Cooperative GPS Signal Authentication from Unreliable Peers
|
|
- Brian Barber
- 5 years ago
- Views:
Transcription
1 Cooperative GPS Signal Authentication from Unreliable Peers Liang Heng, Daniel Chou, and Grace Xingxin Gao University of Illinois at Urbana-Champaign BIOGRAPHY Liang Heng is a postdoctoral research associate in the Department of Aerospace Engineering, University of Illinois at Urbana-Champaign. He received the B.S. and M.S. degrees from singhua University, China in 2006 and 2008, and the Ph.D. degree from Stanford University in 2012, each in Electrical Engineering. His research interests are cooperative navigation and satellite navigation. He is a member of the Institute of Electrical and Electronics Engineer (IEEE) and the Institute of Navigation (ION). Daniel Chou is a graduate student in the Department of Electrical and Computer Engineering, University of Illinois at Urbana-Champaign. He received his B.S. in Electrical Engineering from Arizona State University in His current research projects includes designing and implementing countermeasures against malicious attacks on civilian grade GPS receivers utilized in phasor measurement units. Grace Xingxin Gao is an assistant professor in the Aerospace Engineering Department at University of Illinois at Urbana-Champaign. She received her B.S. degree in Mechanical Engineering in 2001 and her M.S. degree in Electrical Engineering in 2003, both at singhua University, China. She obtained her Ph.D. degree in Electrical Engineering at Stanford University in Before joining Illinois at Urbana-Champaign as an assistant professor in 2012, Prof. Gao was a research associate at Stanford University. Prof. Gao has won a number of awards, including RCA William E. Jackson Award, Institute of Navigation Early Achievement Award, 50 GNSS Leaders to Watch by GPS World Magazine, and multiple best presentation awards at ION GNSS conferences. ABSRAC Secure, reliable position and time information is indispensable for many civil GPS applications such as guiding aircraft, tracking freight, synchronizing power grids and cellular networks, and time-stamping financial transactions. his paper introduces a signal authentication architecture based on a network of cooperative receivers. A receiver in the network correlates its received military P(Y) signal with those received by other receivers (hereinafter referred to as crosscheck receivers) so as to detect spoofing attacks. his paper describes a candidate structures to implement this architecture. Our theoretical analysis shows that the signal-to-noiseratio significantly affects pair-wise check performance, and the final authentication performance improves exponentially with increasing number of cross-check receivers. We have conducted two field experiments to evaluate pair-wise check performance in different spatial conditions (urban canyon and open space) and different transport modes (static and moving). he experiments shows that pair-wise check performance is sensitive to spatial conditions, but insensitive to transport modes. INRODUCION During the past two decades, the Global Positioning System (GPS) has become an essential element of the global information infrastructure, with myriad applications in almost every facet of modern businesses and lifestyles, including communication, energy distribution, finance, and transportation. Ever-growing dependence on GPS creates strong incentives to attack civil GPS receivers, for either an illegitimate advantage or a terrorism purpose. Unfortunately, the civil GPS signal was not designed for security-critical applications. Unlike its military counterpart, the civil signal is not encrypted or authenticated. he signal specification is publicly available [1]. An attacker can synthesize and broadcast spoofing signals that are structured to resemble a set of authentic GPS signals. A victim receiver fed with the spoofing signals will report position and time solutions that are manipulated by the spoofer [2, 3]. Spoofing poses a great security risk because it is surreptitious and usually undetected by most commercial-off-the-shelf receivers [2 4].
2 Previous work on spoofing countermeasures A variety of methods have been proposed to harden civil GPS receivers against spoofing attacks. hese methods can be generally categorized into three groups: external assistance, signal statistics, and cryptographic authentication. he first group performs consistency checks against metrics external to the GPS subsystem, such as the information from inertial sensors, odometers, cellular networks, and highstability clocks [5, 6]. he second group performs statistical tests on features inherent in GPS signals, including angle of arrival [7, 8], signal quality [9], signal power [, 11], and multipath [12]. he third group relies on cryptographic, unpredictable information carried by GPS signals [13 16]. Unlike the first group of methods, cryptographic methods do not require any additional hardware, which can be a hurdle to mass-market GPS applications that are sensitive to cost, weight, or volume. In comparison to the second group, cryptographic methods enable users to differentiate authentic signals from counterfeit signals with higher confidence and robustness, especially in a harsh environment where the statistics of authentic signals can be highly unstable. hree types of cryptographic spoofing countermeasures have been explored in recent literature. he first option, known as navigation message authentication (NMA), inserts public-key digital signature into the navigation message [13, 16 18]. Another strategy is to interleave spread spectrum security codes (SSSC) with normal civil GPS spreading codes so that parts of spreading sequences are periodically unpredictable [13, 19]. Both NMA and SSSC require significant modifications to the legacy GPS signal structure. hey are unlikely to be implemented in the coming decade due to the static nature of GPS interface specification (IS) and long deployment cycles. he third approach relies on codeless cross-correlation of unpredictable encrypted military P(Y) code between two civil GPS receivers [14, 15, 20]. Without any modification to the GPS IS, this approach is practical today. Figure 1 illustrates how cross-correlation spoofing detection works. It correlates a snippet of L1 signal from the receivers to be authenticated (hereafter referred to as user receivers ) with a snippet from the reference receiver. Both snippets are known to contain the same part of the military P(Y) codes broadcast by a GPS satellite visible to both receivers. Although the P(Y) code is encrypted and thus unknown, and although its received versions are noisy and may be distorted by a narrow-band radio frequency (RF) front-end [15], when conducting cross-correlation, the P(Y) code components in the two snippets are similar enough to create a high correlation peak if neither the user receiver nor the reference receiver is spoofed. However, if the reference receiver is spoofed, especially by the same spoofer to the Figure 1. Principle of cross-correlation spoofing detection (adapted from Fig. 1 in [15]). he publicly-known C/A signal and encrypted P(Y) signal are modulated on to the L1 carrier in-phase and quadrature, respectively. Each receiver tracks the C/A code, and uses its phase and timing relationships to the P(Y) code to take a snippet of the same part of the P(Y) code. A high correlation will appear if the two snippets contain the same P(Y) code. user receiver, the authentication result will be incorrect. Previous papers [14, 15] have analyzed the performance of the cross-correlation spoofing detection method using one reference receiver. In addition, they proposed employing a few dedicated reference stations to provide GPS signal authentication service for a wide area. Despite the strong merits, such a client-server authentication service has some weakness. First and foremost, it requires considerable investment into the setup of reference stations, not to mention the maintenance cost. Second, since fixed reference stations can be located, they are vulnerable to organized, targeted jamming and spoofing attacks, and loss of a majority of the reference stations may paralyze the authentication service. Authentication based on a network of ad-hoc receivers In this paper, we extend the dual-receiver P(Y)-code correlation method to a network of receivers, and present a GPS signal authentication architecture in an ad hoc, cooperative manner. he fundamental difference from the client-server manner mentioned above is that our architecture relies on multiple receivers (hereinafter referred to as ad-hoc crosscheck receivers or simply cross-check receivers ) as references. he cross-check receivers can be mobile, low-quality, unreliable, and even spoofed. he authentication process consists of two steps: pair-wise check and decision aggregation. In pair-wise check, the P(Y) signal received by a user receiver is correlated with that received by each cross-check receiver. Each such correlation provides a decision as to the authenticity of the signal received by the user receiver. In
