1 / 9

Challenges of Practical Civil GNSS Security

Challenges of Practical Civil GNSS Security . Todd Humphreys, UT Austin Civil Navigation and Timing Security Splinter Meeting |Portland, Oregon | September 23, 2010. Emerging Threat: Civil GPS Spoofing. Civil GPS Spoofing Testbed at UT Austin. Spoofer . Defender .

dior
Download Presentation

Challenges of Practical Civil GNSS Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Challenges of Practical Civil GNSS Security Todd Humphreys, UT Austin Civil Navigation and Timing Security Splinter Meeting |Portland, Oregon | September 23, 2010

  2. Emerging Threat: Civil GPS Spoofing

  3. Civil GPS Spoofing Testbed at UT Austin Spoofer Defender • Data bit latency defense • Phase trauma monitoring • Dual-frequency tracking

  4. Video Demonstration of Spoofing Attack(not embedded; see posted video)

  5. Thoughts on the Way Forward for Civil GNSS Authentication • More signals means more inherent security, but probably insufficient • Some civil cryptographic authentication scheme is likely required • “Signal definition inertia is enormous” – Tom Stansell • Navigation message authentication (NMA) appears to be best, practical option (advocated by Logan Scott in 2003, others since) • Goal of cryptographic authentication: force adversary to use directional antennas in a replay attack • Preliminary evaluation of NMA for L2C suggests optimism, but strategy is not water-tight • Cryptography is the easy part

  6. Hard Part: Defend Against Security Code Replay Attack >500 MHz FPGAs enable near-zero-delay replay attack Soft W-bit Estimation Hard W-bit Estimation

  7. Effect on Target Receiver C/No Soft W-bit Estimation Hard W-bit Estimation

  8. Spoofing Detection as a Hypothesis Testing Problem (Soft W Estimation) Spoofing detection depends critically on good estimates of nominal (C/No)s and (C/No)r

  9. Final Observations • Must defend against following spoofing strategy: (1) soften up target with low-grade jamming, (2) begin soft-estimate replay attack, (3) transition to hard-estimate replay attack • A J/N meter is indispensable in spoofing detection to eliminate the possibility that the receiver’s estimate of its own nominal C/No (in the absence of spoofing) has been altered • Solar radio bursts, unintentional/intentional jamming will tend to trigger spoofing alarms • Spoofing detection is challenging for dynamic platforms because of the volatility in the nominal C/No

More Related