Abstract
Spoofing intrusions pose a major threat to user security by delivering incorrect information. The detection rate of existing signal quality monitoring (SQM) metrics notably decreases when faced with numerous specific combinations of code phases and carrier phases in spoofing signal instances. To increase the detection rate and coverage, we exploit the offset detection capability of different correlators and propose metrics: multipoint slope differential (MuSD) and multipoint slope differential averaging (MuSDA). In addition, this paper proposes a Weighted Moving Average Bias Correction (WMA-BC) algorithm for metric post-processing. Comparative experiments with Moving Average (MA) and Moving Variance (MV) based SQM methods demonstrate that the WMA-BC algorithm achieves substantial advantages in Detection Rate enhancement and significantly improves the Area Under Curve (AUC) of the Receiver Operating Characteristic (ROC). In experiments with different code and carrier phase offsets, the detection coverage of the MuSD and MuSDA metrics reached 96.1% and 95.8%, respectively, which are much greater than those of other metrics. From the detection rates obtained in seven spoofing intrusion experiments based on the Texas Spoofing Test Battery (TEXBAT) dataset collected at the University of Texas, the proposed MuSDA and MuSD metrics outperform other metrics by approximately 11% to 97%.
Keywords: Spoofing intrusions, Detection rate, Detection Coverage, ROC, TEXBAT
Subject terms: Aerospace engineering, Electrical and electronic engineering
Introduction
Global navigation satellite systems (GNSS) provide navigation, positioning, and timing functions, offering all-weather, three-dimensional coordinates, velocities, and times to a wide range of users1. Since GNSS civil signals are publicly available2, attackers can create GNSS signals containing erroneous data according to the interface control document of the navigation system3; in this case, receivers obtain erroneous information and thus resolve erroneous positions, velocities, and times, posing a threat to user security4. Therefore, spoofing detection of GNSS signals is important for user safety.
GNSS spoofing attacks can be classified as synchronous spoofing or asynchronous spoofing based on their intrusion characteristics. In synchronous spoofing attacks, the code phase and carrier phase are synchronized with the authentic signal, and the signal power is greater than that of the authentic signal5,6. Synchronous spoofing attacks are more difficult to monitor and more covert than asynchronous spoofing attacks7. In asynchronous spoofing attacks, the code and carrier phases of the signal are not synchronized with the authentic signal at all times, and the receiver may lose lock; thus, asynchronous spoofing attacks are easier to discover8.
To resist synchronization spoofing, a variety of technical studies have been conducted in the GNSS community. Existing research on synchronized spoofing attacks has focused on spoofing monitoring and mitigation techniques9, which can be broadly classified into three categories. The first category is radio-frequency (RF) front-end processing methods based on antenna arrays. In this type of method, spoofing attacks are detected based on the arrival direction of the antenna array10,11; While antenna array techniques exploiting DOAs or spatial signatures can offer enhanced detection sensitivity and resilience in principle12, particularly against single-source spoofing, their practical effectiveness is limited by the calibration and attitude estimation challenges. More fundamentally, multi-antenna approaches typically possess a theoretical performance advantage over single-antenna methods due to their direct access to spatial discriminants. For instance, arrays can potentially discriminate authentic and spoofing signals arriving from distinct directions with high resolution under ideal conditions13. However, achieving this ideal performance requires overcoming the significant non-idealities and complexities outlined earlier, including accurate calibration and platform attitude knowledge, which impose substantial barriers for cost-sensitive, low-power civilian applications where computational and hardware constraints are paramount. The second category is based on baseband signal processing, such as signal quality monitoring (SQM) techniques using early (E), prompt (P), and late (L) correlators to identify autocorrelation function (ACF) symmetry anomalies or distortions14–16. The third category includes postprocessing techniques based on monitoring pseudorange measurements17, satellite clock offsets18.
Among the above spoofing monitoring approaches, baseband signal processing-based methods have received considerable attention from many researchers due to their simplicity, efficiency, and lack of dependence on external hardware, and SQM techniques have been applied to assess spoofing characteristics19. Phelts first used delta metrics to assess the symmetry of ACF peaks and detected the presence of aberrations at the top of the correlation peaks through ratio metrics20. Khan estimated the one-sided slope of the ACF by using an additional correlator to determine if there was a spoofing signal based on the slope metric compared to the expected value21. Subsequent researchers have improved spoofing detection performance by increasing the number of correlators and introducing the double delta metric22. The delta and ratio metrics have a higher detection rate only if the phase difference between the spoofed signal and the authentic signal is large. Double delta and double slope metrics perform better than delta and slope metrics with a double correlator, but they do not eliminate the defects of delta and slope metrics that are not able to detect synchronous spoofing efficiently, while the ratio also has limitations because it mainly monitors the distortion at the top of the correlation peaks. Mubarak and Dempster first applied the early-late phase (ELP) of the correlator outputs for multipath detection and spoofing signal identification. Moreover, although the ELP metric can detect small code phase differences, the detection performance is considerably reduced when the spoofed signal carrier phase is close to an integer multiple of the true signal phase, and the spoofed signal detection rate of this metric is approximately zero23,24. Wesson, Wang, and Sun conducted experiments using the publicly available Texas Spoofing Test Battery (TEXBAT) dataset from the University of Texas25–27.
The metric data can be distorted by Gaussian white noise, spoofing intrusions, multipath and so on. Postprocessing of metric data can improve data quality and enhance metric accuracy. However, existing research has paid inadequate attention to data post-processing components. A notable exception is Sun et al.’s Moving Variance (MV) algorithm, which enhances SQM metric performance through specialized metric data processing14.
SQM metrics offer a lightweight and theoretically sound method for forgery detection, but recent research has explored machine learning-based techniques28. For example, Zhu et al.29 used Support Vector Machines (SVM) to analyze seven different features derived from SQM metrics, such as moving variance, moving averages of SQM values, and early-late stage relationships. Additionally, Chen30 proposed a machine learning-based multi-parameter analysis framework. However, these methods still exhibit limited performance in complex scenarios, achieving Receiver Operating Characteristic (ROC) curve areas under the curve (AUC) of only 0.82 and 0.76 in Cases 2 and 3 of the TEXBAT dataset, respectively. In contrast, our proposed algorithm achieved AUC scores of 1.0 and 0.998 in Cases 2 and 3 of the same dataset, demonstrating exceptional detection capabilities.
