ION/GNSS 2011, 23 Sept. 2011 Mark L. Psiaki Sibley School of Mechanical & Aerospace Engr., Cornell University Developing Defenses Against Jamming & Spoofing.

Slides:

Advertisements

Similar presentations

GSC: Standardization Advancing Global Communications Evolution of TD-SCDMA China Communications Standards Association (CCSA) Chicago, May 29th to 2nd June,

Advertisements

GALILEO and EGNOS Fotis Karamitsos, European Commission

EE578 Assignment #5 Abdul-Aziz.M Al-Yami November 8 th 2010.

Challenges of Practical Civil GNSS Security Todd Humphreys, UT Austin Civil Navigation and Timing Security Splinter Meeting |Portland, Oregon | September.

ION GNSS 2011, September 23 rd, Portland, Oregon Improving Security of GNSS Receivers Felix Kneissl University FAF Munich.

A Distributed Security Framework for Heterogeneous Wireless Sensor Networks Presented by Drew Wichmann Paper by Himali Saxena, Chunyu Ai, Marco Valero,

Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks Mingyan Li, Iordanis Koutsopoulos, Radha Poovendran (InfoComm ’07) Presented.

Broad-Band Satellite Networks - The Global IT Bridge Presented by Tsoline Mikaelian Abbas Jamalipour By Abbas Jamalipour Proc. of the IEEE, Vol. 89, No.1.

Development of Parallel Simulator for Wireless WCDMA Network Hong Zhang Communication lab of HUT.

Presented by Serge Kpan LTEC Network Systems Administration 1.

1 Link Characteristics in Sensor Networks. 2 Why Such a Study? (in)validate whether the basic model used in design is accurate or not  Remember you have.

Workshop EGNOS KRAKÓW GNSS RECEIVER TESTING TECHNIQUES IN A LABORATORY ENVIRONMENT Institute of Radar Technology Military University of Technology.

14/03/2005 CGSIC Meeting, Prague, Czech Republic Oscar Pozzobon Chris Wullems Prof. Kurt Kubik Security issues in next generation satellite systems.

GPS and other GNSS signals GPS signals and receiver technology MM10 Darius Plausinaitis

Lower-Layer Security in Mobility Yih-Chun Hu. Wireless Physical Layer Security The problem: prevent the jamming of broadcast to a group of nodes, some.

TPS: A Time-Based Positioning Scheme for outdoor Wireless Sensor Networks Authors: Xiuzhen Cheng, Andrew Thaeler, Guoliang Xue, Dechang Chen From IEEE.

Distance-decreasing attack in GPS Final Presentation Horacio Arze Prof. Jean-Pierre Hubaux Assistant: Marcin Poturalski January 2009 Security and Cooperation.

Frontiers in Radionavigation Dr. Todd E. Humphreys.

Thoughts on GPS Security and Integrity Todd Humphreys, UT Austin Aerospace Dept. DHS Visit to UT Radionavigation Lab | March 10, 2011.

Modern Navigation Thomas Herring

WNCG, UT Austin, 1 April 2011 Mark L. Psiaki Sibley School of Mechanical & Aerospace Engr., Cornell University Civilian GPS Spoofing Detection based on.

Kyle Wesson, Mark Rothlisberger, and Todd Humphreys

How Global Positioning Devices (GPS) work

WLAN. A wireless LAN, or WLANLAN WLAN, is a local area network that does not have wired Ethernet connections. A WLAN can be either an extension to a current.

Pg 1 of 12 AGI GPS Signal Simulation & Visualization Oct 11, 2005 Curtis Hay Spirent Federal Systems.

Secure Localization Algorithms for Wireless Sensor Networks proposed by A. Boukerche, H. Oliveira, E. Nakamura, and A. Loureiro (2008) Maria Berenice Carrasco.

SVY 207: Lecture 4 GPS Description and Signal Structure

Presented by Amira Ahmed El-Sharkawy Ibrahim.  There are six of eight turtle species in Ontario are listed as endangered, threatened or of special concern.

1 Secure Cooperative MIMO Communications Under Active Compromised Nodes Liang Hong, McKenzie McNeal III, Wei Chen College of Engineering, Technology, and.

GPS Status and Modernization 3 rd International Satellite Navigation Forum Moscow, Russia 12 May 2009 Lt Col Tim Lewallen, US Air Force Acting Chief, PNT.

GLOBAL POSITIONING SYSTEM Space Enterprise Council Capitol Hill Day 14 March 2008 Major Charlie Daniels, U.S. Air Force National Coordination Office.

SMART ANTENNA SYSTEMS IN BWA Submitted by M. Venkateswararao.

