• Journal of Positioning, Navigation, and Timing
• /
• v.12 no.2
• /
• pp.101-111
• /
• 2023

Many spoofing detection studies have been conducted to cope with the most difficult types of deception among various disturbances of GPS, such as jamming, spoofing, and meaconing. In this paper, we propose a spoofing detection scheme based on elevation masked-relative received power between GPS L1 and L2 signals in a system using a multi-band array antenna. The proposed scheme focuses on enabling spoofing to be normally detected and minimizes the possibility of false detection in an environment where false alarms may occur due to pattern distortion among elements of an array antenna. The pattern distortion weakens the GPS signal strength at low elevation. It becomes confusing to detect a spoofing signal based on the relative power difference between GPS L1 and L2, especially when GPS L2 has weak signal strength. We propose design parameters for the relative power threshold including beamforming gain, the minimum received power difference between L1 and L2, and the patch antenna gain difference between L1 and L2. In addition, in order to eliminate the weak signal strength of GPS L2 in the spoofing detection process, we propose a rotation matrix that sets the elevation mask based on platform coordinates. Array antennas generally do not have high usefulness in commercial areas where receivers are operated alone, but are considered essential in military areas where GPS receivers are used together with signal processing for beamforming in the direction of GPS satellites. Through laboratory and live sky tests using the device under test, the proposed scheme with an elevation mask detects spoofing signals well and reduces the probability of false detection relative to that without the elevation mask.

• Journal of Positioning, Navigation, and Timing
• /
• v.11 no.3
• /
• pp.173-179
• /
• 2022

The satellite navigation deception technology disturbs the navigation solution of the receiver by generating a deceptive signal simulating the actual satellite for the satellite navigation receiver mounted on the unmanned aerial vehicle, which is the target of deception. A single spoofing technique that creates a single deceptive position and velocity can be divided into a synchronized spoofing signal that matches the code delay, Doppler frequency, and navigation message with the real satellite and an unsynchronized spoofing signal that does not match. In order to generate a signal synchronized with a satellite signal, a very sophisticated and high precision signal generation technology is required. In addition, the current position and speed of the UAV equipped with the receiver must be accurately detected in real time. Considering the detection accuracy of the current radar technology that detects small UAVs, it is difficult to detect UAVs with an accuracy of less than one chip. In this paper, we assume the asynchrony of a single spoofing signal and propose a region defense technique using multiple spoofing signals.

• Journal of Positioning, Navigation, and Timing
• /
• v.10 no.3
• /
• pp.169-177
• /
• 2021

In this paper, we propose a novel global navigation satellite system (GNSS) spoofing detection technique through an array antenna-based direction of arrival (DoA) estimation of satellite and spoofer. Specifically, we consider a sophisticated GNSS spoofing attack scenario where the spoofer can accurately mimic the multiple pseudo-random number (PRN) signals since the spoofer has its own GNSS receiver and knows the location of the target receiver in advance. The target GNSS receiver precisely estimates the DoA of all PRN signals using compressed sensing-based orthogonal matching pursuit (OMP) even with a small number of samples, and it performs spoofing detection from the DoA estimation results of all PRN signals. In addition, considering the initial situation of a sophisticated spoofing attack scenario, we designed the algorithm to have high spoofing detection performance regardless of the relative spoofing signal power. Therefore, we do not consider the assumption in which the power of the spoofing signal is about 3 dB greater than that of the authentic signal. Then, we introduce design parameters to get high true detection probability and low false alarm probability in tandem by considering the condition for the presence of signal sources and the proximity of the DoA between authentic signals. Through computer simulations, we compare the DoA estimation performance between the conventional signal direction estimation method and the OMP algorithm in few samples. Finally, we show in the sophisticated spoofing attack scenario that the proposed spoofing detection technique using OMP-based estimated DoA of all PRN signals outperforms the conventional spoofing detection scheme in terms of true detection and false alarm probability.

• Journal of Positioning, Navigation, and Timing
• /
• v.5 no.3
• /
• pp.137-144
• /
• 2016

In this paper, the performance of ranging measurement, which is generated using two receiver clock offsets in one receiver, was analyzed. A spoofer transmits a counterfeited spoofing signal which is similar to the GPS signal with hostile purposes, so the same tracking technique can be applied to the spoofing signal. The multi-correlator can generate two receiver clock offsets in one receiver. The difference between these two clock offsets consists of the path length from the spoofer to the receiver and the delay of spoofer system. Thus, in this paper, the ranging measurement was evaluated by the spoofer localization performance based on the time-of-arrival (TOA) technique. The results of simulation and real-world experiments show that the position and the system clock offset of the spoofer could be estimated successfully.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.19 no.1
• /
• pp.309-316
• /
• 2024