In terms of generative models, Asif Iqbal et al.31 introduced a VAE-GAN hybrid model for forgery detection and reported high detection rates (100%, 100%, and 90.71% for Cases 5–7, respectively). However, the associated false alarm rates were excessively high (16.58%, 14.13%, and 0%, respectively), making the method infeasible for safety–critical applications. In comparison, our method maintained detection rates of 99.9%, 98.8%, and 68.3% in the same cases. Although the detection rate in Case 7 was slightly lower, our method has an ultra-low false alarm rate (false alarm rate 
), which better aligns with the strict reliability requirements of avionics and IoT devices.
More importantly, deep learning methods typically rely on large training datasets and high computational costs, highlighting the unique advantage of SQM metric-based methods as a real-time and resource-efficient first line of defense. This study successfully bridges the gap between theoretical robustness and practical operational constraints while innovating SQM metrics, leading to significant performance improvements.
To increase the spoofing detection rate and detection coverage rate and to improve the performance of the metrics, we first propose the near point/midpoint/far point slope difference (NeSD/MiSD/FaSD) metrics based on advantages including the offset detection capability of different correlators, and we exploit their complementary properties to constitute the metrics multipoint slope differential (MuSD) and multipoint slope differential averaging (MuSDA) by logical union and the method of mean value difference, respectively. This study proposes a Weighted Moving Average with Bias Correction (WMA-BC) algorithm for post-processing SQM data. Through controlled comparative experiments with Moving Average (MA)-based and MV-based SQM methods, we particularly focus on their performance disparities in detection rate. Moreover, employing a controlled variable experimental design, we systematically evaluate the algorithm’s impact on Detection Coverage before and after implementation, with the AUC of ROC curves serving as the quantitative performance indicator. In addition, the MuSD and MuSDA performances are verified by simulation experiments with different code phase offsets and carrier phase offsets and TEXBAT real data experiments. Finally, the conclusions are summarized.
Signal model
During the signal tracking stage, a multicorrelator estimator can be used for spoofing signal detection. This section describes the received signal model and multicorrelator estimator model.
Received signal model
The received real satellite signal model can be expressed as8:
 |
1 |
where 
denote the authentic signals received at moment 
. 
denotes the authentic signal amplitude, and 
denotes the average received power. 
and 
denote the C/A codes and data codes of the authentic signals, respectively. The data code value is ± 1. 
is the initial phase of the carrier, 
is the propagation delay, 
is the carrier frequency.
denotes an interference signal. These can be spoofing signals or multipath signals that resemble the structure of the authentic signal. Multipath signals are similar to spoofing signals except that the code and carrier phases of the multipath signal do not have the expected correlation with the authentic signal. The model of a interference signal can be expressed as
 |
2 |
where 
and 
is the interference signal power. 
, 
and 
are the propagation delay, carrier frequency and initial phase of the interference signal, respectively.
Since the receiver is affected by various types of interference, spoofing signals have the greatest impact. The mathematical model of the received signal by the receiver, which includes the authentic signal, interference signal and noise, can be expressed as follows
 |
3 |
where 
is the additive Gaussian white noise with a power spectral density of 
.
Multicorrelator estimator model
Before performing the signal despreading, the receiver generates a local carrier and pseudo-code signal, which can be expressed as
 |
4 |
where 
denotes the delay of the local pseudocode. 
and 
denote the frequency and initial phase of the local carrier, respectively. 
, 
and 
denote the delay difference, frequency difference, and carrier phase difference between the local replica and the authentic signal, respectively. After carrier stripping, signal demodulation and correlation integral, the correlation coefficient (CC) can be expressed as (5). The relevant values for the correlation calculation are determined using (5).
 |
5 |
where 
is the predetection integration time (PIT). 
denotes the signal-to-noise ratio of the precheck bandwidth 
and 
is the sampling function 
. 
is the ACF, and 
. 
is the additive noise after the time integration at 
. 
is a complex signal, where 
and 
represent the noise in the in-phase (I) channel and the quadrature (Q) channel of the signal, respectively. The I-channel corresponds to the "in-phase" component of the signal. It is the part that is phase-aligned with the reference carrier signal. The Q-channel is the component that is phase-shifted by 90 degrees relative to the reference carrier signal, corresponding to the “quadrature” part of the signal.
 |
6 |
where 
and 
represent the real and imaginary parts respectively. Since the I-channel noise signal 
and the Q-channel noise signal 
are orthogonal, their noise samples follow a Gaussian distribution and are independent of each other32.
 |
7 |
Due to the circular symmetry of complex Gaussian noise, the in-phase and quadrature components exhibit identical statistical properties. Specifically, their average powers are equal (
) and they are statistically independent (7). Consequently, the covariance matrices satisfy:
 |
8 |
where 
is a Toeplitz matrix that can be written as
 |
9 |
The spoofing signal intrusion process includes four steps: a power increase (Fig. 1 (a)), the approach (Fig. 1 (b)), the deviation (Fig. 1 (c)), and locking (Fig. 1 (d)). First, the power of the spoofing signal increases more than that of the real satellite signal, and the receiver tracking loop is not impacted because the code phase offset 
is greater than 
. Then, when the code phase offset 
of the spoofing signal is less than 
, the tracking loop correlation value is affected, and the ACF slope changes. Second, the delayed phase-locked loop gradually deviates from the real satellite signal to track the spoofed signal. Finally, the phase-locked loop completely separates from the authentic signal and locks onto the spoofed signal.
Fig. 1.
The four subfigures represent the process of spoofing signal intrusion: (a) power increase; (b) approach; (c) deviation; (d) locking. The solid blue and black lines represent the real and spoofed signals, respectively, the red dashed line represents the receiver tracking signal, the yellow diamond represents the correlators, 0 is the center of the tracking signal, 
is the correlation integration time, and 
is the offset of the signal to the tracking signal.
Method
This section outlines the deception detection methodology proposed in this study. It discusses the traditional SQM metrics, as well as the MuSD and MuSDA metrics and their threshold calculation methods. Additionally, the computation process of the WMA-BC algorithm is also examined.
Spoofing detection process
The spoofing detection process (Fig. 2) follows a sequential workflow: First, the GNSS receiver demodulates the intermediate frequency (IF) signal. Then, multiple correlators process this signal to generate correlator outputs, which are used to calculate two key metrics—MuSDA and MuSD. These metrics undergo further processing through the WMA-BC algorithm for enhanced detection capability. Finally, the processed metric values 
are compared against thresholds 
for spoofing signals to determine whether the received signal is authentic or spoofed.
Fig. 2.
Flowchart of WMA-BC for GNSS spoofing detection.
