Security of GPS/INS Based On-road Location Tracking Systems

2019 IEEE Symposium on Security and Privacy (SP) Pub Date : 2018-08-10 DOI:10.1109/SP.2019.00068

Sashank Narain, Aanjhan Ranganathan, G. Noubir

{"title":"Security of GPS/INS Based On-road Location Tracking Systems","authors":"Sashank Narain, Aanjhan Ranganathan, G. Noubir","doi":"10.1109/SP.2019.00068","DOIUrl":null,"url":null,"abstract":"Location information is critical to a wide variety of navigation and tracking applications. GPS, today's de-facto outdoor localization system has been shown to be vulnerable to signal spoofing attacks. Inertial Navigation Systems (INS) are emerging as a popular complementary system, especially in road transportation systems as they enable improved navigation and tracking as well as offer resilience to wireless signals spoofing and jamming attacks. In this paper, we evaluate the security guarantees of INS-aided GPS tracking and navigation for road transportation systems. We consider an adversary required to travel from a source location to a destination and monitored by an INS-aided GPS system. The goal of the adversary is to travel to alternate locations without being detected. We develop and evaluate algorithms that achieve this goal, providing the adversary significant latitude. Our algorithms build a graph model for a given road network and enable us to derive potential destinations an attacker can reach without raising alarms even with the INS-aided GPS tracking and navigation system. The algorithms render the gyroscope and accelerometer sensors useless as they generate road trajectories indistinguishable from plausible paths (both in terms of turn angles and roads curvature). We also design, build and demonstrate that the magnetometer can be actively spoofed using a combination of carefully controlled coils. To experimentally demonstrate and evaluate the feasibility of the attack in real-world, we implement a first real-time integrated GPS/INS spoofer that accounts for traffic fluidity, congestion, lights, and dynamically generates corresponding spoofing signals. Furthermore, we evaluate our attack on ten different cities using driving traces and publicly available city plans. Our evaluations show that it is possible for an attacker to reach destinations that are as far as 30 km away from the actual destination without being detected. We also show that it is possible for the adversary to reach almost 60--80% of possible points within the target region in some cities. Such results are only a lower-bound, as an adversary can adjust our parameters to spend more resources (e.g., time) on the target source/destination than we did for our performance evaluations of thousands of paths. We propose countermeasures that limit an attacker's ability, without the need for any hardware modifications. Our system can be used as the foundation for countering such attacks, both detecting and recommending paths that are difficult to spoof.","PeriodicalId":272713,"journal":{"name":"2019 IEEE Symposium on Security and Privacy (SP)","volume":"29 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-08-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"45","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE Symposium on Security and Privacy (SP)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SP.2019.00068","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 45

Abstract

Location information is critical to a wide variety of navigation and tracking applications. GPS, today's de-facto outdoor localization system has been shown to be vulnerable to signal spoofing attacks. Inertial Navigation Systems (INS) are emerging as a popular complementary system, especially in road transportation systems as they enable improved navigation and tracking as well as offer resilience to wireless signals spoofing and jamming attacks. In this paper, we evaluate the security guarantees of INS-aided GPS tracking and navigation for road transportation systems. We consider an adversary required to travel from a source location to a destination and monitored by an INS-aided GPS system. The goal of the adversary is to travel to alternate locations without being detected. We develop and evaluate algorithms that achieve this goal, providing the adversary significant latitude. Our algorithms build a graph model for a given road network and enable us to derive potential destinations an attacker can reach without raising alarms even with the INS-aided GPS tracking and navigation system. The algorithms render the gyroscope and accelerometer sensors useless as they generate road trajectories indistinguishable from plausible paths (both in terms of turn angles and roads curvature). We also design, build and demonstrate that the magnetometer can be actively spoofed using a combination of carefully controlled coils. To experimentally demonstrate and evaluate the feasibility of the attack in real-world, we implement a first real-time integrated GPS/INS spoofer that accounts for traffic fluidity, congestion, lights, and dynamically generates corresponding spoofing signals. Furthermore, we evaluate our attack on ten different cities using driving traces and publicly available city plans. Our evaluations show that it is possible for an attacker to reach destinations that are as far as 30 km away from the actual destination without being detected. We also show that it is possible for the adversary to reach almost 60--80% of possible points within the target region in some cities. Such results are only a lower-bound, as an adversary can adjust our parameters to spend more resources (e.g., time) on the target source/destination than we did for our performance evaluations of thousands of paths. We propose countermeasures that limit an attacker's ability, without the need for any hardware modifications. Our system can be used as the foundation for countering such attacks, both detecting and recommending paths that are difficult to spoof.

查看原文本刊更多论文

基于GPS/INS的道路定位跟踪系统安全性研究

位置信息对于各种各样的导航和跟踪应用程序至关重要。GPS，当今事实上的户外定位系统已经被证明容易受到信号欺骗攻击。惯性导航系统(INS)正在成为一种流行的补充系统，特别是在道路运输系统中，因为它们能够改进导航和跟踪，并提供对无线信号欺骗和干扰攻击的弹性。本文对道路运输系统中GPS跟踪导航的安全保障进行了评估。我们认为对手需要从源位置移动到目的地，并由GPS辅助系统监控。对手的目标是在不被发现的情况下移动到其他位置。我们开发并评估了实现这一目标的算法，为对手提供了很大的自由度。我们的算法为给定的道路网络建立了一个图形模型，使我们能够得出攻击者可以到达的潜在目的地，即使使用ins辅助的GPS跟踪和导航系统也不会发出警报。这些算法使得陀螺仪和加速度计传感器毫无用处，因为它们生成的道路轨迹与可能的路径(无论是在转弯角度还是道路曲率方面)都无法区分。我们还设计，构建并演示了磁力计可以使用精心控制的线圈组合进行主动欺骗。为了在现实世界中实验证明和评估攻击的可行性，我们实现了第一个实时集成GPS/INS欺骗器，该欺骗器考虑了交通流动性、拥堵、灯光，并动态生成相应的欺骗信号。此外，我们使用驾驶痕迹和公开的城市规划来评估我们对十个不同城市的攻击。我们的评估表明，攻击者有可能到达距离实际目的地30公里远的目的地而不被发现。我们还表明，对手有可能在某些城市的目标区域内达到近60- 80%的可能点。这样的结果只是一个下限，因为对手可以调整我们的参数，在目标源/目的地上花费更多的资源(例如，时间)，而不是我们对数千条路径的性能评估。我们提出了限制攻击者能力的对策，而不需要对硬件进行任何修改。我们的系统可以作为对抗此类攻击的基础，既可以检测也可以推荐难以欺骗的路径。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2019 IEEE Symposium on Security and Privacy (SP)

自引率

0.00%

发文量