3 decision aggregation, the pair-wise decisions are aggregated to determine if the user receiver is spoofed. he cooperative manner is superior to the client-server manner in terms of cost, user capacity, and robustness, thanks to unlimited geographically-dispersed low-cost ad-hoc crosscheck receivers. However, one should be aware that an ad-hoc cross-check receiver is less reliable than a dedicated reference receiver. First, a mass-market GPS receiver, especially one embedded in a smartphone, may not be as good as a dedicated geodetic-grade receiver in terms of the antenna and the signal conditioning circuit. Second, a cross-check receiver may intentionally be malicious so that it provides no or even negative contribution to the final authentication result. hird, a cross-check receiver can also be spoofed, and sometimes a user receiver and a cross-check receiver may be spoofed by the same spoofer if they are not sufficiently far apart. We shall further show in this paper that our proposed architecture is actually robust against these potential issues because 1) low-cost receivers can still provide satisfactory pair-wise check performance, and 2) the final authentication performance improves exponentially with increasing number of cross-check receivers. Content of this paper Pair-wise check and decision aggregation are two stages in our proposed authentication system. We have theoretically proven that in the second stage, decision aggregation achieves authentication performance that improves exponentially with increasing number of cross-check receivers [21, 22]. In this paper, we focus on the performance of pair-wise check and conduct field experiments to evaluate authentication performance in different spatial conditions (urban canyon and open space) and different transport modes (static and moving). For the remainder of this paper, we start with a description of a candidate structure to implement our proposed cooperative authentication architecture. In section Performance Analysis, we theoretically analyze the spoofing detection performance of pair-wise check and briefly revisit the final authentication of decision aggregation. Section Experiments presents experiment results on the pair-wise check performance using low-cost receivers. SYSEM SRUCURE here are several approaches to implementing our proposed cooperative authentication system. hese approaches differ from one another mainly in where correlations are computed. One approach is to distribute correlation computation to either cross-check receivers or a cloud service. Another option is to compute all the correlations in a centralized User receiver (aggregating decisions) snippet decision 1 snippet decision 2 snippet decision N Cross-check receiver 1 (computing correlation) Cross-check receiver 2 (computing correlation). Cross-check receiver N (computing correlation) Figure 2. A candidate structure of authentication system. Each cross-check receiver computes the correlation between its own snippet and the one from the user receiver, and decides whether the signal received by the user receiver is authentic or not. he user receiver collects the decisions from all cross-check receivers, and finally determines the authenticity of its received signal by an appropriate statistical measure. way, either by the user receiver itself or by a third party which wants to ensure the validity of the position and clock reported by the user receiver. In this paper, we focus on a candidate structure in which cross-check receivers compute the correlations. Figure 2 illustrates this structure, in which correlation computation is distributed to cross-check receivers. he whole procedure is explained in detail in able 1. In the beginning, a user receiver wants to know whether its received signal is authentic or not, and it finds N peers as cross-check references. he user receiver and all cross-check receivers agree to collect a snippet of quadrature-phase baseband signal for a GPS satellite at a time in the immediate future. he user receiver sends its snippet to the reference receivers via secure channels. hen each reference receiver correlates its own snippet with the one from the user receiver, and decides if the signal received by the user receiver is authentic or not. Finally, the user receiver aggregates the decisions from the N reference receivers, and determines the authenticity of its received signal by an appropriate statistical measure. Since snippets of GPS signals have to be transported over a communication network, a security protocol, such as LS and IPsec [23], should be used to avoid man-in-the-middle
4 Steps Actions 1 User receiver sends out authentication requests with its rough location. 2 Available receivers within an appropriate area * respond to requests. 3 User receiver chooses N cross-check receivers, chooses a common-view GPS satellite, and sends them a GPS time in the immediate future. 4 User receiver and cross-check receivers collect snippets of quadrature-phase baseband signal from the GPS satellite at the GPS time. 5 User receiver sends its snippet to the N crosscheck receivers. 6 Each cross-check receiver correlates its snippet with user receiver s, and replies to the user receiver with a decision authentic or unauthentic. 7 User receiver determines the authenticity of its received signal by aggregating all these decisions. * Cross-check receivers should be at least several kilometers away from the user receiver. here should be at least one GPS satellite visible to the user receiver and all the cross-check receivers. attacks. able 1. Procedure of the authentication process. he authentication process can be performed in near realtime, and the time delay mainly depends on data collection, communication, and computation. According to Psiaki et al. [15], a snippet of approximate 1 second is generally needed for reliable spoofing detection. A narrow-band GPS front-end usually has a bandwidth of 2.4 MHz, and 1-second 1-bit quadrature-phase samples yield 2.4 M bits of data. For current 3G/4G cellular networks, it typically takes 1 second or less to transfer one snippet. he time of computation depends, but a rule of thumb is that a receiver must have the capability of processing 1-second data within 1 second. Since the time for sending and responding requests and aggregating decisions is usually negligible, the authentication process can take as short as 2 + N seconds: 1 second for collecting snippets, N seconds for transferring the user receiver s snippet to N cross-check receivers, and 1 second for computing the correlations. It is worth nothing that our cooperative authentication does not require highly reliable spoofing detection for each cross-check receiver, and thus allows a much shorter snippet to be collected. herefore, a delay of 2 + N seconds is a conservative estimate. Besides, if the user receiver can upload its snippet to a cloud service for file-sharing, from which the cross-check receivers can download the snippet simultaneously, then the authentication delay can be shortened to 4 seconds: 1 second for collecting snippets, 1 second for uploading, 1 second for downloading, and 1 second for computing the correlations. An issue with cooperative authentication is that there may exist some spam receivers being deliberately malicious (or playfully mischievous). In this structure, a malicious crosscheck receiver may reply to the user receiver with a random decision independent of the correlation, or even worse, a decision always opposite to the correct decision based on the correlation. In Section Performance Analysis, we shall show that the performance deterioration due to malicious cross-check receivers can be compensated by more crosscheck receivers. PERFORMANCE ANALYSIS Authentication is essentially a statistical hypothesis test, so it has a probability of making two types of errors: false alarm and missed detection. his section analyzes the probability of the two types of errors in pair-wise check and in decision aggregation. Assumptions and notations In order to simplify the analysis, we assume that all adhoc cross-check receivers have the same spoofing detection performance, namely, the same probability of false alarm and the same probability of missed detection. A crosscheck receiver can be malicious with certain probability. Additionally, a cross-check receiver can be spoofed with a certain probability, and the spoofer can be the same as or different from the spoofer to the user receiver. he list below summaries the notations used throughout this article. N C H 0 H 1 Number of cross-check receivers. Snippet length, i.e., number of samples in a snippet. Normalized cross-correlation, used as the pair-wise check test statistic. Null hypothesis that a user receiver s snippet and a cross-check receiver s snippet contain the same P(Y) code. Alternative hypothesis that a user receiver s snippet and a cross-check receiver s snippet contain different P(Y) codes. N (µ,σ 2 ) Normal distribution with mean µ and variance σ 2.
