Protecting GNSS-based Services using Time Offset Validation

Zhang, Kewei; Spanghero, Marco; Papadimitratos, Panagiotis

doi:10.1109/plans46316.2020.9110224

Cited by 9 publications

(9 citation statements)

References 35 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Beyond the aforementioned early works on time-based detection for GNSS attacks, we discuss next the most closely related recent works, including notably approaches that rely on local time references or an ensemble of clocks. Nonetheless, we do not discuss timebased detection approaches that rely on network-obtained time information [11,12], which are a powerful tool, but are dependant on the quality of the connection, and the level of sophistication of the attacker able to tamper with (access to) the remote time server.…”

Section: Related Workmentioning

confidence: 99%

“…Specifically for time-based detection of GNSS attacks, the socalled Time Test can be leveraged [10]. In this case, various secure network time providers (NTS, PTP) can be leveraged [11,12] to compare the time solution provided by the GNSS receiver with a trusted time reference. However, a diversified attacker can manipulate GNSS signals to induce a false PVT solution while preventing the receiver from connecting to the network altogether or, selectively, to network time providers.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

High-precision Hardware Oscillators Ensemble for GNSS Attack Detection

Spanghero,

Papadimitratos

2022

Preprint

View full text Add to dashboard Cite

A wide gamut of important applications rely on global navigation satellite systems (GNSS) for precise time and positioning. Attackers dictating the GNSS receiver position and time solution are a significant risk, especially due to the inherent vulnerability of GNSS systems. A first line of defense, for a large number of receivers, is to rely on additional information obtained through the rich connectivity of GNSS enabled platforms. Network time can be used for direct validation of the GNSS receiver time; but this depends on network availability. To allow attack detection even when there are prolonged network disconnections, we present a method based on on-board ensemble of reference clocks. This allows the receiver to detect sophisticated attacks affecting the GNSS time solution, independently of the specific attack methodology. Results obtained with Chip-Scale Oven Compensated Oscillators (CS-OCXO) are promising and demonstrate the potential of embedded ensembles of reference clocks, detecting attacks causing modifications of the receiver time offset as low as 0.3 µs, with half the detection latency compared to related literature.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

High-precision Hardware Oscillators Ensemble for GNSS Attack Detection

Spanghero,

Papadimitratos

2022

Preprint

View full text Add to dashboard Cite

show abstract

“…Such a capability can be valuable as it could be readily deployed to safeguard GNSS-based position (and timing). The recent results in [23] exploit the co-existence of multiple time sources to cross-validate time information obtained from the GNSS receiver, demonstrating how a combination of different time sources can be used to detect deviations in GNSS time and detect GNSS attacks that caused such time deviations. In the context of protecting mobile phones from spoofing, side-information based approaches, such as time sources, inertial sensors and A-GPS (Assisted GPS) information [24] are also investigated.…”

Section: Introductionmentioning

confidence: 99%

“…Even though existing approaches, such as [23], raise the bar, it is paramount to have trustworthy information from the leveraged alternate sources. If not, in the presence of an adversary that can attack both the GNSS side (e.g., spoofing) and the Internet side (e.g., impersonating or manipulating the alternate source of time information), the detection would fail.…”

Section: Introductionmentioning

confidence: 99%

Authenticated time for detecting GNSS attacks

Spanghero,

Zhang,

Papadimitratos

2022

Preprint

View full text Add to dashboard Cite

Information cross-validation can be a powerful tool to detect manipulated, dubious GNSS data. A promising approach is to leverage time obtained over networks a mobile device can connect to, and detect discrepancies between the GNSSprovided time and the network time. The challenge lies in having reliably both accurate and trustworthy network time as the basis for the GNSS attack detection. Here, we provide a concrete proposal that leverages, together with the network time servers, the nearly ubiquitous IEEE 802.11 (Wi-Fi) infrastructure. Our framework supports application-layer, secure and robust real time broadcasting by Wi-Fi Access Points (APs), based on hash chains and infrequent digital signatures verification to minimize computational and communication overhead, allowing mobile nodes to efficiently obtain authenticated and rich time information as they roam. We pair this method with Network Time Security (NTS), for enhanced resilience through multiple sources, available, ideally, simultaneously. We analyze the performance of our scheme in a dedicated setup, gauging the overhead for authenticated time data (Wi-Fi timestamped beacons and NTS). The results show that it is possible to provide security for the external to GNSS time sources, with minimal overhead for authentication and integrity, even when the GNSS-equipped nodes are mobile, and thus have short interactions with the Wi-Fi infrastructure and possibly intermittent Internet connectivity, as well as limited resources.

show abstract

“…Several countermeasures were proposed, leveraging signal characteristics, e.g. [3], the receiver's attitude [4] or validation of the PVT solution through alternative position and time sources [11,14,16,21].…”

Section: Introductionmentioning

confidence: 99%

Detecting GNSS misbehaviour with high-precision clocks

Spanghero

Papadimitratos

2021

Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks

Self Cite

View full text Add to dashboard Cite

To mitigate spoofing attacks targeting global navigation satellite systems (GNSS) receivers, one promising method is to rely on alternative time sources, such as network-based synchronization, in order to detect clock offset discrepancies caused by GNSS attacks. However, in case of no network connectivity, such validation references would not be available. A viable option is to rely on a local time reference; in particular, precision hardware clock ensembles of chip-scale thermally stable oscillators with extended holdover capabilities. We present a preliminary design and results towards a custom device capable of providing a stable reference, with smaller footprint and cost compared to traditional precision clocks. The system is fully compatible with existing receiver architecture, making this solution feasible for most industrial scenarios. Further integration with network-based synchronization can provide a complete time assurance system, with high short-and long-term stability. CCS CONCEPTS• Security and privacy → Mobile and wireless security; • Networks → Location based services.

show abstract

Protecting GNSS-based Services using Time Offset Validation

Cited by 9 publications

References 35 publications

High-precision Hardware Oscillators Ensemble for GNSS Attack Detection

High-precision Hardware Oscillators Ensemble for GNSS Attack Detection

Authenticated time for detecting GNSS attacks

Detecting GNSS misbehaviour with high-precision clocks

Contact Info

Product

Resources

About