research-article

GPS software attacks

Authors:

Tyler Nighswander,

Jonathan Diamond,

Robert Brumley,

David BrumleyAuthors Info & Claims

CCS '12: Proceedings of the 2012 ACM conference on Computer and communications security

Pages 450 - 461

https://doi.org/10.1145/2382196.2382245

Published: 16 October 2012 Publication History

Abstract

Since its creation, the Global Positioning System (GPS) has grown from a limited purpose positioning system to a ubiquitous trusted source for positioning, navigation, and timing data. To date, researchers have essentially taken a signal processing approach to GPS security and shown that GPS is vulnerable to jamming and spoofing.

In this work, we systematically map out a larger attack surface by viewing GPS as a computer system. Our surface includes higher level GPS protocol messages than previous work, as well as the GPS OS and downstream dependent systems. We develop a new hardware platform for GPS attacks, and develop novel attacks against GPS infrastructure. Our experiments on consumer and professional-grade receivers show that GPS and GPS-dependent systems are significantly more vulnerable than previously thought. For example, we show that remote attacks via malicious GPS broadcasts are capable of bringing down up to 30% and 20% of the global CORS navigation and NTRIP networks, respectively, using hardware that costs about the same as a laptop. In order to improve security, we propose systems-level defenses and principles that can be deployed to secure critical GPS and dependent systems.

References

[1]

RTCM Special Committee No. 104. RTCM Standard 10410.1: Networked Transport of RTCM via Internet Protocol (NTRIP) Version 2.0. Radio Technical Commission for Maritime Services, June 2008.

[2]

James Carroll, Karen Van Dyke, John Kraemer, and Charles Rodgers. Vulnerability Assessment of the Transportation Infrastructure Relying on the Global Positioning System. In ION National Technical Meeting, 2001.

[3]

ARINC Research Corporation. Navstar GPS space segment/navigation user interfaces (the interface control document). Technical Report IRN-200E-004, 2010.

[4]

Todd E Humphreys, Brent M Ledvina, Mark L Psiaki, Brady W O Hanlon, and Paul M Kintner. Assessing the Spoofing Threat: Development of a Portable GPS Civilian Spoofer. In Proceedings of the Institute of Navigation GNSS (ION GNSS 2008), 2008.

[5]

Brent M Ledvina, William J Bencze, Bryan Galusha, and Isaac Miller. An In-Line Anti-Spoofing Device for Legacy Civil GPS Receivers. In Proceedings of the Institute of Navigation International Technical Meeting (ION ITM 2009), January 2009.

[6]

Sherman Lo, David Lorenzo, Per Enge, Dennis Akos, and Paul Bradley. Signal authentication: A secure civil GNSS for today. Inside GNSS, October 2009.

[7]

D. Mills, Ed. J. Martin, J. Burbank, and W. Kasch. Network Time Protocol Version 4: protocol and algorithm specification. Request for Comments RFC 5905, 2010.

[8]

Carl Milnder, Washington Ochieng, Wolfgang Schuster, Marco Porretta, and Charles Curry. A regional space segment health monitor for local gps integrity monitoring. Journal of Navigation, pages 657--671, 2011.

[9]

Pratap Misra and Per Enge. Global Positioning System: Signals, Measurements, and Performance. Ganga-Jamuna Press, 2nd edition, 2006.

[10]

National Oceanic and Atmospheric Administration. Continually operating reference station (CORS). http://www.ngs.noaa.gov/CORS/.

[11]

California Department of Corrections and Rehabilitiation. Electronic monitoring unit. http://www.cdcr.ca.gov/Parole/Electronic_Monitoring_Unit/index.html.

[12]

P. Papadimitratos and A. Jovanovic. GNSS-based Positioning: Attacks and Countermeasures. In Military Communications Conference, 2008.

[13]

Mark L. Psiaki, Brady W. O'Hanlon, Jahshan A. Bhatti, Daniel P. Shepard, and Todd E. Humphreys. Civilian GPS Spoofing Detection based on Dual-Receiver Correlation of Military Signals. In Proceedings of the Institute of Navigation GNSS (ION GNSS 2011), September 2011.

[14]

Schneider Electric. PowerLogic SCADA: Power Monitoring and Control Software, 2008.

[15]

Logan Scott. Anti-spoofing and authenticated signal architectures for civilian navigation systems. In Proceedings of the Institute of Navigation GPS/GNSS 2003, pages 1543--1552, 2003.

[16]

Spirent. Using receiver NMEA data in a simulator test scenario. Technical Report DAN007-TM Issue 1-00, Spirent, unmarked year.

[17]

Nils Ole Tippenhauer, Christina Pöpper, Kasper Bonne Rasmussen, and Srdjan Capkun. On the requirements for successful GPS spoofing attacks. Proceedings of the ACM Conference on Computer and Communications Security (CCS), 22:75--85, 2011.

Digital Library

[18]

A J Van Dierendonck. Global Positioning System: Theory and Applications, chapter 8: GPS Receivers, pages 329--407. American Institute of Aeronautics and Astronautics, Washington, D.C., 1996.

[19]

Jon S Warner and Roger G Johnston. A Simple Demonstration that the Global Positioning System (GPS) is Vulnerable to Spoofing. Journal of Security Administration, 2003.

[20]

Kyle Wesson, Daniel Shepard, and Todd Humphreys. Straight talk on anti-spoofing. In GPS World, January 2012.