5 S A i Actual status of user receiver: S = 0 authentic, and S = 1 spoofed. Pair-wise check decision using the ith cross-check receiver, i = 1,..., N: A i = 0 authentic, and A i = 1 spoofed. A Final authentication result from aggregating all A i, i = 1,..., N. α Equal to Prob(A i = 1 S = 0), for all i = 1,..., N, probability of false alarm using an unspoofed, nonmalicious cross-check receiver. β Equal to Prob(A i = 0 S = 1), for all i = 1,..., N, probability of missed detection using an unspoofed, nonmalicious cross-check receiver. P F A P M D P D P SS P SD Equal to Prob(A = 1 S = 0), probability of false alarm of the final authentication result. Equal to Prob(A = 0 S = 1), probability of missed detection of the final authentication result. Equal to 1 P M D, probability of detection, also referred to as detection power. Probability of (a) a cross-check receiver being spoofed by the same spoofer to the user receiver and (b) a cross-check receiver being malicious such that its pair-wise check decision is always opposite to the correct decision based on the correlation. Probability of (a) a cross-check receiver being spoofed by a different spoofer to the user receiver and (b) a cross-check receiver being malicious such that its pair-wise check decision is based on the correlation involving a random, irrelevant snippet. Signal model and performance of pair-wise check In this subsection, let Receiver 1 be a user receiver, and Receiver 2 be a cross-check receiver. Suppose that both receivers track the L1 signal with perfect carrier and symbol timing recovery. he quadrature-phase baseband signals that contain the L1 P(Y) code are given by s 1 [t] = Λ 1 p 1 [t] + n 1 [t], (1) s 2 [t] = Λ 2 p 2 [t] + n 2 [t], (2) where t {1,2,...,} is the index of a total of samples, Λ 1 and Λ 2 are the received P(Y) code amplitudes (after distortion and attenuation) for the two receivers, p 1 [t] and p 2 [t] = ±1 denote the unknown P(Y) code sequences, and n 1 [t] N (0,σ1 2) and n 2[t] N (0,σ2 2 ) account for receiver noises and other irrelevant GPS signals. he spoofing detection is based on the test statistic C = 1 s 1 [t]s 2 [t]. (3) t=1 Define c[t] = s 1 [t]s 2 [t] for all t {1,2,...,}. Under the hypothesis H 0 that both receivers receive the same P(Y) code, i.e., p 1 [t] = p 2 [t] for all t, the expectation and variance of c[t] are given by E(c[t]) = E ( (Λ 1 p 1 [t] + n 1 [t])(λ 2 p 2 [t] + n 2 [t]) ) (4) = Λ 1 Λ 2 ; Var(c[t]) = E ( (Λ 1 p 1 [t] + n 1 [t]) 2 (Λ 2 p 2 [t] + n 2 [t]) 2) ( E(c[t]) )2, (5) = Λ 2 1 σ2 2 + Λ2 2 σ2 1 + σ2 1 σ2 2. By the central limit theorem (CL), for a very large, we have ( C H0 N (µ H0,σ 2 H 0 ) = N Λ 1 Λ 2, Λ2 1 σ2 2 + Λ2 2 σ2 1 + σ2 1 σ2 ) 2. (6) Under the hypothesis H 1 that the two receivers receive different P(Y) codes, let us assume that p 1 [t] is independent from p 2 [t] for all t. hen, the expectation and variance of c[t] are given by E(c[t]) = E ( (Λ 1 p 1 [t] + n 1 [t])(λ 2 p 2 [t] + n 2 [t]) ) (7) = 0; Var(c[t]) = E ( (Λ 1 p 1 [t] + n 1 [t]) 2 (Λ 2 p 2 [t] + n 2 [t]) 2) ( E(c[t]) )2, (8) = (Λ σ2 1 )(Λ2 2 + σ2 2 ). By CL, for a very large, we have C H1 N (µ H1,σ 2 H 1 ) = N (0, (Λ2 1 + σ2 1 )(Λ2 2 + σ2 2 ) ). (9) he signal-to-noise ratio (SNR) for the received signals are given by γ 1 = Λ 2 1 /σ2 1 and γ 2 = Λ 2 2 /σ2 2. Normalizing (1) by σ 1 and (2) by σ 2, and considering the fact that γ 1 1 and γ 2 1, we can finally simplify (6) and (9) into ( γ1 C H0 N γ 2, γ 1 + γ ) N ( γ 1 γ 2,1/), () ( C H1 N 0, (1 + γ 1)(1 + γ 2 ) ) N (0,1/). (11) Given a spoofing detection threshold ζ, if C ζ then the null hypothesis H 0 will be accepted, otherwise the alternative hypothesis H 1 will be accepted. hus, the probability of false alarm α and the probability of missed detection β are given by α = Q ( ( γ 1 γ 2 ζ) ), (12) β = Q(ζ ), (13) where the Q-function Q(x) = (2π) 1/2 x exp( u2 /2) du is the tail probability of the standard normal distribution. he Chernoff bound of Q-function is Q(x) 1 2 exp( x2 /2) for all x > 0. When the threshold ζ is chosen properly, i.e., 0 < ζ < γ 1 γ 2, increasing decreases both α and β
6 exponentially, as shown by α 1 2 exp( ( γ 1 γ 2 ζ) 2 ), (14) β 1 2 exp( ζ 2 ). (15) If we choose ζ = 1 2 γ1 γ 2, both α and β will decreases at the same rate, on the order of exp( γ 1 γ 2 /4)/2. herefore, for low-cost receivers which typically have low SNR, in order to achieve certain authentication performance, we must increase and/or use multiple receivers. Final authentication performance after aggregating decisions Let X = N i=1 A i and ξ be a preset threshold, where ξ is an integer such that 0 ξ N. he user receiver is determined to be authentic if X < ξ and to be spoofed if X ξ. Our previous work [21, 22] has proven P F A = Prob(A = 1 S = 0) = Prob(X ξ S = 0) N ( ) N = α m (1 α) N m, m where m=ξ P D = Prob(A = 1 S = 1) = Prob(X ξ S = 1) N ( ) N = (1 β) m β N m. m m=ξ (16) (17) α = (1 P SS P SD )α + (P SS + P SD )(1 β), (18) β = (1 P SS ) β + (P SS )(1 α) (19) account for the performance degradation due to unreliability of cross-check receivers. Consider a threshold selection strategy ξ = κn such that N α ξ = κn N (1 β). (20) In [22], we have proven the following upper bounds using Hoeffding s inequality [24]: P F A exp ( (ξ αn)2 ) 2 N = exp ( 2N (κ α) 2) (21), P M D F(ξ; N,1 β) exp ( 2 (N (1 β) ξ) 2 ) N = exp ( 2N (1 β κ) 2). (22) It can be seen that both P F A and P M D decrease exponentially with increase of N. he parameter κ determines how fast P F A and P M D shrink. A larger κ hastens exponential decay of P F A, while a smaller κ hastens exponential decay of P M D. In (21) and (22), if we choose κ = 1 2 (1 + α β), both P F A and P M D decrease at the same rate, on the order of exp ( N (1 α β) 2). herefore, the parameter λ = 1 α β is a figure of merit characterizing how fast the final authentication performance improves with an increasing N. By (18) and (19), we have λ = 1 α β = (1 α β)(1 2P SS P SD ), (23) which indicates that the factor 1 2P SS P SD is the penalty for the unreliability of cross-check receivers. In addition, (23) implies a fundamental requirement on pairwise check: α + β < 1. (24) Unless the requirement was met, increasing N would not improve authentication performance. EXPERIMENS In this section, we conduct field experiments to evaluate authentication performance in real environments. In the experiments, we employ multiple SiGe GN3S samplers and portable antennas to collect raw intermediate frequency (IF) samples of GPS signals. he data are post-processed using our developed software receiver. Snippets of P(Y) codes are extracted from the tracking loops, and then used to compute correlations. SNR loss in low-cost receivers Most commercial-off-the-shelf low-cost GPS receivers do not have the capability of streaming out raw IF samples. We use SiGe GN3S samplers as a substitute. he SiGe frontend is a thumb-sized USB device designed for low-cost software-defined GPS and Galileo receivers. It has a sampling frequency from 4 MHz to 16 MHz and a quantization resolution of 2 bits (4 levels). he price of one SiGe device is around $450. We use a series Agilent Vector Signal Analyzer (VSA) as a representative of high-cost GPS receivers. he VSA has a sampling frequency up to 40 MHz and a quantization resolution of 16 bits. he price of one device is around $50,000. We collected multiple concurrent data sets with the SiGe and VSA using the same antenna and RF splitter. Our software receiver shows that relative to the VSA, the average SNR lost by using the SiGe front-end is in the range of db. In addition to the RF front-ends, we compared the portable patch antenna (around $) used with the SiGe to a fixed choke ring antenna (around $1,000) commonly used with a geodetic-grade GPS receiver. he low-cost patch antenna loses 3 4 db in SNR relative to the high-cost antenna.
