In-lab measurement campaigns and measurement-based analysis for GNSS spoofing models and countermeasures: GNSS Spoofing Dataset Generation
Ur Rahman, Syed Muneeb (2025)
2025
Sähkötekniikan DI-ohjelma - Master's Programme in Electrical Engineering
Informaatioteknologian ja viestinnän tiedekunta - Faculty of Information Technology and Communication Sciences
Hyväksymispäivämäärä
2025-06-03
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:tuni-202505306401
https://urn.fi/URN:NBN:fi:tuni-202505306401
Tiivistelmä
The growing threat of Global Navigation Satellite System (GNSS) spoofing presents significant risks to critical applications such as autonomous navigation, precision timing, and infrastructure security. This thesis conducts a comprehensive in-lab measurement campaign and measurement-based analysis aimed at generating and analyzing raw in-phase and quadrature (IQ) datasets for various GNSS spoofing scenarios. The primary objective is to advance research on spoofing detection by publicly disseminating high-quality datasets, Spectracom scenario files, and comprehensive readme files. These resources enable researchers to re-generate the scenarios and verify their detection and mitigation algorithms, fostering reproducibility and further innovation in the field. Additionally, the study provides in-depth insights into the distinguishing characteristics of authentic and spoofed signals through advanced radio fingerprinting techniques. The analysis focuses on key signal processing features, including Doppler shifts, Frequency-Locked Loop (FLL), Delay-Locked Loop (DLL), Phase-Locked Loop (PLL), and carrier-to-noise density ratio (C/N_0), to enhance the capability of differentiating between genuine and spoofed signals.
The research employs a NovAtel GNSS antenna at Tampere University to capture authentic satellite signals, while spoofed signals are generated using the GSG-6 Spectracom simulator. The study is specifically focused on the GPS L1 and Galileo E1 frequency bands and explores various spoofing scenarios, including static and dynamic receiver conditions, true and false spoofer positions, and the presence or absence of multipath effects. Unlike previous studies that address multiple attack types, this thesis narrows its scope to asynchronous spoofing under diverse configurations, providing a more focused and detailed analysis that can enable better RF fingerprinting studies than with the existing datasets in the current literature. All signal recordings are conducted at a high sampling frequency of 50 MHz using a USRP NI-2954 software-defined radio, ensuring precision and data integrity throughout the experiments. The main reason of using a high sampling rate has been to capture better the RF features, as well as to allow a high-enough bandwidth encompassing both E1/L1 and E5a/L5 bands.
The results demonstrate the successful generation of spoofing datasets which can be used in future to validate the effectiveness of radio fingerprinting for feature-based signal differentiation. By utilizing the FGI-GSRx software receiver for detailed analysis, this research provides a comprehensive assessment of the impact of spoofing on signal characteristics, offering critical insights for improving spoofing detection and mitigation techniques. The inclusion of Spectracom scenario files and detailed readme files ensures that researchers can replicate the experiments and validate their algorithms, thereby enhancing the reliability and applicability of the findings. The soon-to-be-made publicly available datasets and accompanying resources serve as a vital tool for the GNSS research community, enabling the development of more robust countermeasures against evolving spoofing threats. This thesis does not only contributes to the theoretical understanding of GNSS spoofing mechanisms but it provides practical tools and methodologies to enhance the security and resilience of GNSS-dependent systems in the face of increasingly sophisticated attacks.
The research employs a NovAtel GNSS antenna at Tampere University to capture authentic satellite signals, while spoofed signals are generated using the GSG-6 Spectracom simulator. The study is specifically focused on the GPS L1 and Galileo E1 frequency bands and explores various spoofing scenarios, including static and dynamic receiver conditions, true and false spoofer positions, and the presence or absence of multipath effects. Unlike previous studies that address multiple attack types, this thesis narrows its scope to asynchronous spoofing under diverse configurations, providing a more focused and detailed analysis that can enable better RF fingerprinting studies than with the existing datasets in the current literature. All signal recordings are conducted at a high sampling frequency of 50 MHz using a USRP NI-2954 software-defined radio, ensuring precision and data integrity throughout the experiments. The main reason of using a high sampling rate has been to capture better the RF features, as well as to allow a high-enough bandwidth encompassing both E1/L1 and E5a/L5 bands.
The results demonstrate the successful generation of spoofing datasets which can be used in future to validate the effectiveness of radio fingerprinting for feature-based signal differentiation. By utilizing the FGI-GSRx software receiver for detailed analysis, this research provides a comprehensive assessment of the impact of spoofing on signal characteristics, offering critical insights for improving spoofing detection and mitigation techniques. The inclusion of Spectracom scenario files and detailed readme files ensures that researchers can replicate the experiments and validate their algorithms, thereby enhancing the reliability and applicability of the findings. The soon-to-be-made publicly available datasets and accompanying resources serve as a vital tool for the GNSS research community, enabling the development of more robust countermeasures against evolving spoofing threats. This thesis does not only contributes to the theoretical understanding of GNSS spoofing mechanisms but it provides practical tools and methodologies to enhance the security and resilience of GNSS-dependent systems in the face of increasingly sophisticated attacks.