📝 Original Info
- Title: GNSS-based positioning: Attacks and Countermeasures
- ArXiv ID: 1001.0025
- Date: 2010-01-05
- Authors: Researchers from original ArXiv paper
📝 Abstract
Increasing numbers of mobile computing devices, user-portable, or embedded in vehicles, cargo containers, or the physical space, need to be aware of their location in order to provide a wide range of commercial services. Most often, mobile devices obtain their own location with the help of Global Navigation Satellite Systems (GNSS), integrating, for example, a Global Positioning System (GPS) receiver. Nonetheless, an adversary can compromise location-aware applications by attacking the GNSS-based positioning: It can forge navigation messages and mislead the receiver into calculating a fake location. In this paper, we analyze this vulnerability and propose and evaluate the effectiveness of countermeasures. First, we consider replay attacks, which can be effective even in the presence of future cryptographic GNSS protection mechanisms. Then, we propose and analyze methods that allow GNSS receivers to detect the reception of signals generated by an adversary, and then reject fake locations calculated because of the attack. We consider three diverse defense mechanisms, all based on knowledge, in particular, own location, time, and Doppler shift, receivers can obtain prior to the onset of an attack. We find that inertial mechanisms that estimate location can be defeated relatively easy. This is equally true for the mechanism that relies on clock readings from off-the-shelf devices; as a result, highly stable clocks could be needed. On the other hand, our Doppler Shift Test can be effective without any specialized hardware, and it can be applied to existing devices.
💡 Deep Analysis
Deep Dive into GNSS-based positioning: Attacks and Countermeasures.
Increasing numbers of mobile computing devices, user-portable, or embedded in vehicles, cargo containers, or the physical space, need to be aware of their location in order to provide a wide range of commercial services. Most often, mobile devices obtain their own location with the help of Global Navigation Satellite Systems (GNSS), integrating, for example, a Global Positioning System (GPS) receiver. Nonetheless, an adversary can compromise location-aware applications by attacking the GNSS-based positioning: It can forge navigation messages and mislead the receiver into calculating a fake location. In this paper, we analyze this vulnerability and propose and evaluate the effectiveness of countermeasures. First, we consider replay attacks, which can be effective even in the presence of future cryptographic GNSS protection mechanisms. Then, we propose and analyze methods that allow GNSS receivers to detect the reception of signals generated by an adversary, and then reject fake location
📄 Full Content
arXiv:1001.0025v1 [cs.CR] 30 Dec 2009
GNSS-based Positioning: Attacks and Countermeasures
Panos Papadimitratos and Aleksandar Jovanovic
EPFL
Switzerland
Email: firstname.lastname@epfl.ch
Abstract
Increasing numbers of mobile computing devices, user-
portable, or embedded in vehicles, cargo containers, or the
physical space, need to be aware of their location in order
to provide a wide range of commercial services. Most often,
mobile devices obtain their own location with the help of
Global Navigation Satellite Systems (GNSS), integrating,
for example, a Global Positioning System (GPS) receiver.
Nonetheless, an adversary can compromise location-aware
applications by attacking the GNSS-based positioning: It
can forge navigation messages and mislead the receiver into
calculating a fake location. In this paper, we analyze this
vulnerability and propose and evaluate the effectiveness of
countermeasures. First, we consider replay attacks, which
can be effective even in the presence of future cryptographic
GNSS protection mechanisms. Then, we propose and an-
alyze methods that allow GNSS receivers to detect the re-
ception of signals generated by an adversary, and then re-
ject fake locations calculated because of the attack. We
consider three diverse defense mechanisms, all based on
knowledge, in particular, own location, time, and Doppler
shift, receivers can obtain prior to the onset of an attack.
We find that inertial mechanisms that estimate location
can be defeated relatively easy. This is equally true for the
mechanism that relies on clock readings from off-the-shelf
devices; as a result, highly stable clocks could be needed.
On the other hand, our Doppler Shift Test can be effective
without any specialized hardware, and it can be applied to
existing devices.
1
Introduction
As wireless communications enable an ever-broadening
spectrum of mobile computing applications, location or
position information becomes increasingly important for
those systems. Devices need to determine their own posi-
tion,1 to enable location-based or location-aware function-
ality and services. Examples of such systems include: sen-
sors reporting environmental measurements; cellular tele-
phones or portable digital assistants (PDAs) and comput-
ers offering users information and services related to their
1In this paper, we are not concerned with the related but orthog-
onal localization problem of allowing a specific entity to determine
and ascertain the location of other devices.
surroundings; mobile embedded units, such as those for
Vehicular Communication (VC) systems seeking to pro-
vide transportation safety and efficiency; or, merchandize
(container) and fleet (truck) management systems.
Global navigation satellite systems (GNSS), such as the
Global Positioning System (GPS), its Russian counter-
part (GLONAS), and the upcoming European GALILEO
system, are the most widely used positioning technology.
GNSS transmit signals bearing reference information from
a constellation of satellites; computing platforms nodes),
equipped with the appropriate receiver, can decode them
and determine their own location.
However, commercial instantiations of GNSS systems,
which are within the scope of this paper, are open to
abuse: An adversary can influence the location informa-
tion, loc(V ), a node V calculates, and compromise the node
operation. For example, in the case of a fleet management
system, an adversary can target a specific truck. First, the
adversary can use a transmitter of forged GNSS signals
that overwrite the legitimate GNSS signals to be received
by the victim node (truck) V . This would cause a false
loc(V ) to be calculated and then reported to the fleet cen-
ter, essentially concealing the actual location of V from the
fleet management system. Once this is achieved, physical
compromise of the truck (e.g., breaking into the cargo or
hijacking the vehicle) is possible, as the fleet management
system would have limited or no ability to protect its as-
sets.
This is an important problem, given the consequences
such attacks can have.
In this paper, we are concerned
with methods to mitigate such a vulnerability. In partic-
ular, we propose mechanisms to detect and reject forged
GNSS messages, and thus avoid manipulation of GNSS-
based positioning.
Our investigation is complementary
to cryptographic protection, which commercial GNSS sys-
tems do not currently provide but are expected to do so
in the future (e.g., authentication services by the upcom-
ing GALILEO system [5]). Our approach is motivated by
the fundamental vulnerability of GNSS-based positioning
to replay attacks [9], which can be mounted even against
cryptographically protected GNSS.
The contribution of this paper consists of three mecha-
nisms that allow receivers to detect forged GNSS messages
and fake GNSS signals. Our countermeasures rely on in-
formation the receiver obtained before the onset of an at-
1
tack, or more precisely, before the suspected onset of an
attack. We inve
…(Full text truncated)…
Reference
This content is AI-processed based on ArXiv data.