7 0 1 Prob. of missed detection β = 4 = 4 5 Figure 3. Experiment 1: One SiGe receiver was in a urban canyon in San Francisco, CA. he receiver was able to acquire only three satellites. Fortunately, the three satellites were visible to the other SiGe receiver in Urbana, IL. o sum up, the low-cost front-end and antenna combination has SNRs 4.5 6dB lower than its high-cost counterpart. = 7 5 = 6 4 We performed cross-correlation of the P(Y) snippets generated from the data set. he snippets are normalized, i.e., Λ21 + σ12 = Λ22 + σ22 = 1. he correlation shows that the estimate of Λ1 Λ2 is , with a 95% confidence interval ( , ). Fig. 4 shows the pair-wise check performance curves calculated by (12) and (13) for snippet length = 5, 4 5, 7 5, and 6. Due to the relatively low SNR, even when = 6, probability of spoofing detection errors α + β are on the order of 2. his experiment shows that it is possible, although not preferable, to use receivers in urban canyons for cooperative authentication. his experiment also shows that low-cost receivers can be used as cross-check receivers even though their SNRs may be several dbs lower than high-cost reference receivers. Experiment 2: 22 kilometers apart, one moving receiver he second data set was collected on 3 April One SiGe receiver was on a car moving at roughly 45 miles per hour in Rantoul, IL. he other receiver was in Urbana, IL. wo receivers were approximately 22 kilometers apart. Both receivers had a clear view of the sky. en satellites were 2 1 Prob. of false alarm α 0 Figure 4. Experiment 1 (3000 kilometers apart, one receiver in urban canyon): Pair-wise check performance curves for number of snippet samples = 5, 4 5, 7 5, and 6. Experiment 1: 3000 kilometers apart, one receiver in urban canyon 0 Prob. of missed detection β he first data set was collected on 27 March As shown in Fig. 3, one SiGe receiver was in a urban canyon in San Francisco, CA with open sky to the south east. he other receiver was in Urbana, IL with a clear view of the sky. wo receivers were approximately 3000 kilometers apart. Both receivers were static. he San Francisco receiver was able to track three satellites, although the SNRs were low. Fortunately, the Urbana receiver was able to see all the three satellites tracked by the San Francisco receiver. 3 5 = 5 = 4 5 = 7 5 = Prob. of false alarm α 0 Figure 5. Experiment 2 (22 kilometers apart, one moving receiver): Pair-wise check performance curves for number of snippet samples = 5, 4 5, 7 5, and 6. visible to both receivers, and 8 of them were tracked by both receivers. We performed similar cross-correlation as done in Experiment 1. he correlation shows that the estimate of Λ1 Λ2 is , with a 95% confidence interval ( , ). Fig. 5 shows the pair-wise check performance curves calculated by (12) and (13) for snippet length = 5, 4 5, 7 5, and 6. Due to the relatively high SNR, when = 4 5, probability of spoofing detection errors α + β are on the order of 5. In comparison to Experiment 1, this experiment shows that pair-wise check performance is sensitive to spatial conditions (e.g., urban canyon or open space), and insensitive to transport modes (e.g., static or
8 moving). his observation agrees with (12) and (13), which show that SNR significantly affects pair-wise check performance. CONCLUSION his paper has presented a GPS signal authentication architecture that relies on a network of cooperative, low-cost receivers. Given the availability of numerous mobile devices with GPS and communication capability today, it is practical to build a cooperative authentication system based on these existing mobile devices. In out architecture, the encrypted military GPS signals are sampled by a user receiver and several ad-hoc cross-check receivers at the same time. he samples from the user receiver and each cross-check receiver are cross-correlated in order to detect spoofing attacks. he spoofing detection results from all cross-check receivers are aggregated to reach the final decision of the authenticity of the signal received by the user receiver. his paper has described a candidate structure to implement this concept. Furthermore, this paper has validated the concept through a theoretical analysis. he analysis shows that SNR significantly affects pair-wise check performance, and the final authentication performance improves exponentially with increasing number of cross-check receivers. We have conducted two field experiments to evaluate pairwise check performance in different spatial conditions (urban canyon and open space) and different transport modes (static and moving). he experiments shows that pair-wise check performance is sensitive to spatial conditions, but insensitive to transport modes. REFERENCES [1] GPS Wing, Interface Specification IS-GPS-200E, Jun. 20. [2]. E. Humphreys, B. M. Ledvina, M. L. Psiaki, B. W. O Hanlon, and J. Kintner, Paul M., Assessing the spoofing threat: Development of a portable GPS civilian spoofer, in Proceedings of the 21st International echnical Meeting of the Satellite Division of the Institute of Navigation (ION GNSS 2008), Savannah, GA, Sep. 2008, pp [3] X. Jiang, J. Zhang, B. J. Harding, J. J. Makela, and A. D. Domínguez-García, Spoofing GPS receiver clock offset of phasor measurement units, IEEE ransactions on Power Systems, vol. 28, no. 3, pp , [4] J. S. Warner and R. G. Johnston, A simple demonstration that the Global Positioning System (GPS) is vulnerable to spoofing, Journal of Security Administration, vol. 25, no. 2, pp , [5] J. Krumm and K. Hinckley, he NearMe wireless proximity server, in UbiComp 2004: Ubiquitous Computing, ser. Lecture Notes in Computer Science, N. Davies, E. Mynatt, and I. Siio, Eds. Springer Berlin Heidelberg, 2004, vol. 3205, pp [6] Y. Bardout, Authentication of GNSS position: An assessment of spoofing detection methods, in Proceedings of the 24th International echnical Meeting of the Satellite Division of the Institute of Navigation (ION GNSS 2011), Portland, OR, Sep. 2011, pp [7] S. Daneshmand, A. Jafarnia-Jahromi, A. Broumandon, and G. Lachapelle, A low-complexity GPS antispoofing method using a multi-antenna array, in Proceedings of the 25th International echnical Meeting of the Satellite Division of the Institute of Navigation (ION GNSS 2012), Nashville, N, Sep. 2012, pp [8] D. Borio, Panova tests and their application to GNSS spoofing detection, IEEE ransactions on Aerospace and Electronic Systems, vol. 49, no. 1, pp , [9] M. Pini, M. Fantino, A. Cavaleri, S. Ugazio, and L. L. Presti, Signal quality monitoring applied to spoofing detection, in Proceedings of the 24th International echnical Meeting of the Satellite Division of the Institute of Navigation (ION GNSS 2011), Portland, OR, Sep. 2011, pp [] D. M. Akos, Who s afraid of the spoofer? GPS/GNSS spoofing detection via automatic gain control (AGC), NAVIGAION, vol. 59, no. 4, pp , Winter [11] V. Dehghanian, J. Nielsen, and G. Lachapelle, GNSS spoofing detection based on receiver C/No estimates, in Proceedings of the 25th International echnical Meeting of the Satellite Division of the Institute of Navigation (ION GNSS 2012), Nashville, N, Sep. 2012, pp [12] F. Dovis, X. Chen, A. Cavaleri, K. Ali, and M. Pini, Detection of spoofing threats by means of signal parameters estimation, in Proceedings of the 24th International echnical Meeting of the Satellite Division of the Institute of Navigation (ION GNSS 2011), Portland, OR, Sep. 2011, pp
9 [13] L. Scott, Anti-spoofing & authenticated signal architectures for civil navigation systems, in Proceedings of the 16th International echnical Meeting of the Satellite Division of he Institute of Navigation (ION GPS/GNSS 2003), Portland, OR, Sep. 2003, pp [24] W. Hoeffding, Probability inequalities for sums of bounded random variables, Journal of the American Statistical Association, vol. 58, no. 301, pp , [14] S. Lo, D. D. Lorenzo, P. Enge, D. Akos, and P. Bradley, Signal authentication: A secure civil GNSS for today, Inside GNSS, Sep [15] M. L. Psiaki, B. W. O Hanlon, J. A. Bhatti, D. P. Shepard, and. E. Humphreys, GPS spoofing detection via dual-receiver correlation of military signals, IEEE ransactions on Aerospace and Electronic Systems, vol. 49, no. 4, pp , Oct [16] K. Wesson, M. Rothlisberger, and. E. Humphreys, Practical cryptographic civil GPS signal authentication, NAVIGAION, vol. 59, no. 3, pp , Fall [17] C. J. Wullems, A spoofing detection method for civilian L1 GPS and the E1-B Galileo safety of life service, IEEE ransactions on Aerospace and Electronic Systems, vol. 48, no. 4, pp , [18]. E. Humphreys, Detection strategy for cryptographic GNSS anti-spoofing, IEEE ransactions on Aerospace and Electronic Systems, vol. 49, no. 2, pp , [19] M. G. Kuhn, An asymmetric security mechanism for navigation signals, in Proceedings of the 6th international conference on Information Hiding (IH 04), oronto, Canada, 2004, pp [20] B. W. O Hanlon, M. L. Psiaki,. E. Humphreys, and J. A. Bhatti, Real-time spoofing detection using correlation between two civil GPS receiver, in Proceedings of the 25th International echnical Meeting of the Satellite Division of the Institute of Navigation (ION GNSS 2012), Nashville, N, Sep [21] L. Heng, D. B. Work, and G. X. Gao, Cooperative GNSS authentication: Reliability from unreliable peers, Inside GNSS, vol. 8, no. 5, pp , Sep [22], GPS signal authentication from cooperative peers, IEEE ransactions on Intelligent ransportation Systems, Apr. 2014, submitted. [23] C. Kaufman, R. Perlman, and M. Speciner, Network Security: Private Communication in a Public World. Prentice Hall PR, 2002.
