Gao and students lead research to detect GPS spoofing
Allie Arp, CSL
1/2/2019 11:56:48 AM
“GPS has an open signal structure so the signals can be mimicked or regenerated,” said Sriramya Bhamidipati, a second-year PhD student working under Gao, an assistant professor in the Dept. of Aerospace Engineering at the University of Illinois at Urbana-Champaign who is also affiliated with the CSL. “When this happens the spoofing attacker is generating false signals. If the receiver can’t detect if they’re accurate, the receiver can think the false signals are the accurate ones which can give power to the attacker to manipulate the receiver.”
One application of GPS is to provide timing for phasor measurement units, or PMUs. In a power grid situation where multiple receivers are working together, GPS timing is accurate to the hundredth nanosecond. Any changes can have an impact on the power grid synchronization.
This means if an attacker spoofed a collection of PMUs, the unit readings of a substation would be off, thereby ruining the synchronization of the entire system and potentially tripping substations into turning off.
In order to detect these miniscule differences before they have a big impact, the group had to determine a baseline for measurement.
“You have so many devices that are widely dispersed (across the North American continent) and you need to authenticate all of them,” said Tara Yasmin Mina, second-year MS student in electrical and computer engineering. “We want to create an efficient way to authenticate every device in the network, by comparing signals from within the network itself.”
The group’s research leverages the existing power grid communication structure, allowing them to first compare GPS signals within regional collections of receivers, where communication resources are abundant,. They can then efficiently cross-validate the results with representative signals from the more distant sites.
The researchers joined in on a government-sponsored live-sky spoofing event to collect data during a realistic spoofing attack. GPS signals were simultaneously recorded in seven locations; one in the Western US that was the spoofed location, three other sites across the United States and three sites in South America. The group compared results from all the locations and were able to detect the spoofing attack at the Western U.S. receiver location, while simultaneously authenticating the GPS signals received at the six other network sites.
“We validated our algorithm using the live spoofing data,” Bhamidipati said. “The correlation peaks of the majority of the regions were high and the western US one showed it was being spoofed.”
Moving forward the group would like to consider the effect of adding more PMUs to their regional representative calculations and improve processing time so stakeholders can be quickly alerted of spoofing activity.
This work is funded by the Department of Energy and Department of Homeland Security.
Check out the original article on the CSL site.