• Journal of Positioning, Navigation, and Timing
• /
• 제12권2호
• /
• pp.101-111
• /
• 2023

Many spoofing detection studies have been conducted to cope with the most difficult types of deception among various disturbances of GPS, such as jamming, spoofing, and meaconing. In this paper, we propose a spoofing detection scheme based on elevation masked-relative received power between GPS L1 and L2 signals in a system using a multi-band array antenna. The proposed scheme focuses on enabling spoofing to be normally detected and minimizes the possibility of false detection in an environment where false alarms may occur due to pattern distortion among elements of an array antenna. The pattern distortion weakens the GPS signal strength at low elevation. It becomes confusing to detect a spoofing signal based on the relative power difference between GPS L1 and L2, especially when GPS L2 has weak signal strength. We propose design parameters for the relative power threshold including beamforming gain, the minimum received power difference between L1 and L2, and the patch antenna gain difference between L1 and L2. In addition, in order to eliminate the weak signal strength of GPS L2 in the spoofing detection process, we propose a rotation matrix that sets the elevation mask based on platform coordinates. Array antennas generally do not have high usefulness in commercial areas where receivers are operated alone, but are considered essential in military areas where GPS receivers are used together with signal processing for beamforming in the direction of GPS satellites. Through laboratory and live sky tests using the device under test, the proposed scheme with an elevation mask detects spoofing signals well and reduces the probability of false detection relative to that without the elevation mask.

• Journal of Positioning, Navigation, and Timing
• /
• 제11권3호
• /
• pp.173-179
• /
• 2022

The satellite navigation deception technology disturbs the navigation solution of the receiver by generating a deceptive signal simulating the actual satellite for the satellite navigation receiver mounted on the unmanned aerial vehicle, which is the target of deception. A single spoofing technique that creates a single deceptive position and velocity can be divided into a synchronized spoofing signal that matches the code delay, Doppler frequency, and navigation message with the real satellite and an unsynchronized spoofing signal that does not match. In order to generate a signal synchronized with a satellite signal, a very sophisticated and high precision signal generation technology is required. In addition, the current position and speed of the UAV equipped with the receiver must be accurately detected in real time. Considering the detection accuracy of the current radar technology that detects small UAVs, it is difficult to detect UAVs with an accuracy of less than one chip. In this paper, we assume the asynchrony of a single spoofing signal and propose a region defense technique using multiple spoofing signals.

• Journal of Positioning, Navigation, and Timing
• /
• 제10권3호
• /
• pp.169-177
• /
• 2021

In this paper, we propose a novel global navigation satellite system (GNSS) spoofing detection technique through an array antenna-based direction of arrival (DoA) estimation of satellite and spoofer. Specifically, we consider a sophisticated GNSS spoofing attack scenario where the spoofer can accurately mimic the multiple pseudo-random number (PRN) signals since the spoofer has its own GNSS receiver and knows the location of the target receiver in advance. The target GNSS receiver precisely estimates the DoA of all PRN signals using compressed sensing-based orthogonal matching pursuit (OMP) even with a small number of samples, and it performs spoofing detection from the DoA estimation results of all PRN signals. In addition, considering the initial situation of a sophisticated spoofing attack scenario, we designed the algorithm to have high spoofing detection performance regardless of the relative spoofing signal power. Therefore, we do not consider the assumption in which the power of the spoofing signal is about 3 dB greater than that of the authentic signal. Then, we introduce design parameters to get high true detection probability and low false alarm probability in tandem by considering the condition for the presence of signal sources and the proximity of the DoA between authentic signals. Through computer simulations, we compare the DoA estimation performance between the conventional signal direction estimation method and the OMP algorithm in few samples. Finally, we show in the sophisticated spoofing attack scenario that the proposed spoofing detection technique using OMP-based estimated DoA of all PRN signals outperforms the conventional spoofing detection scheme in terms of true detection and false alarm probability.

• Journal of Positioning, Navigation, and Timing
• /
• 제5권3호
• /
• pp.137-144
• /
• 2016

In this paper, the performance of ranging measurement, which is generated using two receiver clock offsets in one receiver, was analyzed. A spoofer transmits a counterfeited spoofing signal which is similar to the GPS signal with hostile purposes, so the same tracking technique can be applied to the spoofing signal. The multi-correlator can generate two receiver clock offsets in one receiver. The difference between these two clock offsets consists of the path length from the spoofer to the receiver and the delay of spoofer system. Thus, in this paper, the ranging measurement was evaluated by the spoofer localization performance based on the time-of-arrival (TOA) technique. The results of simulation and real-world experiments show that the position and the system clock offset of the spoofer could be estimated successfully.

• 한국전자통신학회논문지
• /
• 제19권1호
• /
• pp.309-316
• /
• 2024

얼굴 인식 기술은 다양한 분야에서 활용되고 있지만, 이는 사진 스푸핑과 같은 위조 공격에 취약하다는 문제를 가지고 있다. 이를 극복하기 위한 여러 연구가 진행되고 있지만, 대부분은 멀티모달 카메라와 같은 특별한 장비를 장착하거나 고성능 환경에서 동작하는 것을 전제로 하고 있다. 본 연구는 얼굴 인식 위조 공격 문제를 해결하기 위해, 특별한 장비 없이 일반적인 웹캠에서 동작할 수 있는 LH-FAS v2를 제안한다. 제안된 방법에서는, 머리 자세 추정에는 FSA-Net을, 얼굴 식별에는 ArcFace를 활용하여 사진 스푸핑 여부를 판별한다. 실험을 위해, 사진 스푸핑 공격 비디오로 구성된 VD4PS 데이터셋을 제시하였으며, 이를 통해 LH-FAS v2의 균형 잡힌 정확도와 속도를 확인하였다. 본 방법은 향후 사진 스푸핑 방어에 효과적일 것으로 기대한다.