Cooperative GNSS Authentication
AUTHENTICATION Cooperative GNSS Authentication Reliability from Unreliable Peers Secure, reliable position and time information is indispensable for many civil GNSS applications such as guiding aircraft,
More informationLOCATION awareness is crucial to many transportation
1 GPS Signal Authentication from Cooperative Peers Liang Heng, Member, IEEE, Daniel B. Work, and Grace Xingxin Gao, Member, IEEE Abstract Secure, reliable position information is indispensable for many
More informationA Multi-Layered, Multi-Receiver Architecture
GPS-BASED TIMING A Multi-Layered, Multi-Receiver Architecture Reliable GPS-Based Timing for Power Systems LIANG HENG, DANIEL CHOU, AND GRACE XINGXIN GAO UNIVERSITY OF ILLINOIS AT URBANA-CHAMPAIGN Phasor
More informationRobust GPS-Based Timing for PMUs Based on Multi-Receiver Position-Information-Aided Vector Tracking
Robust GPS-Based Timing for PMUs Based on Multi-Receiver Position-Information-Aided Vector Tracking Daniel Chou, Yuting Ng and Grace Xingxin Gao, University of Illinois Urbana-Champaign BIOGRAPHIES Daniel
More informationRobust GPS-Based Timing for Phasor Measurement Units: A Position-Information- Aided Approach
Robust GPS-Based Timing for Phasor Measurement Units: A Position-Information- Aided Approach Daniel Chou, Liang Heng, and Grace XingXin Gao, University of Illinois Urbana-Champaign BIOGRAPHIES Daniel Chou
More informationGNSS Spoofing, Jamming, and Multipath Interference Classification using a Maximum-Likelihood Multi-Tap Multipath Estimator
GNSS Spoofing, Jamming, and Multipath Interference Classification using a Maximum-Likelihood Multi-Tap Multipath Estimator Jason N. Gross, West Virginia University Todd E. Humphreys, University of Texas
More informationJamming and Spoofing of GNSS Signals An Underestimated Risk?!
Jamming and Spoofing of GNSS Signals An Underestimated Risk?! Alexander Rügamer Dirk Kowalewski Fraunhofer IIS NavXperience GmbH Fraunhofer IIS 1 Source: http://securityaffairs.co/wordpress/wpcontent/uploads/2012/02/spoofing.jpg
More informationOn the Use of a Feedback Tracking Architecture for Satellite Navigation Spoofing Detection
sensors Article On the Use of a Feedback Tracking Architecture for Satellite Navigation Spoofing Detection Esteban Garbin Manfredini * and Fabio Dovis Department of Electronics and Telecommunications,
More informationThe Case for Recording IF Data for GNSS Signal Forensic Analysis Using a SDR
The Case for Recording IF Data for GNSS Signal Forensic Analysis Using a SDR Professor Gérard Lachapelle & Dr. Ali Broumandan PLAN Group, University of Calgary PLAN.geomatics.ucalgary.ca IGAW 2016-GNSS
More informationLOW POWER GLOBAL NAVIGATION SATELLITE SYSTEM (GNSS) SIGNAL DETECTION AND PROCESSING
LOW POWER GLOBAL NAVIGATION SATELLITE SYSTEM (GNSS) SIGNAL DETECTION AND PROCESSING Dennis M. Akos, Per-Ludvig Normark, Jeong-Taek Lee, Konstantin G. Gromov Stanford University James B. Y. Tsui, John Schamus
More informationSecurity of Global Navigation Satellite Systems (GNSS) GPS Fundamentals GPS Signal Spoofing Attack Spoofing Detection Techniques
Security of Global Navigation Satellite Systems (GNSS) GPS Fundamentals GPS Signal Spoofing Attack Spoofing Detection Techniques Global Navigation Satellite Systems (GNSS) Umbrella term for navigation
More informationSpoofing GPS Receiver Clock Offset of Phasor Measurement Units 1
Spoofing GPS Receiver Clock Offset of Phasor Measurement Units 1 Xichen Jiang (in collaboration with J. Zhang, B. J. Harding, J. J. Makela, and A. D. Domínguez-García) Department of Electrical and Computer
More informationPhase Center Calibration and Multipath Test Results of a Digital Beam-Steered Antenna Array
Phase Center Calibration and Multipath Test Results of a Digital Beam-Steered Antenna Array Kees Stolk and Alison Brown, NAVSYS Corporation BIOGRAPHY Kees Stolk is an engineer at NAVSYS Corporation working
More informationAdvanced Multi-Receiver Position-Information-Aided Vector Tracking for Robust GPS Time Transfer to PMUs
Advanced Multi-Receiver Position-Information-Aided Vector Tracking for Robust GPS Time Transfer to PMUs Yuting Ng and Grace Xingxin Gao University of Illinois at Urbana-Champaign BIOGRAPHIES Yuting Ng
More informationSurviving and Operating Through GPS Denial and Deception Attack. Nathan Shults Kiewit Engineering Group Aaron Fansler AMPEX Intelligent Systems
Surviving and Operating Through GPS Denial and Deception Attack Nathan Shults Kiewit Engineering Group Aaron Fansler AMPEX Intelligent Systems How GPS Works GPS Satellite sends exact time (~3 nanoseconds)
More informationImpact of Personal Privacy Devices for WAAS Aviation Users
Impact of Personal Privacy Devices for WAAS Aviation Users Grace Xingxin Gao, Kazuma Gunning, Todd Walter and Per Enge Stanford University, USA ABSTRACT Personal privacy devices (PPDs) are low-cost jammers
More informationFuture Dual Systems for Landing. The DGNSS PALS opportunity Marco Donfrancesco Intelligence & Cyber EW Sales & Mktg
Future Dual Systems for Landing. The DGNSS PALS opportunity Marco Donfrancesco Intelligence & Cyber EW Sales & Mktg SG-175 DGNSS PALS study The study shall provide technical advice on the data link capabilities
More informationTime Firewall: Securing the GNSS receivers against Spoofing/Jamming. Shemi Prazot AccuBeat
Time Firewall: Securing the GNSS receivers against Spoofing/Jamming Shemi Prazot AccuBeat 1 The need The GNSS systems are widely used for both navigation and timing in civilian infrastructures and military
More informationA Blueprint for Civil GPS Navigation Message Authentication
A Blueprint for Civil GPS Navigation Message Authentication Andrew Kerns, Kyle Wesson, and Todd Humphreys Radionavigation Laboratory University of Texas at Austin Applied Research Laboratories University
More informationIt is well known that GNSS signals
GNSS Solutions: Multipath vs. NLOS signals GNSS Solutions is a regular column featuring questions and answers about technical aspects of GNSS. Readers are invited to send their questions to the columnist,
More informationMeasurement Level Integration of Multiple Low-Cost GPS Receivers for UAVs
Measurement Level Integration of Multiple Low-Cost GPS Receivers for UAVs Akshay Shetty and Grace Xingxin Gao University of Illinois at Urbana-Champaign BIOGRAPHY Akshay Shetty is a graduate student in
More informationGalileo NMA Signal Unpredictability and Anti-Replay Protection
Galileo NMA Signal Unpredictability and Anti-Replay Protection Ignacio Fernández-Hernández European Commission DG GROW Brussels, Belgium Gonzalo Seco-Granados Universitat Autònoma de Barcelona (UAB) Barcelona,
More informationMobile Security Fall 2015
Mobile Security Fall 2015 Patrick Tague #8: Location Services 1 Class #8 Location services for mobile phones Cellular localization WiFi localization GPS / GNSS 2 Mobile Location Mobile location has become
More informationHigh Gain Advanced GPS Receiver
High Gain Advanced GPS Receiver NAVSYS Corporation 14960 Woodcarver Road, Colorado Springs, CO 80921 Introduction The NAVSYS High Gain Advanced GPS Receiver (HAGR) is a digital beam steering receiver designed
More informationAssessing & Mitigation of risks on railways operational scenarios
R H I N O S Railway High Integrity Navigation Overlay System Assessing & Mitigation of risks on railways operational scenarios Rome, June 22 nd 2017 Anja Grosch, Ilaria Martini, Omar Garcia Crespillo (DLR)
More informationAddressing the Challenges of Radar and EW System Design and Test using a Model-Based Platform
Addressing the Challenges of Radar and EW System Design and Test using a Model-Based Platform By Dingqing Lu, Agilent Technologies Radar systems have come a long way since their introduction in the Today
More informationDemonstrations of Multi-Constellation Advanced RAIM for Vertical Guidance using GPS and GLONASS Signals
Demonstrations of Multi-Constellation Advanced RAIM for Vertical Guidance using GPS and GLONASS Signals Myungjun Choi, Juan Blanch, Stanford University Dennis Akos, University of Colorado Boulder Liang
More informationSatellite Navigation Principle and performance of GPS receivers
Satellite Navigation Principle and performance of GPS receivers AE4E08 GPS Block IIF satellite Boeing North America Christian Tiberius Course 2010 2011, lecture 3 Today s topics Introduction basic idea
More informationProceedings of Al-Azhar Engineering 7 th International Conference Cairo, April 7-10, 2003.