Expressions of the monitoring metrics
Monitoring metrics utilize the correlator output parameter with different composition methods to detect spoofing signals. To understand the metrics, the statistical characteristics must be known. The mean value and noise variance of the metrics can be obtained through calculations, and differences in the signal-to-noise ratio, correlation integral time, and correlator positions can change the noise variance of the metrics. We considered six SQM metrics for comparison: the ELP, ratio, delta, double delta, slope, and double slope metrics. The detailed derivation of the noise variance of each metric is presented in the Appendix.
Table 1 summarizes the definitions and statistical characteristics of the SQM metrics. 
and 
are the values of the early/late correlator in the in-phase/quadrature correlators, where 
and 
are 0.5 and -0.5, respectively. 
denotes the output value of the maximum correlator; 
, 
, 
and 
are the output values of the additional correlators, where the negative sign represents early and no negative sign represents late, 
denotes the spacing between the correlators and the maximum correlator, and the numbers are used as identifiers. The unit of 
is chips.
Table 1.
Definitions and theoretical statistics of the SQM monitoring metrics.
| Metrics | Metric definition | Normal value | Variance |
|---|---|---|---|
| ELP |  |
0 |  |
| delta |  |
0 |  |
| double delta |  |
0 |  |
| ratio |  |
Depends on 
|
 |
| slope |  |
-1 |  |
| double slope |  |
0 |  |
MuSD and MuSDA metrics
This section describes the NeSD, MiSD, FaSD, MuSD, and MuSDA metrics. Correlators at different locations have distinct offset detection advantages. NeSD, MiSD, and FaSD have complementary properties because the correlators used are at specific locations. However, relying solely on the correlators used by NeSD, MiSD, or FaSD to obtain spoofing detection results is unreliable. MuSD and MuSDA effectively utilize all the different correlators used by NeSD, MiSD, and FaSD by aggregating slope information from correlators at different offsets. This method leverages this diversity to build a more comprehensive signal integrity profile, efficiently increasing the spoofing detection range and preventing, slope, ratio, and ELP from effectively detecting only significant changes at the top or both sides of the correlation peak.
The correlators needed to construct the metrics are shown in Fig. 3. The MiSD correlator 
chips, which is the 
correlator of the receiver, and 
chips, which is the prompt correlator of the receiver. The NeSD and MiSD correlators are located on either side of the 
correlator. The correlator spacing is 
, which is determined based on the offset detection advantages of using correlators at different locations.
Fig. 3.
Correlator locations for NeSD, MiSD, FaSD, MuSDA and MuSD. The blue dots indicate added correlators, and the red dots indicate the original E, L, P correlators of the receiver.
The 
correlator of NeSD is effective for monitoring the ACF near-point distortion by very small code phase difference spoofing and low power spoofing due to its proximity to the prompt correlator. The NeSD can be expressed as
 |
10 |
Intermediate code phase difference spoofing causes ACF distortion near the correlator, reducing the spoofing detection capability of NeSD for middle and far distortion points. MiSD utilizes the receiver’s original 
correlator to supplement the NeSD performance. The metric is defined as
 |
11 |
Due to correlation limitations, NeSD and MiSD have difficulty detecting small ACF distortions at far points. Thus, to prevent spoofing leakage detection, the far point correlator 
is deployed beyond the 
correlator, and the FaSD metric is defined as follows:
 |
12 |
MuSD is a joint decision metric that is not directly obtained by the correlators but is jointly determined by the NeSD, MiSD, and FaSD results through logical association operations. The MuSD metric is expressed as follows:
 |
13 |
where 
, 
, and 
are the NeSD, MiSD, and FaSD decision results, respectively.
The MuSDA metric is derived from the receiver’s E, L, and P correlators, as well as additional correlators, using the mean-value difference method, and the MuSDA metric is defined as
 |
14 |
MuSD and MuSDA use the same correlator and can therefore be used simultaneously to detect spoofing.
Theoretical thresholds and decision rules for metrics
The threshold for the metrics can be adaptively calculated based on the desired false alarm rate and the statistical characteristics. For satellite navigation signals, the hypothesis testing theory of signal processing is used to identify spoofing signals, with a null hypothesis 
indicating that no spoofing signal exists and an alternative hypothesis 
indicating that a spoofing signal exists. Assuming that the probability density function of the noise in the case of 
follows a normal distribution with mean 
and standard deviation 
, the false alarm rate 
is expressed as
 |
15 |
Assuming that 
 |
16 |
where 
is the complementary cumulative distribution function of the standard normal distribution and 
is the complementary error function. For all of the metrics, the threshold 
can be expressed as
 |
17 |
where 
is the inverse function of 
.
The false alarm rate can be flexibly adjusted according to the specific requirements of different application scenarios. For instance, high-risk scenarios may tolerate a slightly higher false alarm rate to ensure critical events are not missed, whereas low-risk applications require stricter control over the false alarm rate to avoid unnecessary disruptions.
Similarly, the detection rate can be expressed as
 |
18 |
In the spoofing monitoring process, the decision is divided based on the results of the comparison between the metric measurement and its threshold. The discriminant is as follows:
 |
19 |
If the metric measurements exceed the thresholds, there is a spoofing signal; otherwise, there is no spoofing signal.
Weighted moving average bias correction
Noise, spoofing signals and other interference sources all cause transient or short-term fluctuations in metric data. When the spoofed signal operates in the frequency unlocking mode, the relative carrier phases of the real and spoofed signals change over time, leading to significant oscillations in the monitoring metrics and causing unnecessary false alarms33. To reduce the influence of noise interference, we propose the weighted moving average bias correction algorithm, which can be applied to metric data. This approach considers recent data obtained over time, smooths the curve of the monitoring data, reduces the influence of random interference, and improves the robustness and detection performance of the metrics. This subsection describes the computational process and analyzes the simulation results obtained with this method. The traditional weighted moving average algorithm (WMA) expression is
 |
20 |
where 
and 
are the predicted values of the monitoring data at moments 
and 
, respectively.
is the measured value at moment 
, where 
represents the rate of the decay weights, and its expression is
 |
21 |
The moving window size in the WMA-BC algorithm is directly related to the receiver’s PIT, as 
represents the minimum time interval over which coherent signal accumulation occurs. Therefore, we set the window size equal to the PIT.
