Civilian GPS Spoofing Detection based on Dual-Receiver Correlation of Military Signals

摘要

Cross-correlations of unknown encrypted signals betweentwo civilian GNSS receivers are used to detect spoofingof known open-source signals. This type of detectionalgorithm is the strongest known defense againstsophisticated spoofing attacks if the defended receiver hasonly one antenna. The attack strategy of concern starts byoverlaying false GNSS radio-navigation signals exactlyon top of the true signals. The false signals increase inpower, lift the receiver tracking loops off of the truesignals, and then drag the tracking loops and thenavigation solution to erroneous, but consistent results.This paper develops codeless and semi-codeless spoofingdetection methods for use in inexpensive, narrow-bandcivilian GNSS receivers. Detailed algorithms andanalyses are developed that use the encrypted militaryP(Y) code on the L1 GPS frequency in order to defendthe open-source civilian C/A code. The new detectiontechniques are similar to methods used in civilian dualfrequencyGPS receivers to track the P(Y) code on L2 bycross-correlating it with P(Y) on L1. Successful detectionof actual spoofing attacks is demonstrated by off-lineprocessing of digitally recorded RF data. The codelesstechnique can detect attacks using 1.2 sec of correlation,and the semi-codeless technique requires correlationintervals of 0.2 sec or less. This technique has beendemonstrated in a narrow-band receiver with a 2.5 MHzbandwidth RF front-end that attenuates the P(Y) code by5.5 dB.