GPS spoofed or not? Exploiting RSSI and TSS in crowdsourced air traffic control data

Abstract

GPS-dependent localization, tracking and navigation applications have a significant impact on the modern aviation industry. However, the lack of encryption and authentication makes GPS vulnerable for spoofing attacks with the purpose of hijacking aircrafts or threatening air safety. In this paper, we propose GPS-Probe, a GPS spoofing detection algorithm which leverages the air traffic control (ATC) messages periodically broadcasted by aircrafts. By exploiting the received signal strength indicator (RSSI) and the timestamps at server (TSS) of the ATC messages monitored by multiple ground sensors, GPS-Probe constructs a machine learning enabled framework which can estimate the real position of the target aircraft and then detect whether GPS is spoofed or not. Unlike existing techniques, GPS-Probe neither requires any updates of the GPS infrastructure nor of the GPS receivers. It also releases the requirement on the time synchronization of the ground sensors distributed around the world. We further present GPS-Probe-Plus by incorporating a flight height estimation module and a calibration method for RSSI and TSS values, which performs better on both target localization and spoofing detection than GPS-Probe. Using the real-world ATC data crowdsourced by OpenSky Network, our experiment results show that GPS-Probe (resp. GPS-Probe-Plus) can achieve an average detection accuracy and precision, of 81.7% (resp. 86.8%) and 85.3% (resp. 91.2%), respectively, significantly outperforming the state-of-the-arts.