Cross-correlation of unknown encrypted signals between two Global Navigation Satellite System (GNSS) receivers is used for spoofing detection of publicly-known signals. This detection technique is one of the strongest known defenses against sophisticated spoofing attacks if the defended receiver has only one antenna. The attack strategy of concern overlays false GNSS radio-navigation signals on top of the true signals. The false signals increase in power, lift the receiver tracking loops off of the true signals, and drag the loops and the navigation solution to erroneous, but consistent results. This paper uses hypothesis testing theory to develop a codeless cross-correlation detection method for use in inexpensive, narrow-band civilian GNSS receivers. The detection method is instantiated by using the encrypted military GPS P(Y) code on the L1 frequency in order to defend the publicly-known civilian GPS C/A code. Successful detection of spoofing attacks is demonstrated by off-line processing of recorded RF data from narrow-band 2.5 MHz RF front-ends, which attenuate the wide-band P(Y) code by 5.5 dB. The new technique can detect attacks using correlation intervals of 1.2 sec or less.

Cite and download the paper:
Psiaki, M.L., B.W. O'Hanlon, J.A. Bhatti, D.P. Shepard, and T.E. Humphreys, "GPS Spoofing Detection via Dual-Receiver Correlation of Military Signals," IEEE Transactions on Aerospace and Electronic Systems, 2013.