Global navigation satellite systems (GNSS) provide pervasive accurate positioning and timing services for a large gamut of applications, from Time based One-Time Passwords (TOPT), to power grid and cellular systems. However, there can be security concerns for the applications due to the vulnerability of GNSS. It is important to observe that GNSS receivers are components of platforms, in principle having rich connectivity to different network infrastructures. Of particular interest is the access to a variety of timing sources, as those can be used to validate GNSS-provided location and time. Therefore, we consider off-the-shelf platforms and how to detect if the GNSS receiver is attacked or not, by cross-checking the GNSS time and time from other available sources. First, we survey different technologies to analyze their availability, accuracy and trustworthiness for time synchronization. Then, we propose a validation approach for absolute and relative time. Moreover, we design a framework and experimental setup for the evaluation of the results. Attacks can be detected based on WiFi supplied time when the adversary shifts the GNSS provided time, more than 23.942 µs; with Network Time Protocol (NTP) supplied time when the adversary-induced shift is more than 2.046 ms. Consequently, the proposal significantly limits the capability of an adversary to manipulate the victim GNSS receiver.
Global Navigation Satellite Systems (GNSSs) are ubiquitously relied upon for positioning and timing. Detection and prevention of attacks against GNSS have been researched over the last decades, but many of these attacks and countermeasures were evaluated based on simulation. This work contributes to the experimental investigation of GNSS vulnerabilities, implementing a relay/replay attack with off-the-shelf hardware. Operating at the signal level, this attack type is not hindered by cryptographically protected transmissions, such as Galileo's Open Service Navigation Message Authentication (OS-NMA). The attack we investigate involves two colluding adversaries, relaying signals over large distances, to effectively spoof a GNSS receiver. We demonstrate the attack using off-the-shelf hardware, we investigate the requirements for such successful colluding attacks, and how they can be enhanced, e.g., allowing for finer adversarial control over the victim receiver. CCS CONCEPTS• Security and privacy → Mobile and wireless security; • Networks → Location based services.
To mitigate spoofing attacks targeting global navigation satellite systems (GNSS) receivers, one promising method is to rely on alternative time sources, such as network-based synchronization, in order to detect clock offset discrepancies caused by GNSS attacks. However, in case of no network connectivity, such validation references would not be available. A viable option is to rely on a local time reference; in particular, precision hardware clock ensembles of chip-scale thermally stable oscillators with extended holdover capabilities. We present a preliminary design and results towards a custom device capable of providing a stable reference, with smaller footprint and cost compared to traditional precision clocks. The system is fully compatible with existing receiver architecture, making this solution feasible for most industrial scenarios. Further integration with network-based synchronization can provide a complete time assurance system, with high short-and long-term stability. CCS CONCEPTS• Security and privacy → Mobile and wireless security; • Networks → Location based services.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.