Authenticated time for detecting GNSS attacks

TL;DR

This paper proposes a secure, efficient method to authenticate and cross-validate GNSS time using Wi-Fi infrastructure and Network Time Security, enhancing attack detection with minimal overhead.

Contribution

It introduces a novel framework combining Wi-Fi-based secure time broadcasting with NTS for robust GNSS attack detection in mobile scenarios.

Findings

Achieves secure time validation with minimal computational overhead.

Demonstrates effective detection of GNSS data manipulation.

Ensures resilience even with intermittent connectivity.

Abstract

Information cross-validation can be a powerful tool to detect manipulated, dubious GNSS data. A promising approach is to leverage time obtained over networks a mobile device can connect to, and detect discrepancies between the GNSS-provided time and the network time. The challenge lies in having reliably both accurate and trustworthy network time as the basis for the GNSS attack detection. Here, we provide a concrete proposal that leverages, together with the network time servers, the nearly ubiquitous IEEE 802.11 (Wi-Fi) infrastructure. Our framework supports application-layer, secure and robust real time broadcasting by Wi-Fi Access Points (APs), based on hash chains and infrequent digital signatures verification to minimize computational and communication overhead, allowing mobile nodes to efficiently obtain authenticated and rich time information as they roam. We pair this method with Network Time Security (NTS), for enhanced resilience through multiple sources, available, ideally, simultaneously. We analyze the performance of our scheme in a dedicated setup, gauging the overhead for authenticated time data (Wi-Fi timestamped beacons and NTS). The results show that it is possible to provide security for the external to GNSS time sources, with minimal overhead for authentication and integrity, even when the GNSS-equipped nodes are mobile, and thus have short interactions with the Wi-Fi infrastructure and possibly intermittent Internet connectivity, as well as limited resources.