GPS devices vulnerable to 'spoofing,' researchers say
GPS devices can be fooled into registering phoney co-ordinates by a rogue transmitter, despite systems meant to circumvent such tampering, say Cornell University researchers.
The scientists demonstrated Tuesday how it can be done by programming a briefcase-size GPS receiver, used in atmospheric research, to send out fake signals.
The global positioning system is a network of more than two dozen satellites that orbit the Earth and transmit precisely timed signals down to GPS receivers.
Each receiver contains a tiny computer that uses the signals of three or four satellites to determine its location (latitude, longitude and altitude) using a process similar to triangulation.
The Cornell researchers spent a year trying to "spoof" the system. "Spoofing" is a decidedly non-scientific term first coined in the radar community and describes the transmission of fake GPS signals that receivers accept as authentic ones.
The scientists first presented their findings in a paper at a meeting earlier this month of the Institute of Navigation in the state of Georgia.
Cornell professors Paul Kintner and Mark Psiaki showed how the phoney receiver could be placed near a GPS navigation device, where it would track, modify, and retransmit signals from the satellites.
The "victim" navigation device gradually takes the counterfeit navigation signals for the real thing.
"GPS is woven into our technology infrastructure, just like the power grid or the water system," said Kintner, professor of electrical and computer engineering. "If it were attacked, there would be a serious impact."
The idea, of course, is not to create chaos, but to demonstrate the vulnerability of receivers to spoofing and devise methods to guard against such attacks.
"Our goal is to inspire people who design GPS hardware to think about ways to make it so the kinds of things we're showing can be overcome," said Psiaki, professor of mechanical and aerospace engineering. GPS spoofing isn't new; in fact, the U.S. government issued a report in 2003 detailing seven "countermeasures" against such an attack.
But, according to the researchers, such countermeasures would not have successfully guarded against the signals produced by their reprogrammed receiver.