• International Journal of Computer Science & Network Security
• /
• 제24권8호
• /
• pp.174-178
• /
• 2024

IoT is collection of different "things" which are associated with open web. As all the things are connected to the Internet, it offers convenience to end users for accessing the resources from "Any Where, Any Time" throughout the globe. At the same time, open nature of IoT provides a fertile ground to an intruder for launching different security related threats. If we can no apply proper security safeguards to the IoT System, then it will be not useful to society. Authentication, Encryption, Trust Management and Secure Routing are different domains to offer security in IoT system. Among them, Authentication is very much important security service as it validates device identity before granting access to system services/ resources. Existing IoT Authentication algorithms are fail to verify device identity in unambiguous way. They are vulnerable to different security threats such as Key Stolen threat, MITM threat and Location Spoofing threat. So, it is a demand of time to design an efficient and secure Multi-factor IoT algorithm which can offer better security and validate device identity in unambiguous way.

• 대한전자공학회:학술대회논문집
• /
• 대한전자공학회 1999년도 추계종합학술대회 논문집
• /
• pp.89-92
• /
• 1999

This paper describes on the threats such as IP spoofing, denial of service, and ILMI based attack etc. for IP over ATM network. Especially we discuss on the threats due to ATM characteristics that are VC stealing, multiparty and multi-connection call. Also we investigate on the threats of ATM based MPLS network. Finally we discuss and suggest the various solutions of ATM security.

• 정보보호학회논문지
• /
• 제13권4호
• /
• pp.3-11
• /
• 2003

네트워크 및 호스트의 자원을 낭비하는 DOS(Denial of Service) 및 여러 형태의 연결형/비연결형 공격은 전체 네트워크의 성능을 감소시키므로 공격 호스트를 검출하여 제거하는 일은 매우 중요한 요소이다. 공격 호스트를 검출하기 위한 효율적인 방법 중의 하나가 역추적시스템이나, 지금까지 구현된 역추적 시스템은 라우터의 동작 또는 로그 데이터 저장 및 분석에 따라 오버헤드를 야기 시키는 단점이 있다. 그러므로 본 논문에서는 라우터 및 관리자의 동작을 요구하지 않으며, 많은 양의 로그 데이터를 필요로 하지 않는 역추적 시스템을 제안하고 구현하였다. 구현된 시스템은 역추적 서버와 역추적 에이전트로 구성된다. 서버에서 스니핑과 스푸핑 기법을 이용하여 특정 패킷을 전송하면 각 네트워크에 존재하는 에이전트에서 그 패킷을 검출함으로서 근원지 호스트까지의 연결 경로 정보를 획득하여 역추적 서버로 하여금 공격 호스트를 검출할 수 있도록 한다.

• Journal of Positioning, Navigation, and Timing
• /
• 제9권2호
• /
• pp.99-115
• /
• 2020

Since GNSS is easily affected by jamming and/or spoofing, alternative navigation systems can be operated as backup system to prepare for outage of GNSS. Alternative navigation systems are being researched over the world, and a multi-radio integrated navigation system using alternative navigation systems such as KNSS, eLoran, Loran-C, DME, VOR has been researched in Korea. Least Square or Kalman filter can be used to estimate navigation parameters in the navigation system. A large number of measurements of the Kalman filter may lead to heavy computational load. The decentralized Kalman filter and the federated Kalman filter were proposed to handle this problem. In this paper, the decentralized Kalman filter and the federated Kalman filter are designed for the multi-radio integrated navigation system and the performance evaluation result are presented. The decentralized Kalman filter and the federated Kalman filter consists of local filters and a master filter. The navigation parameter is estimated by local filters and master filter compensates navigation parameter from the local filters. Characteristics of three Kalman filters for a linear system and nonlinear system are investigated, and the performance evaluation results of the three Kalman filters for multi-radio integrated navigation system are compared.

• 한국정보통신학회논문지
• /
• 제15권9호
• /
• pp.1947-1954
• /
• 2011

널리 사용되고 있는 윈도우 운영체제의 보안 취약성으로 인한 다양한 형태의 공격에 의한 침입, 자료 유출 및 무단 변조 등의 문제점이 발생되고 있다. 본 논문에서는 윈도우 운영체제의 커널 수준에서 허가되지 않은 사용과 침입을 차단하고, 프로세스 메모리에 대한 접근을 강제적으로 제어할 수 있는 다중등급보안(Multi Level Security) 시스템을 구현하였다. 신뢰성 컴퓨터 시스템 평가기준(TCSEC)의 B1 등급에서 요구하는 대부분의 기능을 윈도우 운영체제 커널에 구현하였으며, 이를 확장하여 주요 프로세스의 메모리에 대한 변조를 차단하기 위한 기능을 보안 커널에 추가하였다.