Methods and systems for detecting GPS spoofing attacks

US 20130002477A1
Filed: 06/29/2011
Published: 01/03/2013
Est. Priority Date: 06/29/2011
Status: Active Grant

First Claim

Patent Images

1. A method for detecting a global positioning system (GPS) spoofing attack in connection with a GPS receiver, comprising:

providing a GPS receiver and an inertial navigational system (INS) device operatively associated with said GPS receiver;

collecting sequentially a series of navigational data comprising a GPS reading from the GPS receiver and INS reading from the INS device at periodic intervals; and

statistically analyzing via hypothesis testing the GPS and INS readings of the corresponding navigational data until either a statistically significant difference between the GPS and INS readings can be determined to signal the presence of a GPS spoofing attack, or the difference between the GPS and INS readings are statistically about the same to signal the absence of a GPS spoofing attack.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for detecting global positioning system (GPS) spoofing attacks includes collecting GPS readings along with inertial navigational system (INS) readings as a ground truth, and sequentially testing the GPS readings and INS readings through the use of a sequential probability ratio testing (SPRT) process.

Citations

22 Claims

1. A method for detecting a global positioning system (GPS) spoofing attack in connection with a GPS receiver, comprising:
- providing a GPS receiver and an inertial navigational system (INS) device operatively associated with said GPS receiver;
  
  collecting sequentially a series of navigational data comprising a GPS reading from the GPS receiver and INS reading from the INS device at periodic intervals; and
  
  statistically analyzing via hypothesis testing the GPS and INS readings of the corresponding navigational data until either a statistically significant difference between the GPS and INS readings can be determined to signal the presence of a GPS spoofing attack, or the difference between the GPS and INS readings are statistically about the same to signal the absence of a GPS spoofing attack.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the analyzing step comprises:
    - selecting a lower detection threshold corresponding to a first statistical significance level wherein a GPS spoofing attack is deemed absent, and a higher detection threshold corresponding to a second statistical significance level wherein a GPS spoofing attack is deemed present;
      
      determining a test statistic from each navigational data collected at each interval;
      
      determining a probability value from each of the test statistics; and
      
      comparing the probability value corresponding to each test statistic with the lower detection threshold and the higher detection threshold, respectively, until an outcome corresponding to the presence of a GPS spoofing attack can be established.
  - 3. The method of claim 2, wherein one of the outcomes comprises:
    - continuing the collection of navigational data under the condition that the test statistic is less than the upper statistical significance level, and greater than the lower statistical significance level.
  - 4. The method of claim 2, wherein one of the outcomes comprises:
    - terminating the collection of navigational data; and
      
      signaling the presence of a GPS spoofing attack under the condition that the test statistic is greater than or equal to the upper statistical significance level
  - 5. The method of claim 2, wherein one of the outcomes comprises:
    - terminating the collection of navigational data; and
      
      signaling the absence of a GPS spoofing attack under the condition that the test statistic is lesser than or equal to the lower statistical significance level.
  - 6. The method of claim 1, wherein the hypothesis test is a sequential probability ratio test.
  - 7. The method of claim 2, wherein the test statistic (Δ
    - _i) is determined using Eq. (3) as follows,
      Δ
      
      _i=|X_GPSⁱ−
      
      X_INSⁱ|
      
      (3)wherein;
      
      X_GPSⁱrepresents the GPS reading from the GPS receiver; and
      
      X_INSⁱrepresents the INS reading from the INS device.
  - 8. The method of claim 2, wherein the probability value is a cumulative sum of log-likelihood ratio (λ
    - _i), said cumulative sum of log-likelihood ratio (λ
      
      _i) being determined using Eq. (4) as follows,

9. A method for detecting a global positioning system (GPS) spoofing attack in connection with a GPS receiver, comprising:
- (a) providing a GPS receiver and an inertial navigational system (INS) device operatively associated with said GPS receiver;
  
  (b) selecting a lower detection threshold corresponding to a first statistical significance level wherein a GPS spoofing attack is deemed absent, and a higher detection threshold corresponding to a second statistical significance level wherein a GPS spoofing attack is deemed present;
  
  (c) collecting sequentially a series of navigational data comprising a GPS reading from the GPS receiver and INS reading from the INS device at periodic intervals;
  
  (d) determining a test statistic from each navigational data collected at each interval;
  
  (e) determining a probability value from each of the test statistics;
  