Oscar Pozzzobon Technical Director, Qascom ION GNSS 2011, September 23, Portland, US.

EFFECTS OF MUTUAL COUPLING AND DIRECTIVITY ON DOA ESTIMATION USING MUSIC LOPAMUDRA KUNDU & ZHE ZHANG.

SMART ANTENNA under the guidance of Mr. G.V.Kiran Kumar EC

© GMV, 2010 Propiedad de GMV Todos los derechos reservados EUROPEAN GNSS EGNOS AND GALILEO. CHARACTERISTICS AND ADVANTAGES OF BRUSSELS. OCTOBER 1 st, 2010.

Security Patterns in Wireless Sensor Networks By Y. Serge Joseph October 8 th, 2009 Part I.

Riding out the Rough Spots: Scintillation-Robust GNSS Carrier Tracking Dr. Todd E. Humphreys Radionavigation Laboratory University of Texas at Austin.

By Andrew Y.T. Kudowor, Ph.D. Lecture Presented at San Jacinto College.

ﺑﺴﻢﺍﷲﺍﻠﺭﺣﻣﻥﺍﻠﺭﺣﻳﻡ. Group Members Nadia Malik01 Malik Fawad03.

ECE External Research Board Meeting Wireless Network and Communications Tan F. Wong Wireless Information and Networking Group

SMUCSE 8394 BTS – Communication Technologies. SMUCSE 8394 Objectives To establish and maintain a unifying exchange and sharing framework for different.

Car-to-Car Communication for Accident Avoidance

11/25/2015 Wireless Sensor Networks COE 499 Localization Tarek Sheltami KFUPM CCSE COE 1.

Adversary models in wireless security Suman Banerjee Department of Computer Sciences Wisconsin Wireless and NetworkinG Systems (WiNGS)

Implementing algorithms for advanced communication systems -- My bag of tricks Sridhar Rajagopal Electrical and Computer Engineering This work is supported.

What Makes a GNSS Signal the IGS Analysis Center Workshop 2-6 June 2008, Miami Beach Larry Young (not an expert, just a user) Jet Propulsion Lab.

Vidya Bharathi Institute of Technology

Performance of Adaptive Beam Nulling in Multihop Ad Hoc Networks Under Jamming Suman Bhunia, Vahid Behzadan, Paulo Alexandre Regis, Shamik Sengupta.

GPS Spoofing Detection System Mark Psiaki & Brady O’Hanlon, Cornell Univ., Todd Humphreys & Jahshan Bhatti, Univ. of Texas at Austin Abstract: A real-time.

Dependability in Wireless Networks By Mohammed Al-Ghamdi.

Secure Civil Navigation and Timing Todd Humphreys | Aerospace Engineering The University of Texas at Austin MITRE | July 20, 2012.

Multiple Access Techniques for Wireless Communication

Navy GPS GPS Users Conference 02 November 2000 LCDR Drew Williams SSC-SD, Code D315 GPS Division GPS Vulnerability.

Assessing the Civil GPS Spoofing Threat

Secure positioning in Wireless Networks Srdjan Capkun, Jean-Pierre Hubaux IEEE Journal on Selected area in Communication Jeon, Seung.

SMART ANTENNAS SMART ANTENNAS apoorva k. Shetti 2bu09ec006

Securing Interconnect Networks By: Bryan Roberts.

[1] TECHNICAL SEMINAR PRESENTATION SMART ANTENNA Edited by: Priyabrata Nayak, Lecturer, Dept. of CSE SMART ANTENNA.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Creating the Network Design Designing and Supporting Computer Networks – Chapter.

GPS Denial – Causes and Solutions Neil Gerein. NovAtel Inc. Proprietary Moving, or gathering data, you need to know where you are 2.

PROJECT DOMAIN : NETWORK SECURITY Project Members : M.Ananda Vadivelan & E.Kalaivanan Department of Computer Science.

Geodesy & Crustal Deformation

Wireless Fidelity (15881A0515).

Counter-UAV Challenges: Is GNSS Spoofing Effective?