Proceedings of Al-Azhar Engineering 7 th International Conference Cairo, April 7-10, 2003. MODERNIZATION PLAN OF GPS IN 21 st CENTURY AND ITS IMPACTS ON SURVEYING APPLICATIONS G. M. Dawod Survey Research
More informationGPS Spoofer Localization for PMUs using Multi-Receiver Direct Time Estimation
GPS Spoofer Localization for PMUs using Multi-Receiver Direct Time Estimation Sriramya Bhamidipati and Grace Xingxin Gao University of Illinois at Urbana-Champaign Abstract Our work highlights the improved
More informationRESEARCH ON METHODS FOR ANALYZING AND PROCESSING SIGNALS USED BY INTERCEPTION SYSTEMS WITH SPECIAL APPLICATIONS
Abstract of Doctorate Thesis RESEARCH ON METHODS FOR ANALYZING AND PROCESSING SIGNALS USED BY INTERCEPTION SYSTEMS WITH SPECIAL APPLICATIONS PhD Coordinator: Prof. Dr. Eng. Radu MUNTEANU Author: Radu MITRAN
More informationMonitoring Station for GNSS and SBAS
Monitoring Station for GNSS and SBAS Pavel Kovář, Czech Technical University in Prague Josef Špaček, Czech Technical University in Prague Libor Seidl, Czech Technical University in Prague Pavel Puričer,
More informationMULTIPATH EFFECT MITIGATION IN SIGNAL PROPAGATION THROUGH AN INDOOR ENVIRONMENT
JOURNAL OF APPLIED ENGINEERING SCIENCES VOL. 2(15), issue 2_2012 ISSN 2247-3769 ISSN-L 2247-3769 (Print) / e-issn:2284-7197 MULTIPATH EFFECT MITIGATION IN SIGNAL PROPAGATION THROUGH AN INDOOR ENVIRONMENT
More informationTowards a Practical Single Element Null Steering Antenna
Towards a Practical Single Element Null Steering Antenna Yu-Hsuan Chen, Fabian Rothmaier, Stanford University Dennis Akos, University of Colorado at Boulder Sherman Lo and Per Enge, Stanford University
More informationUTILIZATION OF AN IEEE 1588 TIMING REFERENCE SOURCE IN THE inet RF TRANSCEIVER
UTILIZATION OF AN IEEE 1588 TIMING REFERENCE SOURCE IN THE inet RF TRANSCEIVER Dr. Cheng Lu, Chief Communications System Engineer John Roach, Vice President, Network Products Division Dr. George Sasvari,
More informationA Multiple COTS Receiver GNSS Spoof Detector -- Extensions
University of Rhode Isl DigitalCommons@URI Department of Electrical, Computer, Biomedical Engineering Faculty Publications Department of Electrical, Computer, Biomedical Engineering 4 A Multiple COTS Receiver
More informationDetecting GPS Spoofing via a Multi-Receiver Hybrid Communication Network for Power Grid Timing Verification
Detecting GPS Spoofing via a Multi-Receiver Hybrid Communication Network for Power Grid Timing Verification Tara Yasmin Mina, Sriramya Bhamidipati, and Grace Xingxin Gao University of Illinois at Urbana-Champaign
More informationSignal Authentication
Signal Authentication A Secure Civil GNSS for Today Sherman Lo, David De Lorenzo, and Per Enge Stanford University and Zanio, Inc. Dennis Akos University of Colorado Paul Bradley DAFCA, Inc. Many civil
More informationDoes Anyone Really Know What Time It Is? Dr. Michael L. Cohen, MITRE October 15, 2013
Does Anyone Really Know What Time It Is? Dr. Michael L. Cohen, MITRE October 15, 2013 2013 The MITRE Corporation. All rights reserved Approved for Public Release; Distribution Unlimited 13-3392. The Problem:
More informationGNSS Jamming: A Short Survival Guide
GNSS Jamming: A Short Survival Guide Daniele Borio 15-16 November 2016 International Technical Symposium on Navigation and Timing (ITSN 2016) The European Commission s science and knowledge service 1 Joint
More informationPrecise GNSS Positioning for Mass-market Applications
Precise GNSS Positioning for Mass-market Applications Yang GAO, Canada Key words: GNSS, Precise GNSS Positioning, Precise Point Positioning (PPP), Correction Service, Low-Cost GNSS, Mass-Market Application
More informationAdaptive Array Technology for Navigation in Challenging Signal Environments
Adaptive Array Technology for Navigation in Challenging Signal Environments November 15, 2016 Point of Contact: Dr. Gary A. McGraw Technical Fellow Communications & Navigation Systems Advanced Technology
More informationCharacterization of Signal Deformations for GPS and WAAS Satellites
Characterization of Signal Deformations for GPS and WAAS Satellites Gabriel Wong, R. Eric Phelts, Todd Walter, Per Enge, Stanford University BIOGRAPHY Gabriel Wong is an Electrical Engineering Ph.D. candidate
More informationGNSS RFI/Spoofing: Detection, Localization, & Mitigation
GNSS RFI/Spoofing: Detection, Localization, & Mitigation Stanford's 2012 PNT Challenges and Opportunities Symposium 14 - November - 2012 Dennis M. Akos University of Colorado/Stanford University with contributions
More informationChapter 2 Channel Equalization
Chapter 2 Channel Equalization 2.1 Introduction In wireless communication systems signal experiences distortion due to fading [17]. As signal propagates, it follows multiple paths between transmitter and
More informationMITIGATING INTERFERENCE TO GPS OPERATION USING VARIABLE FORGETTING FACTOR BASED RECURSIVE LEAST SQUARES ESTIMATION
MITIGATING INTERFERENCE TO GPS OPERATION USING VARIABLE FORGETTING FACTOR BASED RECURSIVE LEAST SQUARES ESTIMATION Aseel AlRikabi and Taher AlSharabati Al-Ahliyya Amman University/Electronics and Communications
More informationSpoofing GPS Receiver Clock Offset of Phasor Measurement Units
COORDINATED SCIENCE LABORATORY TECHNICAL REPORT UILU-ENG-12-2205 1 Spoofing GPS Receiver Clock Offset of Phasor Measurement Units Xichen Jiang Brian J. Harding Jonathan J. Makela Alejandro D. Domínguez-García
More informationPerformance Analysis of Cognitive Radio based on Cooperative Spectrum Sensing
Performance Analysis of Cognitive Radio based on Cooperative Spectrum Sensing Sai kiran pudi 1, T. Syama Sundara 2, Dr. Nimmagadda Padmaja 3 Department of Electronics and Communication Engineering, Sree
More informationUniversal Acquisition and Tracking Apparatus for Global Navigation Satellite System (GNSS) Signals: Research Patent Introduction (RPI)
Universal Acquisition and Tracking Apparatus for Global Navigation Satellite System (GNSS) Signals: Research Patent Introduction (RPI) 27/01/2014 PAR R.JR. LANDRY, M.A. FORTIN ET J.C. GUAY 0 An RPI is
More informationFuture GNSS: Improved Signals and Constellations
Future GNSS: Improved Signals and Constellations Guillermo Martínez Morán 1 1 Airbus Defense & Space. Paseo John Lennon s/n 28096 Getafe (Madrid Spain) Guillermo.M.Martinez@military.airbus.com Abstract:
More informationGNSS Technologies. GNSS Acquisition Dr. Zahidul Bhuiyan Finnish Geospatial Research Institute, National Land Survey
GNSS Acquisition 25.1.2016 Dr. Zahidul Bhuiyan Finnish Geospatial Research Institute, National Land Survey Content GNSS signal background Binary phase shift keying (BPSK) modulation Binary offset carrier
More informationWorking Party 5B DRAFT NEW RECOMMENDATION ITU-R M.[500KHZ]
Radiocommunication Study Groups Source: Subject: Document 5B/TEMP/376 Draft new Recommendation ITU-R M.[500kHz] Document 17 November 2011 English only Working Party 5B DRAFT NEW RECOMMENDATION ITU-R M.[500KHZ]
More informationUsing GPS to Synthesize A Large Antenna Aperture When The Elements Are Mobile
Using GPS to Synthesize A Large Antenna Aperture When The Elements Are Mobile Shau-Shiun Jan, Per Enge Department of Aeronautics and Astronautics Stanford University BIOGRAPHY Shau-Shiun Jan is a Ph.D.
