GNSS Spoofing Detection

Abstract

The Global Navigation Satellite Systems (GNSS) is a low cost (to user), globally available, highly precise, all-time/all-weather timing and positioning system. Because of these advantages, its usage is growing at a very high rate. The GNSS system is unique in several respects including their low transmit power, open structure, and simplex (receive-only user systems) operation. Due to the fact that GNSS signals are received with very low power, they are prone to interference events that may reduce the usage or decrease the accuracy. Also due to the open signal structure, the receivers are prone to intentional interference to deceive the user, known as the spoofing attack. Spoofing of GNSS receiver poses great risks and challenges due to the user stake involved and the damage it can cause. A low cost GNSS receiver under spoofing attack usually does not alert the user and could mislead to a hazardous situation. However, the attack has its own limitations and shortcomings that are exploited in the anti-spoofing receivers. These include changing the lock of the receiver from authentic to the spoofing signal, spatial diversity of the authentic signal, and the coherency between the code, carrier and navigation message stream. In the efforts of mitigating the effects of spoofing on a user receiver, the detection is usually the foremost task. Therefore, the focus of this thesis is on the design and validation of different signal processing techniques that aim at detection of the spoofing attack effects. Three different techniques are thesisized. These techniques include slope metric based detector, PCA based detector, and ACF shape distortion based detector. The goal of slope based spoofing detection technique is to measure the signal quality by analyzing the slope of ACF. The formulation of slope-based metrics involves monitoring correlators along with tracking correlators in the receiver’s channel, to capture the slope correctly. The PCA based technique discussed in this thesis, can classify the received signal as clean, multipath and spoofing through a Baye’s multi-hypothesis classifier constructed from a Monte-Carlo simulation of the parameters for a receiver operating in a threat environment. The classifier uses the observation vector consisting of PCA normalized reconstruction error and principal direction deviation. The ACF shape distortion method compares the measured and the typical correlator tap values. The measurement is done through multiple correlator taps. The typical ACF values used are calculated considering the un-spoofed situations in which the signal contains Line of Sight (LOS) and Non-LOS components and noise. The detection techniques are checked using simulations, synthetic data and the TEXBAT data shared by the University of Texas, Austin. The methods found to be very effective in detecting the spoofing attack during the pull-off phase of the attack. In each case, Different formulations of the proposed methods are studied for optimal detection. The thesis also discusses mathematical analysis of the noise as the signal travels in different parts of the receiver. The analysis primarily investigates the joint statistics of the signals at the output of the correlators. The results of the analysis are useful in the development of a detector that utilizes the statistical correlation between the correlator outputs such as PCA based detectors. The thesis also discusses a method of generating spoofing signals using two un-spoofed recordings done simultaneously in open sky conditions. The resultant spoofing signal can be used in the validation of anti-spoofing methods, as an affordable alternative to the complete spoofing equipment.