TY - JOUR
T1 - GPS spoofing detection via crowd-sourced information for connected vehicles
AU - Oligeri, Gabriele
AU - Sciancalepore, Savio
AU - Ibrahim, Omar Adel
AU - Di Pietro, Roberto
N1 - Publisher Copyright:
© 2022 The Author(s)
PY - 2022/10/24
Y1 - 2022/10/24
N2 - Modern vehicular systems rely on the Global Positioning System (GPS) technology to provide accurate and timely services. However, the GPS has been proved to be characterized by an intrinsic insecure design, thus being subject to several security attacks. Current solutions can reliably detect GPS spoofing attacks leveraging the physical features of the received GPS signals or resorting to multiple antennas. However, these techniques cannot be deployed when the physical properties of the received signals cannot be accessed, which is the most general case for commercial GPS receivers. Alternative solutions in the literature rely on the cross-check of the received signal with information coming from additional sources. However, such proposals are typically limited to a single source, are rarely supported by experimental results, and do not provide insights on the impact of several parameters, such as detection accuracy, time, false-positives, and robustness to malicious information. To overcome the cited limitations, in this paper, we propose an innovative approach, resorting to combined crowd-sourced information from the mobile cellular infrastructure and the WiFi networks to detect GPS spoofing attacks. Our analysis leverages an extensive experimental dataset, available online for the research community, gathered by driving around a car in urban, suburban, and rural scenarios, for around 5 h and covering more than 196 km. Our solution allows for a tunable tradeoff between detection delay and false positive; for instance, we can detect an attack in approximately 6 s, when leveraging the information coming from only the WiFi, while the delay increases to 30 s when using the information from the mobile cellular network, still achieving a false positive probability strictly less than 0.01. We also show the limitations and trade-offs of our approach, in terms of minimum detection accuracy, time, and robustness to malicious information. The data adopted in this work are publicly released to allow results replicability and foster further research in the highlighted directions.
AB - Modern vehicular systems rely on the Global Positioning System (GPS) technology to provide accurate and timely services. However, the GPS has been proved to be characterized by an intrinsic insecure design, thus being subject to several security attacks. Current solutions can reliably detect GPS spoofing attacks leveraging the physical features of the received GPS signals or resorting to multiple antennas. However, these techniques cannot be deployed when the physical properties of the received signals cannot be accessed, which is the most general case for commercial GPS receivers. Alternative solutions in the literature rely on the cross-check of the received signal with information coming from additional sources. However, such proposals are typically limited to a single source, are rarely supported by experimental results, and do not provide insights on the impact of several parameters, such as detection accuracy, time, false-positives, and robustness to malicious information. To overcome the cited limitations, in this paper, we propose an innovative approach, resorting to combined crowd-sourced information from the mobile cellular infrastructure and the WiFi networks to detect GPS spoofing attacks. Our analysis leverages an extensive experimental dataset, available online for the research community, gathered by driving around a car in urban, suburban, and rural scenarios, for around 5 h and covering more than 196 km. Our solution allows for a tunable tradeoff between detection delay and false positive; for instance, we can detect an attack in approximately 6 s, when leveraging the information coming from only the WiFi, while the delay increases to 30 s when using the information from the mobile cellular network, still achieving a false positive probability strictly less than 0.01. We also show the limitations and trade-offs of our approach, in terms of minimum detection accuracy, time, and robustness to malicious information. The data adopted in this work are publicly released to allow results replicability and foster further research in the highlighted directions.
KW - Connected vehicles
KW - Crowd-sourcing
KW - GPS spoofing detection
KW - Mobile IoT
KW - Security
UR - http://www.scopus.com/inward/record.url?scp=85136277911&partnerID=8YFLogxK
U2 - 10.1016/j.comnet.2022.109230
DO - 10.1016/j.comnet.2022.109230
M3 - Article
AN - SCOPUS:85136277911
SN - 1389-1286
VL - 216
JO - Computer Networks
JF - Computer Networks
M1 - 109230
ER -