Researchers show how to manipulate road navigation systems with low-cost devices
19.7.18 securityaffairs Mobil
Researchers have developed a tool that poses as GPS satellites to deceive nearby GPS receivers and manipulate road navigation systems.
Researchers have developed a tool that poses as GPS satellites to deceive nearby GPS receivers. The kit could be used to deceive receivers used by navigation systems and suggest drivers the wrong direction.
“we explore the feasibility of a stealthy manipulation attack against road navigation systems. The goal is to trigger the fake turn-by-turn navigation to guide the victim to a wrong destination without being noticed.” reads the research paper published by the experts.
“Our key idea is to slightly shift the GPS location so that the fake navigation route matches the shape of the actual roads and trigger physically possible instructions.”
The group of researchers is composed of three teams from Microsoft, Virginia Tech in the US, and the University of Electronic Science and Technology of China.
The boffins were able to spoof packets transmitted by satellites to mobile devices and navigation systems used in the automotive industry.
The tests conducted by experts allowed to remotely change the routes with up to 95 per cent accuracy. The researchers built a radio-transmitting device based on Raspberry Pi, they used just $223 of components.
The radio transmitting device broadcasts fake location data and makes it impossible for the receivers to have the real positioning data from the satellite.
In a Real attack scenario, the device could be used to deceive navigation systems in cars.
“We show that adversaries can build a portable spoofer with low costs (about $223), which can easily penetrate the car body to take control of the GPS navigation system.” continues the paper.
“Our measurement shows that effective spoofing range is 40–50 meters and the target device can consistently latch onto the false signals without losing connections,”
In order to make the attack stealth the researchers experimented with stashing the spoofing device in the trunk of a car or under the back seat.
They were able to add new route details via a cellular network connection without following the target.
In a test in field conducted in a Chinese parking lot, the researchers deceived a navigation system in 48 seconds by hiding the device in the truck, while if it was under the seat, it took just 38 seconds.
The expert used data from OpenStreetMap to construct routes the target.
“Compared to spoofing a drone or a ship, there are unique challenges to manipulate the road navigation systems. First, road navigation attack has strict geographical constraints. It is far more challenging to perform GPS spoofing attacks in real-time while coping with road maps and vehicle speed limits.” continues the paper.
“In addition, human drivers are in the loop of the attack, which makes a stealthy attack necessary.”
Experts highlighted that the spoofing attacks could be very effective, 40 volunteer drivers involved in a trial found that 95 per cent of the time the attackers were able to trick the targets into following the fake routes.
Such kind of attacks could be particularly dangerous especially when dealing with self-driving cars and trucks.
Researchers provided also countermeasures to prevent the attacks such as the use of encrypted data also for civilian GPS signals.