More informationAIRPORT MULTIPATH SIMULATION AND MEASUREMENT TOOL FOR SITING DGPS REFERENCE STATIONS
AIRPORT MULTIPATH SIMULATION AND MEASUREMENT TOOL FOR SITING DGPS REFERENCE STATIONS ABSTRACT Christophe MACABIAU, Benoît ROTURIER CNS Research Laboratory of the ENAC, ENAC, 7 avenue Edouard Belin, BP
More informationAvoid Impact of Jamming Using Multipath Routing Based on Wireless Mesh Networks
Avoid Impact of Jamming Using Multipath Routing Based on Wireless Mesh Networks M. KIRAN KUMAR 1, M. KANCHANA 2, I. SAPTHAMI 3, B. KRISHNA MURTHY 4 1, 2, M. Tech Student, 3 Asst. Prof 1, 4, Siddharth Institute
More informationCALIFORNIA STATE UNIVERSITY, NORTHRIDGE FADING CHANNEL CHARACTERIZATION AND MODELING
CALIFORNIA STATE UNIVERSITY, NORTHRIDGE FADING CHANNEL CHARACTERIZATION AND MODELING A graduate project submitted in partial fulfillment of the requirements For the degree of Master of Science in Electrical
More informationAmplitude and Phase Distortions in MIMO and Diversity Systems
Amplitude and Phase Distortions in MIMO and Diversity Systems Christiane Kuhnert, Gerd Saala, Christian Waldschmidt, Werner Wiesbeck Institut für Höchstfrequenztechnik und Elektronik (IHE) Universität
More informationMethodology and Case Studies of Signal-in-Space Error Calculation Top-down Meets Bottom-up
Methodology and Case Studies of Signal-in-Space Error Calculation Top-down Meets Bottom-up Grace Xingxin Gao*, Haochen Tang*, Juan Blanch*, Jiyun Lee+, Todd Walter* and Per Enge* * Stanford University,
More informationProfessor Paulraj and Bringing MIMO to Practice
Professor Paulraj and Bringing MIMO to Practice Michael P. Fitz UnWiReD Laboratory-UCLA http://www.unwired.ee.ucla.edu/ April 21, 24 UnWiReD Lab A Little Reminiscence PhD in 1989 First research area after
More informationELT Receiver Architectures and Signal Processing Fall Mandatory homework exercises
ELT-44006 Receiver Architectures and Signal Processing Fall 2014 1 Mandatory homework exercises - Individual solutions to be returned to Markku Renfors by email or in paper format. - Solutions are expected
More informationNear Term Improvements to WAAS Availability
Near Term Improvements to WAAS Availability Juan Blanch, Todd Walter, R. Eric Phelts, Per Enge Stanford University ABSTRACT Since 2003, when it was first declared operational, the Wide Area Augmentation
More informationA Multi-State Notch Filter for GNSS Jamming Mitigation
A Multi-State Notch Filter for GNSS Jamming Mitigation Daniele Borio EC Joint Research Centre, Institute for the Protection and Security of the Citizen, Ispra, Italy Email: daniele.borio@ieee.org Abstract
More informationMiniaturized GPS Antenna Array Technology and Predicted Anti-Jam Performance
Miniaturized GPS Antenna Array Technology and Predicted Anti-Jam Performance Dale Reynolds; Alison Brown NAVSYS Corporation. Al Reynolds, Boeing Military Aircraft And Missile Systems Group ABSTRACT NAVSYS
More informationGPS Beamforming with Low-cost RTL-SDRs Wil Myrick, Ph.D.
with Low-cost RTL-SDRs Wil Myrick, Ph.D. September 13, 2017 Conference 2017 Recap from GRCon 2016 MWF Invented by Dr. Scott Goldstein and Dr. Irving Reed (1996) Initial Release (2001) Revisited GPS Work
More informationChannel Modeling ETI 085
Channel Modeling ETI 085 Overview Lecture no: 9 What is Ultra-Wideband (UWB)? Why do we need UWB channel models? UWB Channel Modeling UWB channel modeling Standardized UWB channel models Fredrik Tufvesson
More informationSPECTRAL SEPARATION COEFFICIENTS FOR DIGITAL GNSS RECEIVERS
SPECTRAL SEPARATION COEFFICIENTS FOR DIGITAL GNSS RECEIVERS Daniele Borio, Letizia Lo Presti 2, and Paolo Mulassano 3 Dipartimento di Elettronica, Politecnico di Torino Corso Duca degli Abruzzi 24, 029,
More informationDesign of Simulcast Paging Systems using the Infostream Cypher. Document Number Revsion B 2005 Infostream Pty Ltd. All rights reserved
Design of Simulcast Paging Systems using the Infostream Cypher Document Number 95-1003. Revsion B 2005 Infostream Pty Ltd. All rights reserved 1 INTRODUCTION 2 2 TRANSMITTER FREQUENCY CONTROL 3 2.1 Introduction
More informationHIGH GAIN ADVANCED GPS RECEIVER
ABSTRACT HIGH GAIN ADVANCED GPS RECEIVER NAVSYS High Gain Advanced () uses a digital beam-steering antenna array to enable up to eight GPS satellites to be tracked, each with up to dbi of additional antenna
More informationDIGITAL Radio Mondiale (DRM) is a new
Synchronization Strategy for a PC-based DRM Receiver Volker Fischer and Alexander Kurpiers Institute for Communication Technology Darmstadt University of Technology Germany v.fischer, a.kurpiers @nt.tu-darmstadt.de
More informationA Simulation Tool for Space-time Adaptive Processing in GPS
Progress In Electromagnetics Research Symposium 2006, Cambridge, USA, March 26-29 363 A Simulation Tool for Space-time Adaptive Processing in GPS W. Y. Zhao, L. F. Xu, and R. B. Wu Civil Aviation University
More informationA Soft-Limiting Receiver Structure for Time-Hopping UWB in Multiple Access Interference
2006 IEEE Ninth International Symposium on Spread Spectrum Techniques and Applications A Soft-Limiting Receiver Structure for Time-Hopping UWB in Multiple Access Interference Norman C. Beaulieu, Fellow,
More informationAn Indoor Localization System Based on DTDOA for Different Wireless LAN Systems. 1 Principles of differential time difference of arrival (DTDOA)
An Indoor Localization System Based on DTDOA for Different Wireless LAN Systems F. WINKLER 1, E. FISCHER 2, E. GRASS 3, P. LANGENDÖRFER 3 1 Humboldt University Berlin, Germany, e-mail: fwinkler@informatik.hu-berlin.de
More informationAnalysis of RF requirements for Active Antenna System
212 7th International ICST Conference on Communications and Networking in China (CHINACOM) Analysis of RF requirements for Active Antenna System Rong Zhou Department of Wireless Research Huawei Technology
More informationReal-Time Software Receiver Using Massively Parallel
Real-Time Software Receiver Using Massively Parallel Processors for GPS Adaptive Antenna Array Processing Jiwon Seo, David De Lorenzo, Sherman Lo, Per Enge, Stanford University Yu-Hsuan Chen, National
More informationMulti-Receiver Vector Tracking
Multi-Receiver Vector Tracking Yuting Ng and Grace Xingxin Gao please feel free to view the.pptx version for the speaker notes Cutting-Edge Applications UAV formation flight remote sensing interference
More informationUNIT- 7. Frequencies above 30Mhz tend to travel in straight lines they are limited in their propagation by the curvature of the earth.
