Gaping holes discovered in global GPS – SC Magazine

The researchers said an Electronic GPS Attack Detection System (EGADS) should be deployed, which could flag the noted data-level attacks, and an Electronic GPS Whitening System (EGWS) which could re-broadcast a "whitened signal" to otherwise vulnerable receivers.

The researchers said their work differed from existing GPS jamming and spoofing attacks because it detailed a larger attack surface "by viewing GPS as a computer system." This included analysis of GPS protocol messages and operating systems, the GPS software stack and how errors affect dependent systems.

via Gaping holes discovered in global GPS – SC Magazine.

Paper: “GPS Software Attacks”, CMU, Tyler Nighswander et al., Computer and Communications Security 2012 [pdf]

Researchers at CMU found gaping security holes affecting a large percentage of GPS receivers that could be launched using just $2,500 worth of equipment. One interesting aspect of this work is that they viewed GPS as a computer system (as opposed to as a signal processing problem), and they were able to find vulnerabilities via division-by-zero, integer overflow, unsanitized user input, blank passwords, and more.

Leave a Reply