The aviation industry's increasing reliance on GPS to facilitate navigation and air traffic monitoring opens new attack vectors with the purpose of hijacking UAVs or interfering with air safety. We propose Crowd-GPS-Sec to detect and localize GPS spoofing attacks on moving airborne targets such as UAVs or commercial airliners. Unlike previous attempts to secure GPS, Crowd-GPS-Sec neither requires any updates of the GPS infrastructure nor of the airborne GPS receivers, which are both unlikely to happen in the near future. In contrast, Crowd-GPS-Sec leverages crowdsourcing to monitor the air traffic from GPS-derived position advertisements that aircraft periodically broadcast for air traffic control purposes. Spoofing attacks are detected and localized by an independent infrastructure on the ground which continuously analyzes the contents and the times of arrival of these advertisements. We evaluate our system with real-world data from a crowdsourced air traffic monitoring sensor network and by simulations. We show that Crowd-GPS-Sec is able to globally detect GPS spoofing attacks in less than two seconds and to localize the attacker up to an accuracy of 150 meters after 15 minutes of monitoring time.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.