GPS Spoofing Research Articles

TrustCNAV: Certificateless Aggregate Authentication of Civil Navigation Messages in GNSS

The Global Navigation Satellite System (GNSS) is capable of accurate positioning because it can provide high-precision data. These data are transmitted to the receiver in the form of navigation messages, called civil navigation messages (CNAV). As it is transmitted in an open, transparent environment without data integrity protection mechanisms and secure data transmission measures, the CNAV is suspected to spoofing attacks. In 2023, the OPSGROUP has received approximately 50 reports of GPS spoofing activity. A spoofed plane's navigation system will show it as being in a different place - a security risk if a jet is guided to fly into a hostile country's airspace. To prevent the forging of GNSS positioning data by spoofing attacks targeting CNAV, we propose a certificateless aggregation authentication for CNAV by using the elliptic curve discrete logarithm problem and the combination of the GNAV structural characteristics, called TrustCNAV. Security proof and performance analysis indicate that this authentication scheme can resist spoofing attacks and ensure data security of CNAV, also it avoids pairing operations with high computational complexity, thus meeting security requirements without causing too much time and communication consumption.

Operator Responsibilities in Safeguarding Consumer Rights Against GPS Spoofing in Ride-Hailing Services

Operator Responsibilities in Safeguarding Consumer Rights Against GPS Spoofing in Ride-Hailing Services

Joint detection and state estimation based on GPS spoofing attack in smart grids

Phasor Measurement Units (PMUs) are widely used in power system state estimation due to its high sampling rate and real-time estimation of power state in power systems. However, it is also vulnerable to cyberattacks (GPS spoofing attacks) since it uses unencrypted GPS civil signals for synchronization. The GPS spoofing attacks (GSAs) will intentionally manipulate the time reference of PMUs, which is equivalent to falsifying the phase angle of the PMU measurements. In this paper, we consider the secure power state estimation and attacks detection with the unknown GSAs in the power systems. Particularly, we derived the PMU-based GSAs model in the power state estimation problem, which is formulated as a mixed maximum likelihood problem. In the formulated problem, the involved unknown parameters are coupled and the objective function is non-convex, which are of significant challenges in finding optimal solutions. To tackle these challenges, a joint maximum a posteriori and maximum likelihood (JMAP-ML) algorithm is proposed to securely estimate the power state and detect the GSAs in the mixed measurements of PMUs. Different testing scenarios in IEEE 14 bus system are simulated to show the proposed algorithm’ performance on GSAs detection and state estimation. Numerical examples demonstrate the improved accuracy of our algorithm compared with classical algorithms when GSAs are present. And we conclude that when a sufficient number of PMUs are deployed in the system, the impact of GSAs will be largely compensated in the estimation stage.

An Implementation-Based Study of the Detection of and Recovery from GPS Spoofing Attacks for Unmanned Aerial Vehicles

Unmanned Aerial Vehicles (UAV) are expected to be a critical component for logistics, agriculture, defense and enabling connectivity for post-5G communications. The utilization of drones in diverse sectors raises concerns about their vulnerability to potential attacks that disrupt or obstruct their operational mechanisms. In this work, we first demonstrate how navigation attacks can compromise a drone’s system, using GPS jamming and spoofing attacks via HackRF One PortaPack Software Defined Radio (SDR) device. Next, we propose a mechanism called “Return-to-Start”, which can protect a drone from loss by responding promptly to such widely spread navigational attacks. We evaluate the effectiveness of our solution through experiments on a Raspberry Pi-based drone we developed. Our experiments validate the robustness of Return-to-Start functionality in a variety of attack scenarios with different durations and GPS geolocations.