During the receiver’s operation, we adopt an adaptive PIT adjustment strategy based on the scene type to optimize system performance. This mechanism determines the current scene type (low-speed/static or dynamic) by analyzing the Doppler rate 
of change and dynamically adjusts the PIT. When the Doppler rate of change is less than or equal to 2 Hz/s, the system identifies the scene as low-speed/static, and the PIT is set to 10 ms to save computational resources and improve response speed. When the Doppler rate of change exceeds 2 Hz/s, the system identifies the scene as dynamic, and the PIT is adjusted to 100 ms to accommodate environments with large frequency fluctuations. The PIT can be expressed as:
 |
22 |
According to (20), we obtain the following expression:
 |
23 |
The WMA algorithm smooths ACF data by averaging past observations, giving more weight to recent data. While this reduces jitter, it can introduce bias due to small initial values. To address this, we propose the WMA-BC algorithm, which adds a bias correction step to reduce the discrepancy between smoothed and actual values, improving prediction accuracy. The WMA-BC algorithm is as follows:
 |
24 |
where 
is the weighted moving average bias correction, 
is the predicted weighted moving average.
Experimental results and discussion
Performance of the WMA-BC algorithm
To evaluate the performance of the WMA-BC algorithm, we conducted experiments on the TEXBAT dataset. In the TEXBAT dataset, Cases 2–8 are examples of synchronized spoofing intrusions, while Case 1 is an example of spoofing switching34.
In Case 2, the spoofed signal has a higher power (+ 10 dB) than does the authentic signal, and the spoofers operate in frequency-unlocked mode (the carrier phase difference between the spoofed and authentic signals is not fixed). Case 3 differs from Case 2 in that the spoofed signal operates in frequency-locked mode (the carrier phase difference between the spoofed and authentic signals is fixed), and the power is reduced from 10 dB to 1.3 dB.
We compared the spoofing detection rates of SQM metrics using WMA-BC, WMA, MA-based, and MV-based algorithms, as well as MuSDA and MuSD metrics in Case 2 (Fig. 4(a)) and Case 3 (Fig. 4(b)). The spoofing detection times ranging from 60 to 300 s and the predetection integration time 
, and 
. The detection rate is defined as
 |
25 |
Fig. 4.
(a) Detection rates of the SQM MuSDA and MuSD metrics with the WMA-BC algorithm. (Case 2,
, and 
). (b) Detection rates of the SQM MuSDA and MuSD metrics with the WMA-BC algorithm. (Case 3,
, and 
).
In Case 2, the detection rates of the metrics obtained based on the WMA-BC algorithm are all improved, but the effect differs for different metrics, with the detection rates of the slope, ratio, MuSDA and MuSD metrics significantly improved by more than 70%. As the detection rates of the double slope, delta, double delta, and ELP metrics were originally close to 0, the improvement in the detection rate was limited. Case 3 shows results similar to those of Case 2; the metrics obtained based on the WMA-BC algorithm have higher detection rates, and the detection rates of the metrics improve by approximately 22% to 53%.
Experimental data analysis shows significant performance differences among the four methods in the spoofing detection task. In Case 2 testing, the WMA-BC method performed the best, achieving detection rates of 100% and 81.4% for the MuSDA and slope metrics, respectively, which represents an improvement of 4.8% and 38.3% compared to the WMA algorithm. In comparison, the MA method only reached 66.3% and 26.2%, while the MV method achieved 40.4% and 32.5%. Notably, the MV method completely failed on the ratio metric (0% detection rate), whereas WMA-BC maintained an effective detection rate of 87.1%, which is an improvement of 15.1% compared to WMA.
Further analysis of the Case 3 data reveals that the advantage of WMA-BC is even more pronounced on the slope metric, where its detection rate was more than 30% higher than both the MA and MV methods, with an improvement of about 5% to 20% compared to the WMA method. This method also maintained stable performance on the double slope, delta, MuSDA, and MuSD metrics, demonstrating strong overall performance. In contrast, while the MA method performed reasonably well on the ratio and MuSD metrics, it achieved only a 14.1% detection rate on the delta metric, showing clear performance limitations. The MV method exhibited unbalanced characteristics: it performed excellently on the double slope (63.7%), double delta (63.7%), and ELP (52.6%) metrics but underperformed on key metrics such as ratio (26.2%), MuSDA (5.9%), and MuSD (23.4%).
Overall, WMA-BC demonstrated clear advantages over WMA, MV and MA in terms of performance. The superior performance of WMA-BC is primarily attributed to its weighted computation mechanism, which dynamically adjusts weights over time, effectively enhancing feature differentiation. In contrast, the MA method, due to its simple mean calculation, is prone to losing crucial temporal information. The MV method, which treats all data points within the window equally, cannot implement variance calculations that incorporate features such as exponential decay weights, which are more suited to time-series characteristics, resulting in insufficient performance.
Quantitative analysis demonstrates that WMA-BC significantly enhances the discriminative capability of embedded GNSS systems, achieving more than a 70% improvement in detection rate for key signal metrics. For instance, in Case 2, the Slope metric shows a remarkable increase from 3.6% (raw metric) to 81.4% with WMA-BC, outperforming the MA approach at 26.2% and the MV method at 32.5%.
Despite the computational burden associated with multi-correlator architectures, such as MuSDA/MuSD, which require around 750 M floating-point operations per second (FLOPs), including an overhead of 200 M FLOPs due to additional correlators—WMA-BC introduces only a minimal overhead of 0.50 M FLOPs (just 0.07% of the baseline), along with an additional 48 kB of RAM usage (Table 2).
Table 2.
FLOPs and RAM overheads of three algorithms under multi-correlator metrics.
| Metrics | Algorithm | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Additional correlators | No algorithm | MA | MV | WMA-BC | |||||
| FLOPs | RAM (kb) |
Increased FLOPs | Increased RAM (kb) |
Increased FLOPs | Increased RAM (kb) |
Increased FLOPs | Increased RAM (kb) |
||
| ELP | 0 | 550 M | 2478 | 0.005 M | 16 | 13 M | 8 | 0.18 M | 16 |
| delta | 2 | 650 M | 2868 | 0.005 M | 16 | 13 M | 8 | 0.18 M | 16 |
|
double delta |
4 | 750 M | 3257 | 0.005 M | 16 | 13 M | 8 | 0.18 M | 16 |
| ratio | 2 | 650 M | 2868 | 0.005 M | 16 | 13 M | 8 | 0.18 M | 16 |
| slope | 2 | 650 M | 2866 | 0.005 M | 16 | 13 M | 8 | 0.18 M | 16 |
| double slope | 4 | 750 M | 3258 | 0.005 M | 15 | 13 M | 7 | 0.18 M | 15 |
| MuSDA | 4 | 750 M | 3256 | 0.005 M | 16 | 13 M | 8 | 0.18 M | 16 |
| MuSD | 4 | 750 M | 3272 | 0.016 M | 48 | 24 M | 24 | 0.50 M | 48 |
| Time Complexity | - | O(1) | O(n2) | O(n) | |||||
This efficiency makes WMA-BC, along with MuSD and MuSDA metrics, highly suitable for deployment on resource-constrained embedded platforms. For example, when implemented on the TMS320C6748 processor (clocked at 456 MHz with a peak performance of 3648 MFLOPs and a typical power consumption of 1.1W), the added computational load is relatively small, representing less than 5.5% of the total processing capacity. Moreover, WMA-BC maintains linear time complexity O(n), ensuring robust scalability for real-time applications—unlike MV, which has O(n2) complexity and incurs a 13 M FLOP overhead, approximately 72 times greater than that of WMA-BC.
