• Journal of Positioning, Navigation, and Timing
• /
• v.11 no.3
• /
• pp.173-179
• /
• 2022

The satellite navigation deception technology disturbs the navigation solution of the receiver by generating a deceptive signal simulating the actual satellite for the satellite navigation receiver mounted on the unmanned aerial vehicle, which is the target of deception. A single spoofing technique that creates a single deceptive position and velocity can be divided into a synchronized spoofing signal that matches the code delay, Doppler frequency, and navigation message with the real satellite and an unsynchronized spoofing signal that does not match. In order to generate a signal synchronized with a satellite signal, a very sophisticated and high precision signal generation technology is required. In addition, the current position and speed of the UAV equipped with the receiver must be accurately detected in real time. Considering the detection accuracy of the current radar technology that detects small UAVs, it is difficult to detect UAVs with an accuracy of less than one chip. In this paper, we assume the asynchrony of a single spoofing signal and propose a region defense technique using multiple spoofing signals.

• Journal of Positioning, Navigation, and Timing
• /
• v.7 no.3
• /
• pp.127-138
• /
• 2018

Spoofing attacks including meaconing can provide a bogus position to a victim GPS receiver, and those attacks are notably difficult to detect at the point of view on the receiver. Several countermeasure techniques have been studied to detect, classify, and cancel the spoofing signals. Based on the countermeasure techniques, we have developed an anti-spoofing equipment that detects and mitigates or eliminates the spoofing signal based on raw measurements. Although many anti-spoofing techniques have been studied in the literatures, the evaluation test system is not deeply studied to evaluate the anti-spoofing equipment, which includes detection, mitigation, and elimination of spoofing signals. Each study only has a specific test method to verify its anti-spoofing technique. In this paper, we propose the performance evaluation test system that includes both spoofing signal injection system and its injection scenario with the constraints of stand-alone anti-spoofing techniques. The spoofing signal injection scenario is designed to drive a victim GPS receiver that moves to a designed position, where the mitigation and elimination based anti-spoofing algorithms can be successively evaluated. We evaluate the developed anti-spoofing equipment and a commercial GPS receiver using our proposed performance evaluation test system. Although the commercial one is affected by the test system and moves to the designed position, the anti-spoofing equipment mitigates and eliminates the injected spoofing signals as planned. We evaluate the performance of anti-spoofing equipment on the position error of the circular error probability, while injecting spoofing signals.

• Journal of Advanced Navigation Technology
• /
• v.20 no.5
• /
• pp.394-400
• /
• 2016

It is well known that the encrypted ranging signal, such as GPS P(Y) code, is immune to spoofing attack. However, in order for users to use the signal, there needs permission from the operator. And also there are many restrictions for use because of security issues. In this paper, a ground reference station equipped with high-gain directional antenna and a user receiver were simulated. In the reference station, the encrypted code can be demodulated from the high-gain signal. And then the code can be used to detect spoofing attack in the user receiver. This paper proposes the spoofing detection method using the encrypted signal and deals with simulation results.

• Journal of Advanced Navigation Technology
• /
• v.17 no.2
• /
• pp.157-164
• /
• 2013

In the presence of spoofing signal the GPS signal having the same PRN with the spoofer is hard to be acquired since the power of spoofing signal is usually stronger than that of GPS signal. If a spoofing signal exists for the same PRN, there are double peaks in two-dimensional space of frequency and code phase in acquisition stage. Using double peak information it is possible to detect spoofing signal and acquire GPS information through separate channel tracking. In this paper we introduce an anti-spoofing method using double peak detection, and thus can acquire GPS navigation data after two-channel tracking for the same PRN as the spoofing signal.

• Journal of IKEEE
• /
• v.26 no.4
• /
• pp.614-621
• /
• 2022

This paper proposes RIDS (Random Forest-Based Intrusion Detection), which is an intrusion detection system to detect hacking attack based on random forest. RIDS detects three typical attacks i.e. DoS (Denial of service) attack, fuzzing attack, and spoofing attack. It detects hacking attack based on four parameters, i.e. time interval between data frames, its deviation, Hamming distance between payloads, and its diviation. RIDS was designed in memory-centric architecture and node information is stored in memories. It was designed in scalable architecture where DoS attack, fuzzing attack, and spoofing attack can be all detected by adjusting number and depth of trees. Simulation results show that RIDS has 0.9835 accuracy and 0.9545 F1 score and it can detect three attack types effectively.