Strengthening Aviation Cybersecurity with Security Operations Centres

Even though cybersecurity is a top priority for the aviation industry, research indicates that there are still many challenges to address. Modern aviation systems encompass cloud computing, OT, IoT, mobile devices, and traditional IT infrastructure. The network complexity has expanded the attack surface, leading to an increase in security incidents. Due to this complexity, detecting security incidents on time is challenging. Research indicates that it may take up to 196 days to detect an incident and another 56 days to address it, highlighting the urgency of improving security response. In this regard, establishing Security Operations Centres (SOCs) in the aviation sector must be addressed. SOCs can be instrumental in reducing the time it takes to detect and respond to security incidents. They provide visibility into threats, aid investigations, and enhance forensic efforts, enabling proactive threat mitigation. Research has been carried out on SOC implementations for specific domains like IoT, mobile devices, and higher education, neglecting aviation systems. Aviation systems such as Air Traffic Management (ATM) face unique security vulnerabilities, including signal modification, jamming, flooding, data and command injection, GPS spoofing, and blocking attacks, primarily due to their reliance on wireless technology. Most of these wireless technologies do not use encryption or authentication because they were designed to maximise performance. Insufficient funding also negatively affects ATM systems, resulting in the wide use of legacy ATM systems and a shortage of skilled personnel. ATM systems are considered critical infrastructure frequently targeted by well-resourced threat actors, including terrorists and nation-state actors, necessitating higher protection levels. This paper motivates the development of a customised SOC implementation framework for ATM systems to enhance aviation security by increasing visibility into threats and facilitating timely remediation.

Cyber attacks on UAV networks: A comprehensive survey

New technologies are constantly emerging in the modern world and changing the way we live our everyday lives. Although technology has many useful applications, there are various ways it can potentially be abused. Unmanned aerial vehicles (UAVs) are one of the most rapidly developing technologies, with potentially far-reaching consequences. A new focus on UAV applications has fueled rising concerns with regards to security, specifically around networked UAVs. UAVs may be managed from a remote place with relative ease. Essential operations involving the use of military tactics and weapons involve employing them in a variety of situations, such as reconnaissance, surveillance, and offensive, defensive, and civilian capacities. Message insertion, message manipulation, jamming, and GPS spoofing are the most commonly used cyber-attacks against these systems. Ensuring the security of electronics and communications in systems that employ several UAVs is of utmost importance to guarantee their safety and dependability in military and civilian activities. Many technological methods have been developed over the past decade for securing UAVs from cyber-attacks. This paper attempts to summaries the problems that can arise with unmanned aerial vehicles (UAVs), cyber-attacks, and the countermeasures used to protect against them. This is the first paper that details all of the past cyber-attacks on unmanned aerial vehicles (UAVs).

Нові виклики для функціонування активних перманентних ГНСС-станцій під час бойових дій на прикладі України

The study presents the current state of GNSS Continuously Operating Reference Stations (CORS) networks and their operational characteristics during the ongoing hostilities in Ukraine. Stable GNSS CORS network operation is crucial not only for agricultural, geodetic, and land management tasks but also for military navigation and topography. The aim of this work is to analyze the impact of hostilities in Ukraine's GNSS network, considering factors like temporary occupation of certain territories, power outages due to missile strikes on energy infrastructure, and GNSS signal jamming using radio-electronic methods in front-line regions. Another objective of this study is to highlight examples of incorrect RTK or VRS operation due to potential errors from radio-electronic jamming or GPS spoofing as well as to provide practical recommendations for surveyors. As a result, the research has analyzed changes in the number of properly functioning GNSS stations from 2021 to 2023 using the GeoTerrace and System.NET networks. These networks cover all regions of Ukraine except the temporarily occupied territories by russia. Daily processing of RINEX files with a sampling interval of 30 seconds from CORS GNSS stations was conducted using the Bernese GNSS v.5.2 software package over three years. It was noted that following the large-scale invasion in February 2022 and through the spring of that year, there was a sharp reduction of about 10% in the number of properly functioning active GNSS stations. Scientific novelty and practical importance. The article presents practical recommendations for users, such as surveyors and land managers, performing GNSS measurements in RTK or VRS modes using permanent stations, to assess the influence of radio-electronic jamming or GPS spoofing on observations. CORS network assessment and daily calculated coordinates of GNSS stations from 2021 to 2023 can be used for future geodynamic research in the region.

