Patching security holes in GPS, computer timing
- By Patrick Marshall
- Mar 20, 2018
When Navy ships were involved in two collisions in the summer of 2017 -- one off the coast of Japan and another near Malaysia -- some analysts suspected that the cause might have been “GPS spoofing,” the transmission of falsified Global Positioning System data to the ship’s computers.
In September 2017, researchers reported multiple instances of GPS spoofing in Russian waters. In one widely reported case, two ships' GPS indicated they were at Sochi Airport, 12 miles away from the vessels' actual locations. Some experts speculated that the GPS spoofing might have been the result of efforts to protect Russian President Vladimir Putin’s nearby summer home from drone incursions.
Now researchers at Clemson University have received a $1 million grant from the National Science Foundation to develop ways to prevent such mishaps and, potentially, even greater catastrophes that could result from GPS spoofing. The researchers also are looking at defenses against attacks on the Network Time Protocol (NTP), which keeps computers synchronized.
"In a network where time has to be aligned, such as the internet, cellular communication networks and power systems, if the time on one device goes wrong, then there could be catastrophic consequences,” said Yongqiang Wang, assistant professor of electrical and computer engineering and the research team leader. “So we want to provide secure timing solutions by securing the two most commonly used time distribution approaches, GPS receivers and NTP."
The threats are varied. While GPS spoofing can make ships think they’re on land, Wang said, rolling back timing on a device can make it easy for hackers to access encrypted documents.
The Clemson team’s plan for protecting against GPS spoofing is to set up a server that will be used to certify GPS signals by embedding a secret code in them. The Clemson server will sample satellite GPS signals every 10 seconds, and end users’ devices will be able to access the Clemson sample to verify that the signals they are receiving are coming from a genuine source.
The team’s strategy for protections against attack on NTP is similar -- they will create a “pulse synch protocol” that computers can access to cross-check whether they are correctly synchronized with each other.
Other teams are tackling this challenge as well. Given that some GPS spoofing may result from determined hackers, researchers at the University of Texas, San Antonio, have developed an algorithm that mitigates the effects of spoofed GPS attacks on electrical grids and other GPS-reliant technologies.
The algorithm can recognize false GPS time and location signals and counter an attack while it occurs. It estimates the clock bias and drift of the GPS receiver along with the possible attack and corrects that data, according to a summary of the research. The researchers say the proposed technique can easily be implemented in real time and can work with standard position, velocity and time estimation algorithms in off-the-shelf receivers.
While focusing primarily on preventing attacks on the American electrical power grid, the San Antonio researchers said the algorithm is applicable to many industries that depend on reliable GPS data – from autonomous vehicles to cell phone signals and financial transactions. They are planning to make their algorithm available in app stores for Android and iPhone users, as well as for larger devices like computers.
Patrick Marshall is a freelance technology writer for GCN.