The spoofing attack is a well known threat for global navigation satellite systems (GNSSs), where a malicious entity forges fake GNSS signals in order to trick a victim receiver into computing the desired false position and time. Only in recent years the interest in anti-spoofing techniques has been extended to mobile-device applications. As location-based services (LBS) are now deeply integrated in billions of people's everyday life, the security of positioning in mobile phones has become a concern. Indeed, it has been proven that even modern smartphones are vulnerable to position and time spoofing attacks. Previous studies have shown that current smartphones perform little or no cross-check on GNSS positioning, about the navigation message correctness, or the consistency of the obtained position estimate with data from other sensors that may be available on the same device. In this paper, as a response to the spoofing threat, we develop a novel technique that checks the consistency between the position estimates obtained by GNSS and data relative to the neighbouring cell. For the latter estimate we propose two solutions: one is based on the position of the base stations and the other directly on the smartphone position estimated from the cellular network. We also implement the proposed techniques in an Android application and test its effectiveness in detecting spoofing attacks and giving a warning to the user.
GNSS spoofing detection techniques by cellular network cross-check in smartphones
Formaggio F.;Ceccato S.;Basana F.;Laurenti N.;Tomasin S.
2019
Abstract
The spoofing attack is a well known threat for global navigation satellite systems (GNSSs), where a malicious entity forges fake GNSS signals in order to trick a victim receiver into computing the desired false position and time. Only in recent years the interest in anti-spoofing techniques has been extended to mobile-device applications. As location-based services (LBS) are now deeply integrated in billions of people's everyday life, the security of positioning in mobile phones has become a concern. Indeed, it has been proven that even modern smartphones are vulnerable to position and time spoofing attacks. Previous studies have shown that current smartphones perform little or no cross-check on GNSS positioning, about the navigation message correctness, or the consistency of the obtained position estimate with data from other sensors that may be available on the same device. In this paper, as a response to the spoofing threat, we develop a novel technique that checks the consistency between the position estimates obtained by GNSS and data relative to the neighbouring cell. For the latter estimate we propose two solutions: one is based on the position of the base stations and the other directly on the smartphone position estimated from the cellular network. We also implement the proposed techniques in an Android application and test its effectiveness in detecting spoofing attacks and giving a warning to the user.Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.