Review of Navigation Methods for UAV-Based Parcel Delivery

This paper presents a comprehensive review of state-of-the-art navigation methods available for unmanned aerial vehicles (UAVs) used in parcel delivery. Particularly, the paper focuses on state-of-the-art sensor configurations, multi-sensor data fusion architectures, and their performance when employed for UAV navigation. Additionally, this paper presents the associated safety regulations for UAV navigation currently imposed by regulatory bodies in US and Canada. The existing navigation solutions sometimes produce degenerative results due to GPS loss, multipath signals, spoofing events, and other sensor degradation scenarios. Therefore, this article investigates the suitability of integrating visual lidar odometry and mapping (VLOAM) with GPS to overcome the limitations of existing navigation solutions. A comparative study of the multi-sensory combined solutions is presented with numerical simulations, validating the regulatory compliance of VLOAM and GPS integrated system under common GPS failure cases. <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">Note to Practitioners</i> —This work was motivated by the need for a survey on existing UAV navigation methods for parcel delivery applications. Different UAV navigation methods exist, depending on the sensors used and the sensor fusion architectures, with varying degrees of localization accuracy. It can be challenging for researchers and practitioners to decide which method to adopt for their application while complying with the existing safety regulations. Therefore, this paper presents an overview of the current safety regulation for UAV navigation and evaluates the state-of-the-art navigation methods against regulatory safety compliance. Additionally, a numerically validated safe navigation method is suggested for UAV-based parcel delivery. This paper provides researchers and practitioners with comprehensive reference sources in the UAV navigation field, which can help them develop suitable solutions to ensure safe navigation.

ANALYZING THE CAN PROTOCOL: VULNERABILITIES, PROTECTIVE MEASURES AND IMPROVEMENTS

The Controller Area Network (CAN) bus, originally designed for internal communication among a limited number of Electronic Control Units (ECUs) within vehicles, faces significant security challenges due to the rapid expansion of ECUs in modern automobiles. This expansion necessitates accessibility for diagnostic purposes, yet the CAN protocol lacks fundamental security features such as encryption, authentication, and integrity checks, rendering it vulnerable to various attacks including message injection, Denial of Service (DoS), and masquerading ECUs. This paper surveys existing literature and investigates potential intrusions on the CAN bus, highlighting attacks ranging from GPS spoofing to remote sensor tampering. Various solutions are discussed, including network subdivision, encryption, authentication techniques, and intrusion detection systems (IDS). Recent research proposes IDS solutions utilizing machine learning algorithms such as Random Forest, Support Vector Machine, and Deep Neural Networks (DNN), demonstrating effectiveness in detecting known attacks. However, challenges persist in identifying unknown attacks and enhancing overall system performance. Innovative approaches, such as event-triggered detection and bloom filtering techniques, show promise in mitigating specific attack vectors but may introduce overhead or limitations in real-time response. Deep learning-based IDS systems exhibit high performance but struggle with the detection of novel attacks. Furthermore, while some solutions address specific vulnerabilities, others propose more comprehensive security measures, such as preventing remote manipulation of critical vehicle functions like steering and braking. Overall, the research emphasizes the critical need for robust security measures in automotive systems to safeguard against evolving threats to vehicle safety and integrity.

GPS Spoofing Attack Recognition for UAVs With Limited Samples

GPS Spoofing Attack Recognition for UAVs With Limited Samples

An Analysis of GPS Spoofing Attack and Efficient Approach to Spoofing Detection in PX4

An Analysis of GPS Spoofing Attack and Efficient Approach to Spoofing Detection in PX4

Enhanced Machine Learning Ensemble Approach for Securing Small Unmanned Aerial Vehicles From GPS Spoofing Attacks

Enhanced Machine Learning Ensemble Approach for Securing Small Unmanned Aerial Vehicles From GPS Spoofing Attacks

Mono camera-based GPS spoofing detection for aerial vehicles

This paper presents mono camera-based GPS spoofing detection for aerial vehicles utilizing only image information besides the initial orientation of the vehicle. Orientation information is propagated and motion direction is estimated solely from the mono camera images through the estimation of the essential matrix. Histograms of Oriented Displacements and their correlation are considered to detect spoofing considering GPS and image-based data. Straight and turning simulated fight trajectories of a fixed wing research drone with different turbulence levels are compared to evaluate the method. The results are promising with timely detection of every spoofing scenario and without false alarm. The exploration of real fight data is the topic of future development.

