Global navigation satellite systems (GNSS) provide pervasive accurate positioning and timing services for a large gamut of applications, from Time based One-Time Passwords (TOPT), to power grid and cellular systems. However, there can be security concerns for the applications due to the vulnerability of GNSS. It is important to observe that GNSS receivers are components of platforms, in principle having rich connectivity to different network infrastructures. Of particular interest is the access to a variety of timing sources, as those can be used to validate GNSS-provided location and time. Therefore, we consider off-the-shelf platforms and how to detect if the GNSS receiver is attacked or not, by cross-checking the GNSS time and time from other available sources. First, we survey different technologies to analyze their availability, accuracy, and trustworthiness for time synchronization. Then, we propose a validation approach for absolute and relative time. Moreover, we design a framework and experimental setup for the evaluation of the results. Attacks can be detected based on WiFi supplied time when the adversary shifts the GNSS provided time, more than 23.942us; with Network Time Protocol (NTP) supplied time when the adversary-induced shift is more than 2.046ms. Consequently, the proposal significantly limits the capability of an adversary to manipulate the victim GNSS receiver.
翻译:全球导航卫星系统(GNSS)为从基于时间的单时密码(TOPT)到电网和蜂窝系统等各种应用提供普遍准确的定位和计时服务,然而,由于全球导航卫星系统的脆弱性,对各种应用可能存在安全关切;重要的是要注意到全球导航卫星系统接收器是平台的组成部分,原则上与不同的网络基础设施有丰富的连接;特别令人感兴趣的是获取各种定时源,因为这些源可用于验证全球导航卫星系统提供的地点和时间;因此,我们考虑现成的平台以及如何通过交叉核对全球导航卫星系统接收器与其他现有来源的时间和时间是否受到攻击来检测全球导航卫星系统接收器是否受到攻击;首先,我们调查不同的技术,分析其可用性、准确性和可靠性,以便时间同步性;然后,我们提出一个绝对性和相对时间的验证办法;此外,我们设计了评价结果的框架和试验设置;攻击可以根据WiFi提供的时间检测,当对称全球导航卫星系统提供的时间超过23.942us;在天后,网络时间协议提供了时间,当反向全球导航卫星系统提供比2.046MNSS接受者更大规模移动的能力时,则提议: