GPS Spoofing Attacks on AI-based Navigation Systems with Obstacle Avoidance in UAV
Ji Hyuk Jung, Mi Yeon Hong, Ji Won Yoon
TL;DR
The paper investigates GPS spoofing as a practical threat to AI-driven UAV navigation that uses Deep Reinforcement Learning and obstacle avoidance. It develops attack models that couple GPS spoofing with the PX4 EKF anomaly-detection layer and demonstrates feasible collisions even when spoofing inputs are constrained to evade detection. By contrasting unconstrained and constrained scenarios, the authors show that realistic spoofing ranges can still mislead the DRL controller, highlighting the need for security-aware designs in DRL-based UAV stacks. The work provides a path toward more resilient UAV autonomy in urban, battlefield, and disaster contexts by exposing concrete vulnerabilities across perception, state estimation, and planning components.
Abstract
Recently, approaches using Deep Reinforcement Learning (DRL) have been proposed to solve UAV navigation systems in complex and unknown environments. However, despite extensive research and attention, systematic studies on various security aspects have not yet been conducted. Therefore, in this paper, we conduct research on security vulnerabilities in DRL-based navigation systems, particularly focusing on GPS spoofing attacks against the system. Many recent basic DRL-based navigation systems fundamentally share an efficient structure. This paper presents an attack model that operates through GPS spoofing attacks briefly modeling the range of spoofing attack against EKF sensor fusion of PX4 autopilot, and combine this with the DRL-based system to design attack scenarios that are closer to reality. Finally, this paper experimentally demonstrated that attacks are possible both in the basic DRL system and in attack models combining the DRL system with PX4 autopilot system.