Knowledge Distillation-Based GPS Spoofing Detection for Small UAV

As a core component of small unmanned aerial vehicles (UAVs), GPS is playing a critical role in providing localization for UAV navigation. UAVs are an important factor in the large-scale deployment of the Internet of Things (IoT) and cyber–physical systems (CPS). However, GPS is vulnerable to spoofing attacks that can mislead a UAV to fly into a sensitive area and threaten public safety and private security. The conventional spoofing detection methods need too much overhead, which stops efficient detection from working in a computation-constrained UAV and provides an efficient response to attacks. In this paper, we propose a novel approach to obtain a lightweight detection model in the UAV system so that GPS spoofing attacks can be detected from a long distance. With long-short term memory (LSTM), we propose a lightweight detection model on the ground control stations, and then we distill it into a compact size that is able to run in the control system of the UAV with knowledge distillation. The experimental results show that our lightweight detection algorithm runs in UAV systems reliably and can achieve good performance in GPS spoofing detection.

A statistical method of GPS spoofing detection using power spectral density for hardware

AbstractLocation and navigation information has become an important part of our lives. GPS data is vital in many areas from transportation to economy, from energy to security. The alteration of this information can have deleterious downstream effects that cannot be reversed. Today, it is possible to attack GPS data with accessible hardware and open source software. In this paper, the signal obtained with the help of a transceiver that samples the high frequency RF signals down to the intermediate frequency was compared with the RMS value by windowing over PSD. Then this data was statistically analyzed with the NIST runs test. In order to realize GPS signal spoofing in a short time that after GPS receiver lock the spoofing signal, field programmable gates connected to the transceiver were used. The results obtained varied according to the dimensions of the windowing process, and it was understood that the window size was in a correlation with the detection of deception in a short time. The suggested method's key benefit is its simplicity, which makes it adaptable to various GNSS systems.

Anomaly Detection Against GPS Spoofing Attacks on Connected and Autonomous Vehicles Using Learning From Demonstration

GPS spoofing attacks pose great challenges to connected vehicle (CVs) safety applications and localization of autonomous vehicles (AVs). In this paper, we propose to utilize transportation and vehicle engineering domain knowledge to detect GPS spoofing attacks towards CVs and AVs. A novel detection method using learning from demonstration is developed, which can be implemented in both vehicles and at the transportation infrastructure. A computational-efficient driving model, which can be learned from historical trajectories of the vehicles, is constructed to predict normal driving behaviors. Then a statistical method is developed to measure the dissimilarities between the observed trajectory and the predicted normal trajectory for anomaly detection. We validate the proposed method using two threat models (i.e., attacks targeting the multi-sensor fusion system of AVs and attacks targeting the intersection movement assist application of CVs) on two real-world datasets (i.e., KAIST and Michigan roundabout dataset). Results show that the proposed model is able to detect almost all of the attacks in time with low false positive and false negative rates.

A Pseudorange-Based GPS Spoofing Detection Using Hyperbola Equations

Spoofing attacks are one of the most critical threats against secure global navigation satellite system (GNSS) positioning. Since correct positioning is a must in many vehicle-to-everything (V2X) communication systems, the detection of these attacks is vital. In the literature on the detection strategies of spoofing attacks, the majority of the solutions are based on the assumption that all available signals are spoofed. In this paper, we focus on detecting spoofing attacks in which authentic and spoofing positioning signals coexist in a V2X system. The observable pseudorange values are utilized with the help of derived hyperbola equations during the design of the spoofing detection algorithms. We propose an algorithm, which is named as the sub-optimal search-based spoofing detection algorithm (Algorithm 1), and it considers all possible numbers of spoofing attacking signals, but not all spoofing scenarios with the same amount of spoofing signals. To address the complexity problems based on the increased number of search scenarios of this approach, we propose another algorithm, which is called subset selection-based spoofing detection algorithm (Algorithm 2), with a smart selection of the search subsets. Both of these algorithms are first compared with fixed detection thresholds, which are determined with the Pareto front approach. Then, the performance of the algorithms is investigated when vehicle mobility and spoofing imperfection are considered. Finally, a supervised learning-based decision tree machine learning (ML) algorithm is run without specifying any detection threshold. The results indicate that Algorithm 1 provides higher detection rates than the subset selection-based algorithm; however, the false alarm ratios of Algorithm 2 are much lower than its original performance.