  (f) comparing the probability value corresponding to each test statistic with the lower detection threshold and the higher detection threshold, respectively, until an outcome corresponding to the presence or absence of a GPS spoofing attack can be established.
- View Dependent Claims (10, 11, 12, 13, 14, 20)
- - 10. The method of claim 9, wherein one of the outcomes comprises:
    - continuing the collection of navigational data under the condition that the test statistic is less than the upper statistical significance level, and greater than the lower statistical significance level.
  - 11. The method of claim 9, wherein one of the outcomes comprises:
    - terminating the collection of navigational data; and
      
      signaling the presence of a GPS spoofing attack under the condition that the test statistic is greater than or equal to the upper statistical significance level
  - 12. The method of claim 9, wherein one of the outcomes comprises:
    - terminating the collection of navigational data; and
      
      signaling the absence of a GPS spoofing attack under the condition that the test statistic is lesser than or equal to the lower statistical significance level.
  - 13. The method of claim 9, wherein the test statistic (Δ
    - _i) is determined using Eq. (3) as follows,
      Δ
      
      _i=|X_GPSⁱ−
      
      X_INSⁱ
      
      (3)wherein;
      
      X_GPSⁱrepresents the GPS reading from the GPS receiver; and
      
      X_INSⁱrepresents the INS reading from the INS device.
  - 14. The method of claim 9, wherein the probability value is a cumulative sum of log-likelihood ratio (λ
    - _i), said cumulative sum of log-likelihood ratio (λ
      
      _i) being determined using Eq. (4) as follows,
  - 20. The system of claim 13, wherein the hypothesis test is a sequential probability ratio test.

15. A system for detecting a global positioning system (GPS) spoofing attack on a navigational unit, comprising:
- a GPS receiver and an inertial navigational system (INS) device operatively associated with said GPS receiver; and
  
  a central processor operatively connected to the GPS receiver and INS device, said central processor being programmed to perform the steps of;
  
  collecting sequentially a series of navigational data comprising a GPS reading from the GPS receiver and INS reading from the INS device at periodic intervals; and
  
  statistically analyzing via hypothesis testing the GPS and INS readings of the corresponding navigational data until either a statistically significant difference between the GPS and INS readings can be determined to signals the presence of a GPS spoofing attack, or the difference between the GPS and INS readings are statistically about the same to signals the absence of a GPS spoofing attack.
- View Dependent Claims (16, 17, 18, 19, 21, 22)
- - 16. The system of claim 15, wherein the analyzing step comprises:
    - selecting a lower detection threshold corresponding to a first statistical significance level wherein a GPS spoofing attack is deemed absent, and a higher detection threshold corresponding to a second statistical significance level wherein a GPS spoofing attack is deemed present;
      
      determining a test statistic from each navigational data collected at each interval;
      
      determining a probability value from each of the test statistics; and
      
      comparing the probability value corresponding to each test statistic with the lower detection threshold and the higher detection threshold, respectively, until an outcome corresponding to the presence or absence of a GPS spoofing attack can be established.
  - 17. The method of claim 16, wherein one of the outcomes comprises:
    - continuing the collection of navigational data under the condition that the test statistic is less than the upper statistical significance level, and greater than the lower statistical significance level.
  - 18. The method of claim 16, wherein one of the outcomes comprises:
    - terminating the collection of navigational data; and
      
      signaling the presence of a GPS spoofing attack under the condition that the test statistic is greater than or equal to the upper statistical significance level
  - 19. The method of claim 16, wherein one of the outcomes comprises:
    - terminating the collection of navigational data; and
      
      signaling the absence of a GPS spoofing attack under the condition that the test statistic is lesser than or equal to the lower statistical significance level.
  - 21. The system of claim 16, wherein the test statistic (Δ
    - _i) is determined using Eq. (3) as follows,
      Δ
      
      _i=|X_GPSⁱ−
      
      X_INSⁱ|
      
      (3)wherein;
      
      X_GPSⁱis the GPS reading from the GPS receiver; and
      
      X_INSⁱis the INS reading from the INS device.
  - 22. The system of claim 16, wherein the probability value is a cumulative sum of log-likelihood ratio (λ
    - _i), said cumulative sum of log-likelihood ratio (λ
      
      _i) being determined using Eq. (4) as follows,

Specification

Resources

Litigation Campaign Assessment

Current Assignee
BAE Systems Information and Electronic Systems Integration Incorporated (BAE Systems Plc)
Original Assignee
BAE Systems Information and Electronic Systems Integration Incorporated (BAE Systems Plc)
Inventors
Dehnie, Sintayehu, Ghanadan, Reza

Granted Patent

US 8,922,427 B2
Time in Patent Office

Days
Field of Search
US Class Current

342/357.3
CPC Class Codes

G01S 19/215 issues related to spoofing

G01S 19/47 the supplementary measureme...

Methods and systems for detecting GPS spoofing attacks

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and systems for detecting GPS spoofing attacks

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links