These findings underscore WMA-BC’s unique ability to balance robust spoofing detection with stringent resource efficiency, fulfilling the demanding requirements of real-time GNSS spoofing detection systems in resource-constrained environments.
We calculated and plotted the receiver operating characteristic curves for Case 2 (Fig. 5(a)) and Case 3 (Fig. 5(b)), and performed statistical analysis (Table 3). In the experiments, 
and 
were measured by continuously decreasing the metric thresholds. We evaluated the AUC, which is an important parameter for detection performance.
Fig. 5.
(a) Comparison of ROC curves for different metrics (Case 2). The solid lines with circles represent curves obtained without the WMA-BC algorithm, the dashed lines with asterisks represent curves obtained based on the WMA-BC algorithm, and the dot with a triangle indicates the curve obtained based on the WMA algorithm. (b) Comparison of ROC curves for different metrics (Case 3). The solid lines with circles represent curves obtained without the WMA-BC algorithm, the dashed lines with asterisks represent curves obtained based on the WMA-BC algorithm, and the dot with a triangle indicates the curve obtained based on the WMA algorithm.
Table 3.
The summary of AUC of ROC curves for different metrics.
| Metrics | Case 2 | Case 3 |
|---|---|---|
| Slope | 0.605 | 0.733 |
| Slope-WMA | 0.784 | 0.866 |
| Slope-WMA-BC | 0.981 | 0.940 |
| Double Slope | 0.535 | 0.703 |
| Double-Slope-WMA | 0.736 | 0.798 |
| Double Slope-WMA-BC | 0.762 | 0.891 |
| Delta | 0.536 | 0.626 |
| Delta-WMA | 0.753 | 0.778 |
| Delta-WMA-BC | 0.768 | 0.823 |
| Double Delta | 0.543 | 0.711 |
| Double Delta-WMA | 0.783 | 0.797 |
| Double Delta-WMA-BC | 0.791 | 0.903 |
| ELP | 0.534 | 0.679 |
| ELP-WMA | 0.700 | 0.741 |
| ELP-WMA-BC | 0.725 | 0.755 |
| Ratio | 0.945 | 0.925 |
| Ratio-WMA | 0.953 | 0.891 |
| Ratio-WMA-BC | 0.988 | 0.963 |
| MuSDA | 0.853 | 0.869 |
| MuSDA-WMA | 0.990 | 0.940 |
| MuSDA-WMA-BC | 1.000 | 0.960 |
| MuSD | 0.942 | 0.939 |
| MuSD-WMA | 0.985 | 0.988 |
| MuSD-WMA-BC | 1.000 | 0.998 |
In Case 2, the AUC values of the metrics obtained based on the WMA-BC algorithm are markedly larger than those of the metrics obtained without the WMA-BC algorithm and those using the WMA algorithm. The AUC area with the WMA-BC algorithm increased by 0.01 to 0.197 compared to the WMA algorithm, and increased by 0.043 to 0.376 compared to the original metrics. Additionally, the MuSDA metric obtained based on the WMA-BC algorithm has an AUC equal to 1, demonstrating a 100% detection rate with no false alarms. In Case 3, the AUC area of the metrics combined with the WMA-BC algorithm increased by 0.01 to 0.072 compared to the WMA algorithm, and the AUC increased by 0.038 to 0.207 compared to the original metrics, which also indicates that these metrics achieved stronger detection capabilities.
In summary, the WMA-BC algorithm-based metrics achieve enhanced spoofing detection rates and superior performance with minimal computational overhead. The GNSS receiver thereby attains improved ROC performance—regardless of whether spoofing signals operate in frequency-locked or frequency-unlock modes, and irrespective of spoofing signal power being higher than or approximately equal to authentic signals.
Spoofing detection experiments with different code phase offsets and carrier phase offsets
To examine the detection performance of various metrics in synchronized spoofing against different code phase offsets and carrier phase offsets (based on the WMA-BC algorithm), we perform experiments by simulating a GPS satellite with the following signal simulation parameters: 
is 45 dB, the C/A code phase difference 
between the authentic signal and the spoofing signal ranges from 0 to 1 chip, with a step size of 0.005 chips, and carrier phase difference 
ranges from 0 to 2π, with a step size of 0.1π, for a total of 4221 grid experiments. Due to the high similarity between spoofing signals and authentic signals in the experiment, and considering the tracking stability of the receiver and the timeliness of spoofing detection, 
is 10 ms. The correlators used to obtain the MuSD and MuSDA metrics in the experiments are 
chips, 
chips, and 
chips.
The spoofing detection rates at the experimental grid points are demonstrated in Fig. 6, where the grid color indicates the spoofing detection probability. Each grid represents the detection rate in one experiment, and 
, which can effectively reflect the detection sensitivity of the metrics obtained in each experiment. The detection rates of some metrics decrease in cases with long intrusion times, such as the slope, double slope, delta, and double delta metrics. This is because in the early stage of the spoofing attack, the output values of the early and late correlators change or differ significantly, and the detection difficulty is small. However, in the spoofing attack of the middle or late stages, the change in the output values of the early and late correlators decreases, and the detection difficulty increases. However, the MuSD and MuSDA metrics are obtained using multiple correlators, which can monitor small fluctuations in bilateral slopes at multiple points simultaneously, ensuring high sensitivity and detection rates.
Fig. 6.
Detection rate of each metric in different code phase shift and carrier phase shift spoofing experiments. The code phase offset 
ranges from 0 to 1 chip, and the carrier phase shift 
ranges from 0 to 2π (
).
