Sensor deception detection and radio-frequency emitter localization
MetadataShow full item record
The Global Positioning System (GPS) is an invisible utility that has had enormous impact in areas such as navigation, telecommunications, and power grids. However, malicious so-called "field" attacks such as jamming and spoofing threaten to disrupt and damage an infrastructure that has become so dependent on an always available and trustworthy GPS. This dissertation provides solutions that, if deployed as part of a layered defense, can significantly mitigate the effects of these emerging threats. The first type of attack considered in this dissertation is GPS spoofing. An attacker's ability to covertly control a maritime surface vessel by broadcasting counterfeit civil GPS signals is analyzed and demonstrated. It is shown that, despite access to a variety of high-quality navigation and surveillance sensors, modern maritime navigation depends crucially on satellite-based navigation. A simple innovations-based detection framework for GPS deception is developed, and given real-world environmental and attack parameters, the probability of hazardously misleading information (HMI) or integrity risk is minimized within the framework. A covert attack is designed to have a high integrity risk and is possible because attacker-induced deviations in the vessel's dynamics can be disguised as the effects of slowly-changing ocean currents and wind. A field experiment confirms the analysis by demonstrating covert control of a 65-m yacht in the Mediterranean Sea. The second type of attack considered in this dissertation is GPS jamming. A system for passively locating radio-frequency emitters is developed and demonstrated. The system was originally motivated by the proliferation of GPS jammers, but has broad applicability to any emitter of unknown waveform. A model for the cross-correlation of the emitter signal captured by spatially distributed receivers with an independent local oscillator and an efficient digital cross-correlation implementation is presented. Algorithms based on grid search and the particle filter are developed to estimate the emitter state directly from the cross-correlation, avoiding the inefficiency of an intermediate time and frequency difference of arrival estimate. The system is proven in several field experiments with the emitter on stationary or vehicular platforms and with one experiment using a receiver on an airborne platform.