Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Extending RAIM with a Gaussian Mixture of Opportunistic Information

Wenjie Liu, Panos Papadimitratos

TL;DR

This work tackles GNSS spoofing by extending receiver autonomous integrity monitoring (RAIM) to incorporate untrusted opportunistic information from terrestrial networks and onboard sensors. It introduces a two-stage Gaussian Mixture RAIM: subset generation of ranging information across satellites and networks, followed by motion-informed location fusion and uncertainty modeling to compute a spoofing likelihood. The method provides a formal problem formulation for attack detection, theoretical results for GNSS-only and multi-infrastructure scenarios, and experimental validation on a real-world Kista dataset with synthetic attacks. Results show substantial gains in detection accuracy over baselines and demonstrate the potential for recovering plausible locations under attack, highlighting practical benefits for robust GNSS security in heterogeneous environments.

Abstract

GNSS are indispensable for various applications, but they are vulnerable to spoofing attacks. The original receiver autonomous integrity monitoring (RAIM) was not designed for securing GNSS. In this context, RAIM was extended with wireless signals, termed signals of opportunity (SOPs), or onboard sensors, typically assumed benign. However, attackers might also manipulate wireless networks, raising the need for a solution that considers untrustworthy SOPs. To address this, we extend RAIM by incorporating all opportunistic information, i.e., measurements from terrestrial infrastructures and onboard sensors, culminating in one function for robust GNSS spoofing detection. The objective is to assess the likelihood of GNSS spoofing by analyzing locations derived from extended RAIM solutions, which include location solutions from GNSS pseudorange subsets and wireless signal subsets of untrusted networks. Our method comprises two pivotal components: subset generation and location fusion. Subsets of ranging information are created and processed through positioning algorithms, producing temporary locations. Onboard sensors provide speed, acceleration, and attitude data, aiding in location filtering based on motion constraints. The filtered locations, modeled with uncertainty, are fused into a composite likelihood function normalized for GNSS spoofing detection. Theoretical assessments of GNSS-only and multi-infrastructure scenarios under uncoordinated and coordinated attacks are conducted. The detection of these attacks is feasible when the number of benign subsets exceeds a specific threshold. A real-world dataset from the Kista area is used for experimental validation. Comparative analysis against baseline methods shows a significant improvement in detection accuracy achieved by our Gaussian Mixture RAIM approach. Moreover, we discuss leveraging RAIM results for plausible location recovery.

Extending RAIM with a Gaussian Mixture of Opportunistic Information

TL;DR

This work tackles GNSS spoofing by extending receiver autonomous integrity monitoring (RAIM) to incorporate untrusted opportunistic information from terrestrial networks and onboard sensors. It introduces a two-stage Gaussian Mixture RAIM: subset generation of ranging information across satellites and networks, followed by motion-informed location fusion and uncertainty modeling to compute a spoofing likelihood. The method provides a formal problem formulation for attack detection, theoretical results for GNSS-only and multi-infrastructure scenarios, and experimental validation on a real-world Kista dataset with synthetic attacks. Results show substantial gains in detection accuracy over baselines and demonstrate the potential for recovering plausible locations under attack, highlighting practical benefits for robust GNSS security in heterogeneous environments.

Abstract

GNSS are indispensable for various applications, but they are vulnerable to spoofing attacks. The original receiver autonomous integrity monitoring (RAIM) was not designed for securing GNSS. In this context, RAIM was extended with wireless signals, termed signals of opportunity (SOPs), or onboard sensors, typically assumed benign. However, attackers might also manipulate wireless networks, raising the need for a solution that considers untrustworthy SOPs. To address this, we extend RAIM by incorporating all opportunistic information, i.e., measurements from terrestrial infrastructures and onboard sensors, culminating in one function for robust GNSS spoofing detection. The objective is to assess the likelihood of GNSS spoofing by analyzing locations derived from extended RAIM solutions, which include location solutions from GNSS pseudorange subsets and wireless signal subsets of untrusted networks. Our method comprises two pivotal components: subset generation and location fusion. Subsets of ranging information are created and processed through positioning algorithms, producing temporary locations. Onboard sensors provide speed, acceleration, and attitude data, aiding in location filtering based on motion constraints. The filtered locations, modeled with uncertainty, are fused into a composite likelihood function normalized for GNSS spoofing detection. Theoretical assessments of GNSS-only and multi-infrastructure scenarios under uncoordinated and coordinated attacks are conducted. The detection of these attacks is feasible when the number of benign subsets exceeds a specific threshold. A real-world dataset from the Kista area is used for experimental validation. Comparative analysis against baseline methods shows a significant improvement in detection accuracy achieved by our Gaussian Mixture RAIM approach. Moreover, we discuss leveraging RAIM results for plausible location recovery.
Paper Structure (26 sections, 6 theorems, 7 equations, 5 figures, 1 algorithm)

This paper contains 26 sections, 6 theorems, 7 equations, 5 figures, 1 algorithm.

Table of Contents

  1. Introduction
  2. Related Work
  3. GNSS Spoofing vs Meaconing
  4. RAIM Protecting GNSS
  5. System Model and Adversary
  6. System Model
  7. Adversary
  8. Problem Statement
  9. Proposed Scheme
  10. Scheme Outline
  11. Subset Generation
  12. Raw Data Collection
  13. Size and Combination
  14. Positioning Methods
  15. Location Fusion
  16. ...and 11 more sections

Key Result

Lemma 1

Suppose that $N_{\text{sat}}-N_{\text{adv}}>N_{\text{min}}$. Then, we can recover $\mathbf{p}_{\text{c}}$ from an Uncoordinated Attack.

Figures (5)

  • Figure 1: System and adversary model illustration.
  • Figure 2: System overview of Gaussian mixture .
  • Figure 3: An illustration of the attack-induced deviations and the recovered locations from the proposed method.
  • Figure 4: $P_\text{TP}$ of the proposed method (with/without exclusion), Kalman filter, and location fusion-based detector.
  • Figure 5: A plot of the relation between likelihood, $f_t(\hat{\mathbf{p}}_{\mathrm{c}})$, false positive probability, $P_{\mathrm{FP}_{\max}}$, and true positive probability, $P_\mathrm{TP}$.

Theorems & Definitions (6)

  • Lemma 1
  • Proposition 1
  • Corollary 1
  • Lemma 2
  • Theorem 1
  • Theorem 2