2 min read

New Research on GPS Reveals Major DoS Vulnerability

Bogdan BOTEZATU

December 11, 2012

New Research on GPS Reveals Major DoS Vulnerability

In a world where global positioning is key in a wide range of critical operations such as missile launches, space missions, or rescue operations, attacks against the GPS system can have unforeseen consequences.

In a joint paper, security researchers from the Carnegie Mellon University and GPS specialists from Coherent Navigation have described new attack mechanisms that can paralyze GPS devices and take them out of order.

Since the GPS positioning systems rely on radio waves to communicate with satellites, they are known to be vulnerable to jamming (by sending strong white noise to mask the satellite signal) or to spoofing (receiving forged signals that result in mapping a bogus location). New research however shows that sending specific signals can cause the GPS receiver to lock or malfunction, taking it completely out of business.

To achieve the denial of service condition, researchers spoofed the signal a satellite usually sends, but, rather than encoding the position of the satellite on the orbit, they made it look as if the satellite was located in the center of the Earth. The wrong satellite position caused an exception in the GPS software that leads to restarts. Since the distance between the satellite and the Earth rarely changes, the information becomes persistant in the device`s memory, which results in endless reboots.

Our surface includes higher level GPS protocol messages than previous work, as well as the GPS OS and downstream dependent systems. We develop a new hardware platform for GPS attacks, and develop novel attacks against GPS infrastructure,“ wrote the researchers in the paper. “For example, we show that remote attacks via malicious GPS broadcasts are capable of bringing down up to 30% and 20% of the global CORS navigation and NTRIP networks, respectively, using hardware that costs about the same as a laptop“.

Fortunately, satellites send data for civillian and military GPS devices differently. Since military signals are encrypted and validation is performed before decoding, no military devices are subject to this type of attacks.

tags


Author



Right now

Top posts

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Google Fixes Five High-Severity Flaws in Chrome 92 for Windows, Mac and Linux Google Fixes Five High-Severity Flaws in Chrome 92 for Windows, Mac and Linux
Filip TRUȚĂ

August 05, 2021

1 min read
Google Drops All Support for Android 2.3.7 and Older Google Drops All Support for Android 2.3.7 and Older
Silviu STAHIE

August 04, 2021

1 min read
A Heads-Up on Stalkerware, the Wolf Software in Sheep’s Clothing A Heads-Up on Stalkerware, the Wolf Software in Sheep’s Clothing
Silviu STAHIE

August 03, 2021

4 min read