Denial-of-Service Jammer Detector Training Course Worldsensing

Performance requirements update

An Overview of Security Issues in Sensor Network

Presentation transcript:

ION/GNSS 2011, 23 Sept Mark L. Psiaki Sibley School of Mechanical & Aerospace Engr., Cornell University Developing Defenses Against Jamming & Spoofing of Civilian GNSS Receivers

ION/GNSS Sept. ‘11 2 of 11 Approach of an Estimation Theorist: Reductionist Problem Solving Spoofers & jammers will be deployed against civilian GNSS receivers (mostly GPS at present) GNSS signal structures will not be modified to aid defenses Likely jammers can be bought & studied Likely spoofers can be designed/imagined/modeled Strategies for Developing Defenses: Problem Givens: Jamming:  Acquire, examine, test, & characterize jammers  Design detection, localization, & mitigation systems for known jammers (like computer anti-virus software) Spoofing:  Exploit encrypted military signals & known timing/phasing relative to defended civilian signals

ION/GNSS Sept. ‘11 3 of 11 Jamming Mitigation Strategies Detection & localization  Deploy networked array of advanced GNSS receivers in defended region Each node is small phased-array; beam steering allows GPS tracking under jamming Example: on every New Jersey State police car near Newark Airport  Detection & localization strategies Solve layered sequence of problems 1 st detect 2 nd rough-locate based on power at several nodes, simple algorithms 3 rd fine-locate based on multi-node carrier-phase interferometry or TDOA to within meters – exploit fine-scale correlations between multiple nodes & precise inter-receiver timing from GPS 4 th interdict Develop scalable algorithms with potential to deal with 100 or more jammers simultaneously Receiver-based mitigation  Simultaneous frequency/time excision  Pose as Kalman-filter-based estimation problem & near/far signal reception problem Requisite information:  Jammer time/frequency models enable efficient/accurate detection & localization Generalized model-independent detection, localization, & mitigation for new/unknown jammer types  Like computer anti-virus software that looks for unknown viruses based on suspicious characteristics/behavior

Power & Spectral Time Evolution of a Cigarette- Lighter-Type Jammer * ION/GNSS Sept. ‘11 4 of 11 * from Mitch et al. “Signal Characteristics of Civil GPS Jammers”, ION/GNSS 2011

Jammer Effective Ranges from Attenuation Tests * Faraday Box Victim Receiver GPS Signal Simulator Signal Combiner ION/GNSS Sept. ‘11 5 of 11 * from Mitch et al. “Signal Characteristics of Civil GPS Jammers”, ION/GNSS 2011

Future Issues in Jammer Detection & Localization How can one exploit frequency-sawtooth structure of many known low-budget jammers … in detection? … in fine localization? … in receiver mitigation? (Kalman-filter-based coupled time/frequency excision?) … in an environment with many such jammers? ION/GNSS Sept. ‘11 6 of 11

ION/GNSS Sept. ‘11 7 of 11 UE with -receiver for delayed, digitally-signed P(Y) features -delayed processing to detect spoofing via P(Y) feature correlation Spoofing Detection via P(Y) Correlation * Secure antenna/receiver w/processing to estimate P(Y) features (or a single antenna or a distributed set of single-antennas) GPS Satellite Transmitter of delayed, digitally-signed P(Y) features GEO “bent-pipe” transceiver Broadcast segments of delayed, digitally- signed P(Y) features Secure uplink of delayed, digitally- signed P(Y) features * from Psiaki et al. “Civilian GPS Spoofing Detection based on Dual-Receiver Correlation of Military Signals”, ION/GNSS 2011

ION/GNSS Sept. ‘11 8 of 11 Block Diagram of Generalized P(Y) Correlation Spoofing Detector GPS transmitter UE receiver with P(Y) fea extraction processing Secure ground- based antenna/ receiver Digital signer Secure link to broadcaster Wireless (or internet) broadcaster UE receiver (or internet link) for P(Y) fea Correlation registers Digital sig- nature verifier Spoofing Detector L1 C/A & P(Y) P(Y) fea P(Y) fea/est User Equipment New Infrastructure

ION/GNSS Sept. ‘11 9 of 11 Early Codeless Spoofing Attack Detection * * from Psiaki et al. “Civilian GPS Spoofing Detection based on Dual-Receiver Correlation of Military Signals”, ION/GNSS 2011

Early Semi-Codeless Spoofing Attack Detection * ION/GNSS Sept. ‘11 10 of 11 * from Psiaki et al. “Civilian GPS Spoofing Detection based on Dual-Receiver Correlation of Military Signals”, ION/GNSS 2011

Future Issues in Defense Against Spoofing Attack Real-time implementation  Codeless possible in 6-12 months w/internet transmission  Semi-codeless needs improved algorithmic efficiency for real-time ops Infrastructure  Capable & secure reference receivers  Help from military (declassify segments of P(Y) shortly after broadcast?)  Comm. infrastructure to transmit P(Y) data between receivers Defense against alternate attack scenarios  Sophisticated attack may seek to use pseudo- or estimated P(Y) code  Gaming analysis may guide designs that detect new attack types Other signals  M-code to defend GPS civilian codes  Encrypted Galileo signals to defend open-source Galileo codes Post-detection receiver actions ION/GNSS Sept. ‘11 11 of 11