Facial recognition technology is widely used in various fields but faces challenges due to its vulnerability to fraudulent activities such as photo spoofing. Extensive research has been conducted to overcome this challenge. Most of them, however, require the use of specialized equipment like multi-modal cameras or operation in high-performance environments. In this paper, we introduce LH-FAS v2 (: Lightweight Head-pose-based Face Anti-Spoofing v2), a system designed to operate on a commercial webcam without any specialized equipment, to address the issue of facial recognition spoofing. LH-FAS v2 utilizes FSA-Net for head pose estimation and ArcFace for facial recognition, effectively assessing changes in head pose and verifying facial identity. We developed the VD4PS dataset, incorporating photo spoofing scenarios to evaluate the model's performance. The experimental results show the model's balanced accuracy and speed, indicating that head pose estimation-based facial anti-spoofing technology can be effectively used to counteract photo spoofing.

• Proceedings of the IEEK Conference
• /
• 1999.11a
• /
• pp.89-92
• /
• 1999

This paper describes on the threats such as IP spoofing, denial of service, and ILMI based attack etc. for IP over ATM network. Especially we discuss on the threats due to ATM characteristics that are VC stealing, multiparty and multi-connection call. Also we investigate on the threats of ATM based MPLS network. Finally we discuss and suggest the various solutions of ATM security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.4
• /
• pp.3-11
• /
• 2003

It is very important to detect and remove original sources of various attacks through networks. One of the effective method to detect the sources is traceback systems. In this paper, we design and implement an agent-based traceback system that does not require the reaction of routers and administrators and does not need numerous log data. In the design, we introduce a traceback server and traceback agents in each network Using sniffing and spoofing, the server transmits a packet with a specific message. The agents detect the packet and provide the information for the server to trace back the original source.

• Journal of Positioning, Navigation, and Timing
• /
• v.9 no.2
• /
• pp.99-115
• /
• 2020

Since GNSS is easily affected by jamming and/or spoofing, alternative navigation systems can be operated as backup system to prepare for outage of GNSS. Alternative navigation systems are being researched over the world, and a multi-radio integrated navigation system using alternative navigation systems such as KNSS, eLoran, Loran-C, DME, VOR has been researched in Korea. Least Square or Kalman filter can be used to estimate navigation parameters in the navigation system. A large number of measurements of the Kalman filter may lead to heavy computational load. The decentralized Kalman filter and the federated Kalman filter were proposed to handle this problem. In this paper, the decentralized Kalman filter and the federated Kalman filter are designed for the multi-radio integrated navigation system and the performance evaluation result are presented. The decentralized Kalman filter and the federated Kalman filter consists of local filters and a master filter. The navigation parameter is estimated by local filters and master filter compensates navigation parameter from the local filters. Characteristics of three Kalman filters for a linear system and nonlinear system are investigated, and the performance evaluation results of the three Kalman filters for multi-radio integrated navigation system are compared.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.9
• /
• pp.1947-1954
• /
• 2011

There are various attacks such as tampering, bypassing and spoofing which are caused with system-wide vulnerabilities of Windows operating system. The underlying operating system is responsible for protecting application-space mechanisms against such attacks. This paper provides the implementation of mandatory access control known as multi-level security (MLS) rating with TCSEC-B1 level on th kernel of Windows$^{TM}$. By adding especially the protection feature against tampering memory of processes to the security kernel, this implementation meets the responsibility against system-wide vulnerabilities.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.12
• /
• pp.5529-5552
• /
• 2016

Mobile cloud computing (MCC) has revolutionized the way in which the services can be obtained from the cloud service providers. Manifold increase in the number of mobile devices and subscribers in MCC has further enhanced the need of an efficient and robust authentication solution. Earlier, the subscribers could get cloud-computing services from the cloud service providers only after having consulted the trusted third party. Recently, Tsai and Lo has proposed a multi-server authenticated key agreement solution for MCC based on bilinear pairing, to eliminate the trusted third party for mutual authentication. The scheme has been novel as far as the minimization of trusted party involvement in authenticating the user and service provider, is concerned. However, the Tsai and Lo scheme has been found vulnerable to server spoofing attack (misrepresentation attack), de-synchronization attack and denial-of-service attack, which renders the scheme unsuitable for practical deployment in different wireless mobile access networks. Therefore, we have proposed an improved model based on bilinear pairing, countering the identified threats posed to Tsai and Lo scheme. Besides, the proposed work also demonstrates performance evaluation and formal security analysis.