Cited By

Xu YBao YWang SZhang T(2024)Function Interaction Risks in Robot Apps: Analysis and Policy-Based SolutionIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.334877221:4(4236-4253)Online publication date: Jul-2024
https://doi.org/10.1109/TDSC.2023.3348772
Gao KWang HLv H(2024)Surgical Strike on 5G Positioning: Selective-PRS-Spoofing Attacks and Its DefenceIEEE Journal on Selected Areas in Communications10.1109/JSAC.2024.341459242:10(2922-2937)Online publication date: Oct-2024
https://doi.org/10.1109/JSAC.2024.3414592
Khan SParkinson S(2024)The Use of GPS Spoofing Attacks in Location DeceptionDeception in Autonomous Transport Systems10.1007/978-3-031-55044-7_12(181-196)Online publication date: 16-Feb-2024
https://doi.org/10.1007/978-3-031-55044-7_12
Show More Cited By

Index Terms

GPS software attacks
1. Security and privacy
  1. Network security

Recommendations

On the requirements for successful GPS spoofing attacks
CCS '11: Proceedings of the 18th ACM conference on Computer and communications security

An increasing number of wireless applications rely on GPS signals for localization, navigation, and time synchronization. However, civilian GPS signals are known to be susceptible to spoofing attacks which make GPS receivers in range believe that they ...
Surviving Distributed Denial-of-Service Attacks

A series of distributed denial-of-service (DDoS) attacks were launched against computer systems and services in the US and South Korea beginning July 4th. A DDoS attack is an attempt to make a computer service unavailable to its intended users. The ...
A car test for the estimation of GPS/INS alignment errors

Misalignment can be an important error source in the integration of the global positioning system (GPS) and inertial navigation systems. This paper presents car test results on the estimation of alignment errors in the integration of a low-grade ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '12: Proceedings of the 2012 ACM conference on Computer and communications security

October 2012

1088 pages

ISBN:9781450316514

DOI:10.1145/2382196

General Chair:
Ting Yu
North Carolina State University, USA
,
Program Chairs:
George Danezis
Microsoft Research Cambridge, UK
,
Virgil Gligor
Carnegie Mellon University, USA

Copyright © 2012 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 16 October 2012

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS'12

Sponsor:

SIGSAC

CCS'12: the ACM Conference on Computer and Communications Security

October 16 - 18, 2012

North Carolina, Raleigh, USA

Acceptance Rates

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '24

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

73
Total Citations
View Citations
1,648
Total Downloads

Downloads (Last 12 months)74
Downloads (Last 6 weeks)8

Reflects downloads up to 22 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Xu YBao YWang SZhang T(2024)Function Interaction Risks in Robot Apps: Analysis and Policy-Based SolutionIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.334877221:4(4236-4253)Online publication date: Jul-2024
https://doi.org/10.1109/TDSC.2023.3348772
Gao KWang HLv H(2024)Surgical Strike on 5G Positioning: Selective-PRS-Spoofing Attacks and Its DefenceIEEE Journal on Selected Areas in Communications10.1109/JSAC.2024.341459242:10(2922-2937)Online publication date: Oct-2024
https://doi.org/10.1109/JSAC.2024.3414592
Khan SParkinson S(2024)The Use of GPS Spoofing Attacks in Location DeceptionDeception in Autonomous Transport Systems10.1007/978-3-031-55044-7_12(181-196)Online publication date: 16-Feb-2024
https://doi.org/10.1007/978-3-031-55044-7_12
Spravil JHemminghaus Cvon Rechenberg MPadilla EBauer J(2023)Detecting Maritime GPS Spoofing Attacks Based on NMEA Sentence Integrity MonitoringJournal of Marine Science and Engineering10.3390/jmse1105092811:5(928)Online publication date: 26-Apr-2023
https://doi.org/10.3390/jmse11050928
Chalhoub GMartin A(2023)But is it exploitable? Exploring how Router Vendors Manage and Patch Security Vulnerabilities in Consumer-Grade RoutersProceedings of the 2023 European Symposium on Usable Security10.1145/3617072.3617110(277-295)Online publication date: 16-Oct-2023
https://dl.acm.org/doi/10.1145/3617072.3617110
Akand MSafavi-Naini RKneppers MGiraud MLafourcade P(2023)Privacy-Preserving Proof-of-Location With Security Against Geo-TamperingIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2021.312807320:1(131-146)Online publication date: 1-Jan-2023
https://doi.org/10.1109/TDSC.2021.3128073
Gao KWang HLv HGao P(2023)Your Locations May Be Lies: Selective-PRS-Spoofing Attacks and Defence on 5G NR Positioning SystemsIEEE INFOCOM 2023 - IEEE Conference on Computer Communications10.1109/INFOCOM53939.2023.10228877(1-10)Online publication date: 17-May-2023
https://doi.org/10.1109/INFOCOM53939.2023.10228877
Xu YHan XDeng GLi JLiu YZhang T(2023)SoK: Rethinking Sensor Spoofing Attacks against Robotic Vehicles from a Systematic View2023 IEEE 8th European Symposium on Security and Privacy (EuroS&P)10.1109/EuroSP57164.2023.00067(1082-1100)Online publication date: Jul-2023
https://doi.org/10.1109/EuroSP57164.2023.00067
Couder JGomez DProcko TOchoa ODiessner D(2023)Leveraging Signal Strength as a Mechanism to Secure GPS Messages2023 IEEE/AIAA 42nd Digital Avionics Systems Conference (DASC)10.1109/DASC58513.2023.10311183(1-6)Online publication date: 1-Oct-2023
https://doi.org/10.1109/DASC58513.2023.10311183
Frei MKwon JTabaeiaghdaei SWyss MLenzen CPerrig A(2022)G-SINC: Global Synchronization Infrastructure for Network Clocks2022 41st International Symposium on Reliable Distributed Systems (SRDS)10.1109/SRDS55811.2022.00021(133-145)Online publication date: Sep-2022
https://doi.org/10.1109/SRDS55811.2022.00021
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents