Investigating and Utilizing the Limitations of Spoofing in a Map-Matching Anti-Spoofing Algorithm

Nesreen I. Ziedan

Abstract:	The accessibility and availability of GNSS signals are turning out to be a source of vulnerability with regard to the signals’ susceptibility to spoofing. In order to combat signals spoofing, an understanding of the tools and techniques that can be utilized by an attacker must be reached. The aim of this paper is two-fold: investigating the conditions for a successful spoofing attack to gain understanding of the practical limitations of spoofing, and developing an anti-spoofing algorithm that utilizes the spoofing limitations without requiring special antennas or aiding systems. A sophisticated attack would synchronize the spoofed signals to the real tracked signals at the target receiver, take control of the tracking module, and then gradually change the spoofed signals parameters to drive the tracking module off the true position. In order to spoof a position and a velocity successfully, the pseudorange and delta range to each tracked satellite, and the receiver’s clock bias, must not appear suspicious. The target receiver can detect both the true and spoofed signals, and hence the attacker’s best strategy is to mask the true signal as a multipath signal relative to the spoofed signal. Multipath signals have code delays larger than the line-of-sight (LOS) signals since they traverse longer paths. Therefore, each spoofed code delay should be smaller than or equal to the true code delay when the tracking module is being driven off to a spoofed position. Coupling this with the limitations on velocity and acceleration, a range of acceptable pseudo-ranges that can be used by the attacker without being detected can be concluded. This range, however, does not always encompass valid routes. This observation is used to develop an anti-spoofing algorithm. The algorithm uses a map-matching technique to construct the closest route to the generated GNSS positions. If the discrepancy between the constructed route and the generated GNSS positions is beyond a threshold, a spoofing attack can be concluded.
Published in:	Proceedings of the 27th International Technical Meeting of the Satellite Division of The Institute of Navigation (ION GNSS+ 2014) September 8 - 12, 2014 Tampa Convention Center Tampa, Florida
Pages:	2843 - 2852
Cite this article:	Ziedan, Nesreen I., "Investigating and Utilizing the Limitations of Spoofing in a Map-Matching Anti-Spoofing Algorithm," Proceedings of the 27th International Technical Meeting of the Satellite Division of The Institute of Navigation (ION GNSS+ 2014), Tampa, Florida, September 2014, pp. 2843-2852.
Full Paper:	ION Members/Non-Members: 1 Download Credit Sign In