Assessment of the Vulnerability to Spoofing Attacks of GNSS Receivers Integrated in Consumer Devices

摘要

In this paper, we investigate the effects of spoofing attacks on the mass-market positioning and navigation units integrated in modern day Android™ smartphones. In order to operate spoofing in a real environment, we designed and implemented a portable, configurable, low-cost GPS spoofer exploiting a software-defined radio (SDR) implementation and a low-cost front-end. Such a tool has been exploited to set up a test campaign trying to mislead the Position, Velocity and Time computation of different Android™ smartphones. The effects of such simplistic spoofing attack on the smartphone GNSS has been assessed observing raw measurements and the evaluated positions and time. The main findings of this work showed that modern Android™ devices have a remarkable resilience to simplistic spoofing attacks, highlighting in parallel further potential weaknesses to be protected by means of practical defence mechanisms and countermeasures to spoofing.