AGC gain can be disrupted by various interfering signals.