UNIT- 7 Radio wave propagation and propagation models EM waves below 2Mhz tend to travel as ground waves, These wave tend to follow the curvature of the earth and lose strength rapidly as they travel away
More informationGPS/QZSS Signal Authentication Concept
GPS/QZSS Signal Authentication Concept Dinesh Manandhar, Koichi Chino, Ryosuke Shibasaki The University of Tokyo Satoshi Kogure, Jiro Yamashita, Hiroaki Tateshita Japan Aerospace Exploration Agency (JAXA)
More informationBEING wideband, chaotic signals are well suited for
680 IEEE TRANSACTIONS ON CIRCUITS AND SYSTEMS II: EXPRESS BRIEFS, VOL. 51, NO. 12, DECEMBER 2004 Performance of Differential Chaos-Shift-Keying Digital Communication Systems Over a Multipath Fading Channel
More informationTEST RESULTS OF A HIGH GAIN ADVANCED GPS RECEIVER
TEST RESULTS OF A HIGH GAIN ADVANCED GPS RECEIVER ABSTRACT Dr. Alison Brown, Randy Silva, Gengsheng Zhang,; NAVSYS Corporation. NAVSYS High Gain Advanced GPS Receiver () uses a digital beam-steering antenna
More informationDYNAMICALLY RECONFIGURABLE SOFTWARE DEFINED RADIO FOR GNSS APPLICATIONS
DYNAMICALLY RECONFIGURABLE SOFTWARE DEFINED RADIO FOR GNSS APPLICATIONS Alison K. Brown (NAVSYS Corporation, Colorado Springs, Colorado, USA, abrown@navsys.com); Nigel Thompson (NAVSYS Corporation, Colorado
More informationDesign and Experiment of Adaptive Anti-saturation and Anti-jamming Modules for GPS Receiver Based on 4-antenna Array
Advances in Computer Science Research (ACRS), volume 54 International Conference on Computer Networks and Communication Technology (CNCT2016) Design and Experiment of Adaptive Anti-saturation and Anti-jamming
More informationRevision of Lecture One
Revision of Lecture One System blocks and basic concepts Multiple access, MIMO, space-time Transceiver Wireless Channel Signal/System: Bandpass (Passband) Baseband Baseband complex envelope Linear system:
More informationImplementation and Performance Evaluation of a Fast Relocation Method in a GPS/SINS/CSAC Integrated Navigation System Hardware Prototype
This article has been accepted and published on J-STAGE in advance of copyediting. Content is final as presented. Implementation and Performance Evaluation of a Fast Relocation Method in a GPS/SINS/CSAC
More informationApplying Defence-in-depth to counter RF interferences over GNSS
Applying Defence-in-depth to counter RF interferences over GNSS IET 5th Oct. 2011 Xavier Bertinchamps - GSA Objective of this presentation Understand Jamming threat on GNSS Propose a comprehensive strategy
More informationECE 476/ECE 501C/CS Wireless Communication Systems Winter Lecture 6: Fading
ECE 476/ECE 501C/CS 513 - Wireless Communication Systems Winter 2004 Lecture 6: Fading Last lecture: Large scale propagation properties of wireless systems - slowly varying properties that depend primarily
More informationRESPONSE TO THE HOUSE OF COMMONS TRANSPORT SELECT COMMITTEE INQUIRY INTO GALILEO. Memorandum submitted by The Royal Academy of Engineering
RESPONSE TO THE HOUSE OF COMMONS TRANSPORT SELECT COMMITTEE INQUIRY INTO GALILEO Memorandum submitted by The Royal Academy of Engineering September 2004 Executive Summary The Royal Academy of Engineering
More informationECE 476/ECE 501C/CS Wireless Communication Systems Winter Lecture 6: Fading
ECE 476/ECE 501C/CS 513 - Wireless Communication Systems Winter 2005 Lecture 6: Fading Last lecture: Large scale propagation properties of wireless systems - slowly varying properties that depend primarily
More informationGPS PERFORMANCE EVALUATION OF THE HUAWEI MATE 9 WITH DIFFERENT ANTENNA CONFIGURATIONS
GPS PERFORMANCE EVALUATION OF THE HUAWEI MATE 9 WITH DIFFERENT ANTENNA CONFIGURATIONS AND P10 IN THE FIELD Gérard Lachapelle & Research Team PLAN Group, University of Calgary (http://plan.geomatics.ucalgary.ca)
More informationGPS spoofer countermeasure effectiveness based on signal strength, noise power, and C/N 0 measurements
INTERNATIONAL JOURNAL OF SATELLITE COMMUNICATIONS AND NETWORKING Int. J. Satell. Commun. Network. 22; 3:8 9 Published online in Wiley Online Library (wileyonlinelibrary.com)..2 GPS spoofer countermeasure
More informationGPS Receiver Autonomous Interference Detection
GPS Receiver Autonomous Interference Detection Awele Ndili, Stanford University Dr. Per Enge, Stanford University Presented at the 998 IEEE Position, Location and Navigation Symposium - PLANS 98 Palm Springs,
More informationPhase Effects Analysis of Patch Antenna CRPAs for JPALS
Phase Effects Analysis of Patch Antenna CRPAs for JPALS Ung Suok Kim, David De Lorenzo, Jennifer Gautier, Per Enge, Stanford University John A. Orr, Worcester Polytechnic Institute BIOGRAPHY Ung Suok Kim
More information3432 IEEE TRANSACTIONS ON INFORMATION THEORY, VOL. 53, NO. 10, OCTOBER 2007
3432 IEEE TRANSACTIONS ON INFORMATION THEORY, VOL 53, NO 10, OCTOBER 2007 Resource Allocation for Wireless Fading Relay Channels: Max-Min Solution Yingbin Liang, Member, IEEE, Venugopal V Veeravalli, Fellow,
More informationTest Results from a Digital P(Y) Code Beamsteering Receiver for Multipath Minimization Alison Brown and Neil Gerein, NAVSYS Corporation
Test Results from a Digital P(Y) Code Beamsteering Receiver for ultipath inimization Alison Brown and Neil Gerein, NAVSYS Corporation BIOGRAPHY Alison Brown is the President and CEO of NAVSYS Corporation.
More informationA GPS RECEIVER DESIGNED FOR CARRIER-PHASE TIME TRANSFER
A GPS RECEIVER DESIGNED FOR CARRIER-PHASE TIME TRANSFER Alison Brown, Randy Silva, NAVSYS Corporation and Ed Powers, US Naval Observatory BIOGRAPHY Alison Brown is the President and CEO of NAVSYS Corp.
More informationPerformance Analysis of Different Ultra Wideband Modulation Schemes in the Presence of Multipath
Application Note AN143 Nov 6, 23 Performance Analysis of Different Ultra Wideband Modulation Schemes in the Presence of Multipath Maurice Schiff, Chief Scientist, Elanix, Inc. Yasaman Bahreini, Consultant
More informationA Weighted Least Squares Algorithm for Passive Localization in Multipath Scenarios
A Weighted Least Squares Algorithm for Passive Localization in Multipath Scenarios Noha El Gemayel, Holger Jäkel, Friedrich K. Jondral Karlsruhe Institute of Technology, Germany, {noha.gemayel,holger.jaekel,friedrich.jondral}@kit.edu
More informationUWB Channel Modeling
Channel Modeling ETIN10 Lecture no: 9 UWB Channel Modeling Fredrik Tufvesson & Johan Kåredal, Department of Electrical and Information Technology fredrik.tufvesson@eit.lth.se 2011-02-21 Fredrik Tufvesson
More informationRobust Synchronization for DVB-S2 and OFDM Systems
Robust Synchronization for DVB-S2 and OFDM Systems PhD Viva Presentation Adegbenga B. Awoseyila Supervisors: Prof. Barry G. Evans Dr. Christos Kasparis Contents Introduction Single Frequency Estimation
More informationAn Efficient Joint Timing and Frequency Offset Estimation for OFDM Systems
An Efficient Joint Timing and Frequency Offset Estimation for OFDM Systems Yang Yang School of Information Science and Engineering Southeast University 210096, Nanjing, P. R. China yangyang.1388@gmail.com
More informationExam 3 is two weeks from today. Today s is the final lecture that will be included on the exam.
ECE 5325/6325: Wireless Communication Systems Lecture Notes, Spring 2010 Lecture 19 Today: (1) Diversity Exam 3 is two weeks from today. Today s is the final lecture that will be included on the exam.
More information