Stopping GPS spoofing is tough—however you’ll be able to a minimum of detect it

This demonstration of GPS/GNSS spoofing reveals a semi-autonomous automotive being misled into taking the flawed highway.

At this time on the IAA (Worldwide Motor Present) in Frankfurt, Regulus Cyber introduced a brand new software-only GPS spoof detection product. This product, Pyramid GNSS, is what the corporate was hyping when it executed a Pied Piper assault on a Tesla Mannequin S this June.

Regulus Cyber demonstrated the brand new product, Pyramid GNSS, to us yesterday through Internet convention from the IAA. Pyramid GNSS was operating on a Linux-powered laptop computer with GPS receiver and efficiently intercepted spoofed GNSS indicators coming from one other laptop computer with a software-defined radio a number of toes away. An iPhone in the identical room picked up the spoofed GPS indicators and erroneously confirmed itself driving down a close-by freeway. However the laptop computer operating Pyramid—which had a duplicate of what seemed to be Google Maps operating—remained stationary.

It is vital to acknowledge what this resolution is not, after all. Pyramid GNSS doesn’t allow a protected system to get right positioning information when its GPS receiver is being spoofed—it simply prevents the system from believing and appearing on the false information.

In the true world, you’ll be able to take a look at this as downgrading an precise GPS hack to a easy denial of service. A navigation system protected by Pyramid GNSS wouldn’t be misled by false GPS information, nevertheless it nonetheless would not have entry to actual GPS information both. Such a navigation system could be compelled to make do with its different sensors (cameras, accelerometers, inertial navigation) so long as the spoofed sign was concentrating on it.

There unfortunately isn't much to see here—Enlarge / There sadly is not a lot to see right here—”extra parameters” doesn’t a system diagram make.

Regulus Cyber

Regulus is, sadly, enjoying its playing cards extraordinarily near the vest when it comes to how the system works. “We have realized easy methods to understand anomalies between authentic GNSS indicators and spoofed indicators by researching the variations within the satellite tv for pc indicators protocol and recognizing the inter-relationships between sign parameters,” CTO and co-founder Yoav Zangvil explains within the press launch; this and the system diagram provided to Ars do not add as much as a lot past “this works.” The video demonstration was convincing, nevertheless, each in its minor frustrations (the unprotected iPhone was gradual to acknowledge the spoofed GPS sign and start “transferring”) in addition to its successes.

Ars requested a check equipment, however Regulus Cyber’s attorneys denied it attributable to considerations round “instructing somebody to hack GPS.” Assuming Pyramid GNSS holds up below extra rigorous, hands-on testing—and Regulus can persuade OEMs to license it—its software-only nature ought to lend itself to straightforward, widespread adoption, significantly in Android and different Linux-based units.

Itemizing picture by Martin Vorel / Libreshot

Be the first to comment

Leave a Reply

Your email address will not be published.