To evaluate the detection performance of the metric more objectively, we evaluated the detection coverage of each metric. The detection coverage is the ratio of the detectable area to the total area in a certain detection region. This value is a more comprehensive reflection of the performance of the metrics. The result of each experiment is 1 unit, and the total number of units is 4221. The detection coverage is defined as
 |
26 |
The detectable area in (26) is the sum of the detectable grid points, and we set a minimum acceptable detection rate of 
. If 
, the grid is undetectable, and its grid value is recorded as 0; otherwise, the grid value is set as 1.
Figure 7 shows the detection coverage of each metric when the minimum acceptable detection rate is set to 0.8. The yellow region in the figure represents the detectable region (
), and the blue region represents the undetectable region. For both the slope and delta metrics with two correlators and the double slope and double delta metrics with four correlators, the detectable area is smaller than that of the other metrics, and the detection coverage is less than 60%. For the ELP and ratio metrics, undetectable grids are found at their edges or at the center in more places. In contrast, the MuSD and MuSDA metrics have mainly detectable areas, except for the undetectable areas at the edges of 
and 
. The existence of this blind spot arises from the fact that when the code/carrier phase shift of the deception signal is extremely small, its impact on the correlation peak of the real signal is negligible, typically manifesting as a very weak “boost” or "distortion."
Fig. 7.
Detectable region of each metric in different code phase shift 
and carrier phase shift 
spoofing experiments. (
).
Under the stable operation of the receiver, the receiver experiences fluctuations such as thermal noise and quantization noise, which are very similar to the changes caused by spoofing signals. The adaptive threshold 
we set has a statistical fluctuation offset range given by
 |
27 |
When the spoofing signal is extremely similar to the true signal, the metric shift 
caused by the spoofing signal is very small, and the subtle changes induced by the spoofing signal are easily masked by the inherent noise. The expression is:
 |
28 |
where 
is the measured metric’ value when spoofing is present. Its shift mainly comes from the minor distortions of the signal generator and the additional noise introduced by the spoofing signal itself. When the metric shift 
caused by the spoofing signal is less than or equal to the statistical fluctuation range 
, the receiver cannot effectively detect the spoofing, leading to a detection blind spot.
The detection coverage of the eight detection metrics is summarized (Fig. 8), and the performance of the metrics can be ranked as follows: delta (26.4%) < slope (37.4%) < double delta (52.4%) < double slope (58.3%) < ELP (61.1%) < ratio (73.3%) < MuSDA (95.8%) < MuSD (96.1%). MuSD has the highest detection coverage of 96.1%, and MuSDA has a slightly lower detection coverage than the MuSD metric, with a value of 95.8%, which is approximately 22% to 69% higher than that of the other metrics. These results show that MuSDA and MuSD possess smaller blind zones and outperform the other metrics in terms of code phase offset and carrier phase offset detection.
Fig. 8.
Detection coverage of different metrics (
).
We evaluated the performance of MuSD under different correlator spacing combinations (Table 4). The experimental results show that as 
decreases and 
increases (with the receiver’s inherent correlator spacing 
), the detection coverage of MuSD decreases significantly. In this experiment, the configuration 
, 
, and 
achieved the highest detection coverage (95.8%). This result indicates that this configuration effectively ensures high detection coverage of MuSD across different code phase offset and carrier offset experiments, demonstrating the strongest robustness.
Table 4.
The detection coverage of the MuSD metric under different combinations of correlator spacings.
| Metric |  |
 |
 |
Detection coverage ( ) |
|---|---|---|---|---|
| MuSD | 0.9 | 0.5 | 0.1 | 95.8% |
| 0.8 | 0.5 | 0.2 | 94.5% | |
| 0.7 | 0.5 | 0.3 | 92.4% | |
| 0.6 | 0.5 | 0.4 | 89.6% |
Test with the TEXBAT dataset
To further validate the performance of the metrics (based on the WMA-BC algorithm), we used seven spoofing intrusion cases from the TEXBAT dataset as tests. The battery can be considered the data component of an evolving standard meant to define the notion of spoof resistance for civil GPS receivers. According to this standard, successful detection of or imperviousness to all spoofing attacks in TEXBAT, or a future version thereof, could be considered sufficient to certify a civil GPS receiver as spoof resistant34. It includes dynamic, static, power matching, carrier/code phase matching, and other scenarios (Table 5), among which the challenge of spoofing detection on a dynamic platform is to distinguish spoofing effects from natural fading and multipath.
Table 5.
Summary of the TEXBAT dataset.
| Case number | Case description | Frequency lock |
|---|---|---|
| Case 2 |
Static, overpower, unfixed phase difference, time attack |
Unlocked |
| Case 3 | Static, matched-power time, fixed phase difference, time attack | Locked |
| Case 4 |
Static, matched-power, fixed phase difference, position offset attack |
Locked |
| Case 5 |
Dynamic, overpowered, unfixed phase difference, time attack |
Unlocked |
| Case 6 | Dynamic, matched-power, fixed phase difference, position offset attack | Locked |
| Case 7 |
Static, matched-power, fixed phase difference, aligned carrier phase, matched-Doppler, time attack |
Locked |
| Case 8 |
Static, matched-power, aligned carrier phase, matched-doppler, code estimation and replay, time attack |
Locked |
We detected the signals from 60 to 300 s for each case (240 s in total) and selected the period from 120 to 300 s (spoofing intrusion phase) to calculate the spoofing detection rate. The PIT was set to 
, and the false alarm rate 
.
