Kyle D. Wesson

An Evaluation of the Vestigial Signal Defense for Civil GPS Anti-Spoofing

A receiver-autonomous non-cryptographic civil GPS antispoofing technique called the vestigial signal defense (VSD) is defined and evaluated. This technique monitors distortions in the complex correlation domain to detect spoofing attacks. Multipath and spoofing interference models are developed to illustrate the challenge of distinguishing the two phenomena in the VSD. A campaign to collect spoofing and multipath data is described, which specific candidate VSD techniques can be tested against. Test results indicate that the presence of multipath complicated the setting of an appropriate spoofing detection threshold.

The Texas Spoofing Test Battery: Toward a Standard for Evaluating GPS Signal Authentication Techniques

A battery of recorded spoofing scenarios has been compiled for evaluating civil Global Positioning System (GPS) signal authentication techniques. The battery can be considered the data component of an evolving standard meant to define the notion of spoof resistance for commercial GPS receivers. The setup used to record the scenarios is described. A detailed description of each scenario reveals readily detectable anomalies that spoofing detectors could target to improve GPS security.

A blueprint for civil GPS navigation message authentication

A proposal for civil GPS navigation message authentication (NMA) is presented with sufficient specificity to enable near-term implementation. Although previous work established the practicality and efficacy of NMA for civil GPS signal authentication, there remains a need for a detailed proposal that addresses several outstanding considerations regarding implementation. In particular, this paper (1) provides a definitive evaluation of the tradeoffs involved in the choice of cryptographic protocol, and (2) optimizes the placement of digital signature bits in the GPS CNAV message stream. By offering GPS engineers and policymakers a detailed blueprint for civil NMA, this work advances the possibility of NMA implementation on modernized civil GPS signals.

A combined symmetric difference and power monitoring GNSS anti-spoofing technique

Civil Global Navigation Satellite System (GNSS) signals are vulnerable to spoofing attacks that deceive a victim receiver into reporting counterfeit position or time information. The primary contribution of this paper is a non-cryptographic GNSS anti-spoofing technique that “sandwiches” a spoofer between a correlation function distortion monitor and a total in-band power monitor. The defense exploits the difficulty of mounting an effective spoofing attack that simultaneously maintains a low-enough counterfeit signal power to avoid power monitoring alarms while minimizing distortions of the received cross-correlation profile that are indicative of a spoofing attack. Results presented in this paper demonstrate the defenses effectiveness against a sophisticated spoofing attack.

A Proposed Navigation Message Authentication Implementation for Civil GPS Anti-Spoofing

A specific implementation of navigation message authentication (NMA) for civil GPS anti-spoofing is proposed. The notion of GNSS signal authentication is defined in probabilistic terms. This work proposes a practical, backwardcompatible NMA strategy for the civil L2/L5 civil navigation (CNAV) message. The proposal is sufficiently detailed to facilitate near-term implementation of securityhardened civil GPS.

Extending the reach of GPS-assisted femtocell synchronization and localization through Tightly-Coupled Opportunistic Navigation

A strategy known as Tightly-Coupled Opportunistic Navigation (TCON) is proposed for extending the penetration of GPS-assisted femtocells in weak-signal indoor environments. Standards and regulatory agencies impose strict time, frequency, and location requirements on femtocells. These can be met with GPS aiding to unparalleled time and positioning accuracies, but GPS signals are extremely weak and thus difficult to acquire indoors. The results of this paper suggest that a TCON solution fusing GPS with CDMA cellular signals offers significant sensitivity gains over state-of-the-art assisted-GPS receivers, allowing GPS-synchronized femtocells to be deployed in 90% of all residences.

Opportunistic Frequency Stability Transfer for Extending the Coherence Time of GNSS Receiver Clocks

A framework is presented for exploiting the frequency stability of non-GNSS signals to extend the coherence time of inexpensive GNSS receiver clocks. This is accomplished by leveraging stable ambient radio frequency signals, called “signals of opportunity,” to compensate for the frequency instability of the reference oscillators typically used in inexpensive handheld GNSS receivers. Adequate compensation for this frequency instability permits the long coherent integration intervals required to acquire and track GNSS signals with low carrier-to-noise ratios. The goal of this work is to push the use of GNSS deeper indoors or into environments where GNSS may be subject to interference.

GNSS Signal Authentication Via Power and Distortion Monitoring

We propose a simple low-cost technique that enables civil global positioning system receivers and other civil global navigation satellite system (GNSS) receivers to reliably detect carry-off spoofing and jamming. The technique, which we call the power-distortion detector, classifies received signals as interference-free, multipath-afflicted, spoofed, or jammed according to observations of received power and correlation function distortion. It does not depend on external hardware or a network connection and can be readily implemented on many receivers via a firmware update. Crucially, the detector can with high probability distinguish low-power spoofing from ordinary multipath. In testing against more than 25 high-quality empirical datasets yielding more than 900,000 separate detection tests, the detector correctly alarms on all malicious spoofing or jamming attacks while maintaining a

A Testbed for Developing and Evaluating GNSS Signal Authentication Techniques

<

A probabilistic framework for Global Navigation Satellite System signal timing assurance

0.6% single-channel false alarm rate.