Title: Exploiting Side-Information for Resilient GNSS Positioning in Mobile Phones
Author(s): Silvia Ceccato, Francesco Formaggio, Gianluca Caparra, Nicola Laurenti, Stefano Tomasin
Published in: Proceedings of IEEE/ION PLANS 2018
April 23 - 26, 2018
Hyatt Regency Hotel
Monterey, CA
Pages: 1515 - 1524
Cite this article: Ceccato, Silvia, Formaggio, Francesco, Caparra, Gianluca, Laurenti, Nicola, Tomasin, Stefano, "Exploiting Side-Information for Resilient GNSS Positioning in Mobile Phones," Proceedings of IEEE/ION PLANS 2018, Monterey, CA, April 2018, pp. 1515-1524.
Full Paper: ION Members/Non-Members: 1 Download Credit
Sign In
Abstract: Today’s smartphones widely exploit Global Navigation Satellite System (GNSS) as a positioning source, but the impact of spoofing attacks on these devices has never been extensively investigated. Resource constrained mobile phones are designed to provide position, velocity and time to the end user even in the most challenging environments, where the GNSS signal is hardly available in the first place. This approach pursues usability and energy efficiency rather than security, thus leaving the smartphones exposed to potential vulnerabilities. Spoofing attacks are becoming a serious threat to applications that rely on GNSS: building a GNSS spoofer barely requires some basic knowledge and a few hundred euros. Differently from autonomous GNSS receivers, mobile devices have access to redundant positioning information (Assisted GNSS (A-GNSS), sensors, etc.) that can be useful for security purposes. The aim of this paper is to point out some simple expedients and cross checks that do not require modifications to the devices hardware, allowing to enhance security at a minimum cost, increasing their resilience to spoofing attacks. To this purpose, we first assess whether currently available smartphones already employ these checks for security purposes. We exploit our GNSS signal generator to carry out a systematic test campaign on several devices from different brands. In the test results the inconsistency between the GNSS signal and other information sources was never reported to the user. Indeed, the result of a spoofing attack was often the computation of fake PVT coordinates, or in the best case, a denial of service with unknown cause.