Through experiments based on the TEXBAT dataset, we visualized the detection rate for each metric (Fig. 9) and performed statistical analysis (Table 6). This result reflects the detection effectiveness in defending against deceptive intrusions. Case 2 is a time-specific attack. The detection rates of the slope, ratio, MuSDA, and MuSD metrics are relatively high, reaching greater than 80%, with MuSDA and MuSD reaching 100%. In contrast, the detection rates of the double slope, delta, double delta, and ELP metrics are not more than 25%. Case 3 is the same as Case 2 except that the power difference between the spoofed and authentic signals is reduced from 10 dB to 1.3 dB, and the spoofers operate in frequency-locked mode. The frequency-locked mode increases the change in the correlator detection value, which is favorable for spoofing detection. The detection rates of the double slope, delta, double delta, and ELP metrics are improved in this case, and the ratio, MuSDA, and MuSD metrics maintain high detection rates of 81.9%, 85.2%, and 94.4%, respectively. Case 4 is the same as Case 3 except that the power difference between the spoofed and authentic signals is reduced (from 1.3 dB to 0.4 dB), and the spoofed signals are position offset-type spoofs. Compared to the results in Case 3, the detection rates of the metrics decrease, while the MuSDA and MuSD metrics still maintain high detection rates of 92.9% and 99.1%, respectively. Case 5 is similar to Case 2, except that the receiver platform is changed from static to dynamic, and obvious changes in the power and phase values occur, making spoofing detection more difficult. The detection rates of the double slope, delta, and double delta metrics are close to 0 in this case. The detection rates of the slope and ratio metrics decrease to 10.3% and 48.7%, respectively, while the MuSDA and MuSD metrics maintain high detection rates of 97.6% and 99.9%, respectively. Case 6 is similar to Case 4, except that the receiver platform is changed from static to dynamic. In Case 6, the detection rates of the various metrics show different degrees of change, with the slope, double slope, delta, double delta, ELP, ratio, MuSDA, and MuSD metrics obtaining detection rates of 20%, 55.3%, 22.5%, 53.6%, 4.9%, 63.7%, 76.1%, and 98.8%, respectively. Case 7 is similar to Case 3, except that a carrier phase alignment strategy is implemented for the spoofed signals. In this case, the delta metric has a detection rate of 0%, the ELP metric has a detection rate of only 1.8%, the slope, double slope, and double delta metrics have detection rates between 50 and 51%, and the MuSDA and MuSD metrics have detection rates of 62.9% and 63.8%, respectively. In Case 8, zero-delay security code estimation and replay attacks are used. In this case, compared to those of Case 7, the double slope and ELP metrics still perform poorly, with detection rates of approximately 0, and the detection rates of the slope and ratio metrics decrease by 13.6% and 13.1%, respectively. The detection rates of the double slope, double delta, MuSDA, and MuSD metrics remain approximately unchanged, with MuSD showing the best detection rate of 63.3%.
Fig. 9.
Detection rates of the different metrics based on the TEXBAT dataset (Cases 2 to 8). 
,
.
Table 6.
Summary of detection rates for different metrics based on the TEXBAT dataset.
| Metrics | Case 2 | Case 3 | Case 4 | Case 5 | Case 6 | Case 7 | Case 8 |
|---|---|---|---|---|---|---|---|
| Slope | 81.4% | 72.9% | 59.1% | 10.3% | 20.0% | 53.3% | 39.8% |
| Double Slope | 26.9% | 63.8% | 23.3% | 0.4% | 55.3% | 51.1% | 50.4% |
| Delta | 24.3% | 43.7% | 23.0% | 0.1% | 22.5% | 0.0% | 0.0% |
| Double Delta | 26.9% | 64.3% | 28.7% | 0.1% | 53.6% | 50.5% | 49.9% |
| ELP | 27.1% | 64.0% | 33.8% | 0.1% | 4.9% | 1.7% | 2.5% |
| Ratio | 87.1% | 81.9% | 54.9% | 48.7% | 63.6% | 51.1% | 38.0% |
| MuSDA | 100.0% | 85.2% | 92.9% | 97.6% | 76.1% | 62.9% | 62.5% |
| MuSD | 100.0% | 94.4% | 99.1% | 99.9% | 98.8% | 63.8% | 63.2% |
Overall, among the eight metrics considered in the experiments, the MuSD and MuSDA obtained the best detection performance, showing the highest detection rates in all the experiments. The ratio and slope metrics showed the next best detection performance; although their detection capability was not as good as that of the MuSD and MuSDA metrics, they obtained good detection rates in all the cases. In contrast, the double delta, double slope, delta, and ELP metrics performed poorly, with detection rates close to 0 in some cases. The reason is that MuSD and MuSDA exploit advantages including the offset detection capability of complementary correlators, which comprehensively improves the detection capability of time-type and location-type spoofing signals, such as phase shifts, power suppression, and Earth-centered Earth-fixed coordinate deviations. It also solves the problem in that other metrics are not effective in detecting highly similar spoofing (the code phase, the carrier phase, and power are all very close), improving the spoof detection ability.
Conclusions
In this study, we proposed a WMA-BC algorithm for processing localized metric data and proposed the MuSD and MuSDA metrics for GNSS spoofing signal detection with complementary correlators. Through theoretical analysis and comparative simulations and experiments, we present the following conclusions:
1. The WMA-BC algorithm improves the detection rate of the metrics and optimizes the ROC. When the metrics are obtained with the WMA-BC algorithm, regardless of whether the spoofed signal operates in frequency-unlocked mode or frequency-locked mode and whether the power approximately matches or is higher than that of the authentic signal, the detection rate is effectively improved without increasing the false alarm rate. Metrics derived using the WMA-BC algorithm consistently outperform the raw metrics and those obtained via MV and MA algorithms.
The WMA-BC algorithm is applicable to a wide range of metrics, and it can smooth the jitter of random interference, thus improving the performance of the detection metrics. At the same false alarm rate, the different metrics obtained based on the WMA-BC algorithm show varied performance improvements. If the original metric detection rate is not particularly small (
), the metric detection rate based on the WMA-BC algorithm is improved by approximately 22% to 95%. In the scenario with overpower and unfixed phase difference (Case 2), the WMA-BC-based MuSD metric achieved a 100% detection rate. This represents improvements of 33.7 percentage points over the MA method and 59.6 percentage points over the MV method. It also signifies a 96 percentage points increase compared to the original metric. In the scenario with matched-power timing and fixed phase difference (Case 3), the WMA-BC-based MuSD metric attained a 94.4% detection rate. This corresponds to improvements of 7.8 percentage points over the MA method and 71 percentage points over the MV method. It is also a 48.2 percentage point increase over the original metric. In addition, by comparing the ROC obtained with and without the WMA-BC algorithm, we find that the metrics based on the WMA-BC method have larger AUC values and show better detection capabilities than do the metrics obtained without the WMA-BC algorithm.
2. MuSDA and MuSD exploit the offset detection capability of different correlators, which can effectively improve the detection rate and detection coverage of spoofing. In spoofing experiments with different code phase offsets and carrier phase offsets, MuSDA and MuSD have better detection sensitivity and wider detection coverage than do the other metrics. In the grid experiments with code phase and carrier phase shifts, the MuSD and MuSDA detection blind zones are much smaller than those of the other metrics, and the detection coverage rates of the metrics are as follows: delta < slope < double delta < double slope < ELP < ratio < MuSDA < MuSD. The detection coverage of MuSD and MuSDA reached 96.1% and 95.8%, respectively, which are approximately 22% to 69% higher than those of the other metrics.
