TY - GEN
T1 - On the requirements for successful GPS spoofing attacks
AU - Tippenhauer, Nils Ole
AU - Pöpper, Christina
AU - Rasmussen, Kasper B.
AU - Čapkun, Srdjan
PY - 2011
Y1 - 2011
N2 - An increasing number of wireless applications rely on GPS signals for localization, navigation, and time synchronization. However, civilian GPS signals are known to be susceptible to spoofing attacks which make GPS receivers in range believe that they reside at locations different than their real physical locations. In this paper, we investigate the requirements for successful GPS spoofing attacks on individuals and groups of victims with civilian or military GPS receivers. In particular, we are interested in identifying from which locations and with which precision the attacker needs to generate its signals in order to successfully spoof the receivers. We will show, for example, that any number of receivers can easily be spoofed to one arbitrary location; however, the attacker is restricted to only few transmission locations when spoofing a group of receivers while preserving their constellation. In addition, we investigate the practical aspects of a satellite-lock takeover, in which a victim receives spoofed signals after first being locked on to legitimate GPS signals. Using a civilian GPS signal generator, we perform a set of experiments and find the minimal precision of the attacker's spoofing signals required for covert satellite-lock takeover.
AB - An increasing number of wireless applications rely on GPS signals for localization, navigation, and time synchronization. However, civilian GPS signals are known to be susceptible to spoofing attacks which make GPS receivers in range believe that they reside at locations different than their real physical locations. In this paper, we investigate the requirements for successful GPS spoofing attacks on individuals and groups of victims with civilian or military GPS receivers. In particular, we are interested in identifying from which locations and with which precision the attacker needs to generate its signals in order to successfully spoof the receivers. We will show, for example, that any number of receivers can easily be spoofed to one arbitrary location; however, the attacker is restricted to only few transmission locations when spoofing a group of receivers while preserving their constellation. In addition, we investigate the practical aspects of a satellite-lock takeover, in which a victim receives spoofed signals after first being locked on to legitimate GPS signals. Using a civilian GPS signal generator, we perform a set of experiments and find the minimal precision of the attacker's spoofing signals required for covert satellite-lock takeover.
KW - Experimentation
KW - Security
UR - http://www.scopus.com/inward/record.url?scp=80755144040&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=80755144040&partnerID=8YFLogxK
U2 - 10.1145/2046707.2046719
DO - 10.1145/2046707.2046719
M3 - Conference contribution
AN - SCOPUS:80755144040
SN - 9781450310758
T3 - Proceedings of the ACM Conference on Computer and Communications Security
SP - 75
EP - 85
BT - CCS'11 - Proceedings of the 18th ACM Conference on Computer and Communications Security
T2 - 18th ACM Conference on Computer and Communications Security, CCS'11
Y2 - 17 October 2011 through 21 October 2011
ER -