Investigation of multi-device location spoofing attacks on air traffic control and possible countermeasures

Authors: Daniel Moser, Patrick Leu, Vincent Lenders, Aanjhan Ranganathan, Fabio Ricciato, and Srdjan Čapkun

Proceedings of the 22nd Annual International Conference on Mobile Computing and Networking, MobiCom '16

Abstract

Multilateration techniques have been proposed to verify the integrity of unprotected location claims in wireless localization systems. A common assumption is that the adversary is equipped with only a single device from which it transmits location spoofing signals. In this paper, we consider a more advanced model where the attacker is equipped with multiple devices and performs a geographically distributed coordinated attack on the multilateration system. The feasibility of a distributed multi-device attack is demonstrated experimentally with a self-developed attack implementation based on multiple COTS software-defined radio (SDR) devices. We launch an attack against the OpenSky Network, an air traffic surveillance system that implements a time-difference-of-arrival (TDoA) multilateration method for aircraft localization based on ADS-B signals. Our experiments show that the timing errors for distributed spoofed signals are indistinguishable from the multilateration errors of legitimate aircraft signals, indicating that the threat of multi-device spoofing attacks is real in this and other similar systems. In the second part of this work, we investigate physical-layer features that could be used to detect multi-device attacks. We show that the frequency offset and transient phase noise of the attacker’s radio devices can be exploited to discriminate between a received signal that has been transmitted by a single (legitimate) transponder or by multiple (malicious) spoofing sources. Based on that, we devise a multi-device spoofing detection system that achieves zero false positives and a false negative rate below 1%.

People

Dr. Daniel Moser

Doctoral Student (2016 – 2021)

armasuisse

Dr. Patrick Leu

Doctoral Student (2017 – 2022)

DIRAC AG

Dr. Aanjhan Ranganathan

Doctoral Student (2010 – 2017)

Assistant Professor, Northeastern University

Prof. Srdjan Čapkun

Group Leader

BibTex

@inproceedings{moser2016investigation,
  author    = {Moser, Daniel and Leu, Patrick and Lenders, Vincent and Ranganathan, Aanjhan and Ricciato, Fabio and Capkun, Srdjan},
  title     = {{Investigation of multi-device location spoofing attacks on air traffic control and possible countermeasures}},
  booktitle = {Proceedings of the 22nd Annual International Conference on Mobile Computing and Networking, MobiCom '16},
  address   = {New York, NY, USA},
  year      = 2016,
  month     = oct,
  publisher = {Association for Computing Machinery},
  doi       = {10.1145/2973750.2973763},
  url       = {https://doi.org/10.1145/2973750.2973763}
}

Research Collection: 20.500.11850/120930