Joint Detection and State Estimate with GSAs in PMU-Based Smart Grids

The Phasor Measurement Unit (PMU) with a GPS signal receiver is a synchronized sensor widely used for power system state estimation. While the GPS receiver ensures time accuracy, it is vulnerable to network attacks. GPS spoofing attacks can alter the phase angle of PMU measurement signals and manipulate system states. This paper derives a power system state model based on PMUs under GPS spoofing attacks, according to the characteristics of changes in bus voltages and branch currents after GSA. Based on the characteristics of this model, a detection and correction algorithm for attacked data is proposed to detect GSA and correct attacked measurements. The corrected measurements can be used for power system state estimation. Simulation results on the IEEE 14-bus system show that the proposed algorithm improves the accuracy of state estimation under one or multiple GSAs, especially when multiple GSAs are present, compared to classical Weighted Least Squares Estimation (WLSE) and Alternating Minimization (AM) algorithms. Further research indicates that this algorithm is also applicable to large-scale networks.

Increasing the resiliency of power systems in presence of GPS spoofing attacks: A data‐driven deep‐learning algorithm

AbstractThe growing use of wireless technologies in power systems has raised concerns about cybersecurity, particularly regarding GPS spoofing attacks (GSAs). These attacks manipulate GPS data, leading to modifications in the phase angle of phasor measurement units (PMUs). In this paper, a Deep‐learning GPS‐Spoofing Counteraction (DLGSC) algorithm is proposed, utilizing PMU data for GSA detection and PMU data correction. The algorithm incorporates a recurrent neural network (RNN) and a set of long short‐term memory (LSTM) units separately, for signal correction after attack detection. Unlike existing methods that struggle with simultaneous attacks or they are static methods, DLGSC tackles these challenges by leveraging deep learning techniques. By selecting appropriate features for GSA detection, DLGSC achieves accurate results. The algorithm is evaluated on standard IEEE 14‐bus and IEEE 39‐bus power systems, and its performance is compared to statistical, dynamic, and Deep Learning (DL) methods in the literature. Additionally, an experimental setup is designed to validate the algorithm in a laboratory environment. Results demonstrate the easy‐implementable DLGSC algorithm's satisfactory real‐time performance in various scenarios, such as load variations and noise, achieving over 98% accuracy. Notably, DLGSC is cable of detecting multiple GSAs on different PMUs.

A GPS-Adaptive Spoofing Detection Method for the Small UAV Cluster

The small UAV (unmanned aerial vehicle) cluster has become an important trend in the development of UAVs because it has the advantages of being unmanned, having a small size and low cost, and ability to complete many collaborative tasks. Meanwhile, the problem of GPS spoofing attacks faced by submachines has become an urgent security problem for the UAV cluster. In this paper, a GPS-adaptive spoofing detection (ASD) method based on UAV cluster cooperative positioning is proposed to solve the above problem. The specific technical scheme mainly includes two detection mechanisms: the GPS spoofing signal detection (SSD) mechanism based on cluster cooperative positioning and the relative security machine optimal marking (RSOM) mechanism. The SSD mechanism starts when the cluster enters the task state, and it can detect all threats to the cluster caused by one GPS signal spoofing source in the task environment; when the function range of the mechanism is exceeded, that is, there is more than one spoofing source and more than one UAV is attacked by different spoofing sources, the RSOM mechanism is triggered. The ASD algorithm proposed in this work can detect spoofing in a variety of complex GPS spoofing threat environments and is able to ensure the cluster formation and task completion. Moreover, it has the advantages of a lightweight calculation level, strong applicability, and high real-time performance.