• Journal of Positioning, Navigation, and Timing
• /
• v.9 no.3
• /
• pp.215-220
• /
• 2020

This paper deal with estimating the direction of arrival (DOA) of GNSS signal using two antennae for spoofing detection. A technique for estimating the azimuth angle of a received signal by applying the interferometer method to the GPS carrier signal is proposed. The experiment assumes two antennas placed on the earth's surface and estimates the azimuth angle when only GPS signal are received without spoofing signal. The proposed method confirmed the availability through GPS satellite placement simulation and experiments using a dual antenna GPS receiver. In this case of using dual antenna, an azimuth angle ambiguity of the received signal occurs with respect to the baseline between two antennas. For this reason, the accurate azimuth angle estimation is limits, but it can be used for deception by cross-validating the ambiguity.

• ETRI Journal
• /
• v.43 no.5
• /
• pp.941-949
• /
• 2021

In this study, a spatial spectrum method is proposed to cope with the pilot spoofing attack (PSA) problem by exploiting the of uplink-downlink channel reciprocity in time-division-duplex multiple-input multiple-output systems. First, the spoofing attack in the uplink stage is detected by a threshold derived from the predefined false alarm based on the estimated spatial spectrum. When the PSA occurs, the transmitter (That is Alice) can detect either one or two spatial spectrum peaks. Then, the legitimate user (That is Bob) and Eve are recognized in the downlink stage via the channel reciprocity property based on the difference between the spatial spectra if PSA occurs. This way, the presence of Eve and the direction of arrival of Eve and Bob can be identified at the transmitter end. Because noise is suppressed by a spatial spectrum, the detection performance is reliable even for low signal-noise ratios and a short training length. Consequently, Bob can use beamforming to transmit secure information during the data transmission stage. Theoretical analysis and numerical simulations are performed to evaluate the performance of the proposed scheme compared with conventional methods.

• Journal of information and communication convergence engineering
• /
• v.12 no.3
• /
• pp.154-160
• /
• 2014

The address resolution protocol (ARP) provides dynamic mapping between two different forms of addresses: the 32-bit Internet protocol (IP) address of the network layer and the 48-bit medium access control (MAC) address of the data link layer. A host computer finds the MAC address of the default gateway or the other hosts on the same subnet by using ARP and can then send IP packets. However, ARP can be used for network attacks, which are one of the most prevalent types of network attacks today. In this study, a new ARP algorithm that can prevent IP spoofing attacks is proposed. The proposed ARP algorithm is a broadcast ARP reply and an ARP notification. The broadcast ARP reply was used for checking whether the ARP information was forged. The broadcast ARP notification was used for preventing a normal host's ARP table from being poisoned. The proposed algorithm is backward compatible with the current ARP protocol and dynamically prevents any ARP spoofing attacks. In this study, the proposed ARP algorithm was implemented on the Linux operating system; here, we present the test results with respect to the prevention of ARP spoofing attacks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.2
• /
• pp.892-911
• /
• 2019

Biometric recognition systems have been widely used for information security. Among the most popular biometric traits, there are fingerprint and face due to their high recognition accuracies. However, the security system that uses face recognition as the login method are vulnerable to face-spoofing attacks, from using printed photo or video of the valid user. In this study, we propose a fast and robust method to detect face-spoofing attacks based on the analysis of spatial frequency differences between the real and fake videos. We found that the effect of a spoofing attack stands out more prominently in certain regions of the 2D Fourier spectra and, therefore, it is adequate to use the information about those regions to classify the input video or image as real or fake. We adopt a divide-conquer-aggregate approach, where we first divide the frequency domain image into local blocks, classify each local block independently, and then aggregate all the classification results by the weighted-sum approach. The effectiveness of the methodology is demonstrated using two different publicly available databases, namely: 1) Replay Attack Database and 2) CASIA-Face Anti-Spoofing Database. Experimental results show that the proposed method provides state-of-the-art performance by processing fewer frames of each video.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12spc
• /
• pp.415-426
• /
• 2021

The implementation of iris biometrics on smartphone devices has recently become an emerging research topic. As the use of iris biometrics on smartphone devices becomes more widely adopted, it is to be expected that there will be similar efforts in the research community to beat the biometric by exploring new spoofing methods and this will drive a corresponding requirement for new liveness detection methods. In this paper we addresses the problem of presentation attacks (Spoofing) against the Iris Recognition System on mobile devices and propose novel Presentation Attack Detection (PAD) method which suitable for mobile environment.