3. MuSDA and MuSD effectively detect spoofing intrusions in the TEXBAT datasets and exhibit the highest detection rates in each experiment, with detection rates that are much higher than those of the other metrics. For example, in Case 5, the MuSD and MuSDA detection rates are 99.9% and 97.6%, respectively, while the slope, double slope, delta, double delta, ELP, and ratio detection rate metrics are only 10.3%, 0.4%, 0.1%, 0.1%, 0.1%, and 48.7%, respectively.
Future research should focus on reducing the detection blind spots for spoofing signals by investigating MuSDA/MuSD integrated with multi-feature fusion.
Supplementary Information
Acknowledgements
This research was supported by the National Natural Science Foundation of China (Grant No. 62161007, Grant No. 62061010, Grant No. U23A20280), Guangxi Science and Technology Project (GuikeAD22080061, GuikeAA23062038,GuikeAB23026120), the Natural Science Foundation of Guangxi (Grant No. 2024GXNSFBA010265, Grant No. 2024GXNSFAA999284, Grant No. 2024GXNSFAA010270 and Grant No. 2024GXNSFBA999304), Guangxi Major Talent Project, Graduate Student Innovation Project of Guilin University of Electronic Science and Technology, Project of the Collaborative Innovation Center for BeiDou Location Service and Border and Coastal Defense Security Application.
Author contributions
C.W. conceived the experiment(s). C.W. and Y.J. conducted the experiment(s), and X.S. performed statistical analysis and figure generation. All authors reviewed the manuscript.
Data availability
The TEXBAT datasets are provided by the radio navigation laboratory of the University of Texas at Austin and can be downloaded via the hyperlink: https://radionavlab.ae.utexas.edu/texbat.
Declarations
Competing interests
The authors declare no competing interests.
Footnotes
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Contributor Information
Yuanfa Ji, Email: jiyuanfa@163.com.
Xiyan Sun, Email: sunxiyan1@163.com.
Supplementary Information
The online version contains supplementary material available at 10.1038/s41598-025-16853-1.
References
- 1.Kaplan, E. D. Understanding GPS: Principles and applications / Elliott D. Kaplan, editor. J. Atmos. Solar-Terr. Phys.59, 1–10 (2006). [Google Scholar]
- 2.Humphreys, T. E. Detection Strategy for Cryptographic GNSS Anti-Spoofing. Ieee. T. Aero. Elec. Sys.49(1073), 1090. 10.1109/Taes.2013.6494400 (2013). [Google Scholar]
- 3.Chen, X., Luo, R. D., Liu, T., Yuan, H. & Wu, H. T. Satellite Navigation Signal Authentication in GNSS: A Survey on Technology Evolution, Status, and Perspective for BDS. Remote Sens-Basel15, 1462. 10.3390/rs15051462 (2023). [Google Scholar]
- 4.Mao, P. R. et al. A GNSS Spoofing Detection and Direction-Finding Method Based on Low-Cost Commercial Board Components. Remote Sens-Basel15, 2781. 10.3390/rs15112781 (2023). [Google Scholar]
- 5.Wang, Y. W., Kou, Y. H., Huang, Z. G. & Zhao, Y. GNSS spoofing maximum-likelihood estimation switching between MEDLL and CADLL. GPS Solut.27, 148. 10.1007/s10291-023-01486-6 (2023). [Google Scholar]
- 6.Meng, L. X., Yang, L., Yang, W. & Zhang, L. A. Survey of GNSS Spoofing and Anti-Spoofing Technology. Remote Sens-Basel14, 4826. 10.3390/rs14194826 (2022). [Google Scholar]
- 7.Gao, Y. J., Lv, Z. W. & Zhang, L. D. Asynchronous Lift-Off Spoofing on Satellite Navigation Receivers in the Signal Tracking Stage. Ieee. Sens. J.20(8604), 8613. 10.1109/Jsen.2020.2984525 (2020). [Google Scholar]
- 8.Wang, Y. W., Kou, Y. H., Zhao, Y. & Huang, Z. G. Detection of synchronous spoofing on a GNSS receiver using weighed double ratio metrics. GPS Solut.26, 91. 10.1007/s10291-022-01268-6 (2022). [Google Scholar]
- 9.Wu, Z. J., Zhang, Y., Yang, Y. M., Liang, C. & Liu, R. S. Spoofing and Anti-Spoofing Technologies of Global Navigation Satellite System: A Survey. IEEE. Access.8, 165444–165496. 10.1109/Access.2020.3022294 (2020). [Google Scholar]
- 10.Zhao, Y. Q., Shen, F., Qi, B. Q. & Meng, Z. DOA Estimation under GNSS Spoofing Attacks Using a Coprime Array: From a Sparse Reconstruction Viewpoint. Remote Sens-Basel14, 5944. 10.3390/rs14235944 (2022). [Google Scholar]
- 11.Liu, R., Yang, Z. W., Chen, Q. D., Liao, G. S. & Zhu, Q. L. Localization of GNSS Spoofing Interference Source Based on a Moving Array Antenna. Remote Sens-Basel15, 5497. 10.3390/rs15235497 (2023). [Google Scholar]
- 12.Seo, S. H., Lee, B. H., Im, S. H., Jee, G. I. & Kim, K. S. Efficient spoofing identification using baseline vector information of multiple receivers. GPS Solut.22, 115. 10.1007/s10291-018-0779-x (2018). [Google Scholar]
- 13.Chen, Z., Li, H., Wei, Y., Zhou, Z. & Lu, M. GNSS antispoofing method using the intersection angle between two directions of arrival (IA-DOA) for multiantenna receivers. GPS Solut.27, 11. 10.1007/s10291-022-01345-w (2022). [Google Scholar]
- 14.Sun, C. et al. Moving variance-based signal quality monitoring method for spoofing detection. GPS Solut.22, 83. 10.1007/s10291-018-0745-7 (2018). [Google Scholar]
- 15.Sun, C., Zhao, H., Zhuang, C. & Feng, W. The IFFT-based SQM method against digital distortion in GNSS signals. GPS Solut.21, 1457–1468. 10.1007/s10291-017-0622-9 (2017). [Google Scholar]
- 16.Wang, J. Q. et al. GNSS Spoofing Detection Using Q Channel Energy. Remote Sens-Basel15, 5337. 10.3390/rs15225337 (2023). [Google Scholar]
- 17.Stenberg, N., Axell, E., Rantakokko, J. & Hendeby, G. Results on GNSS Spoofing Mitigation Using Multiple Receivers. Navigation-Us10.33012/navi.510 (2022). [Google Scholar]
- 18.Hwang, P. Y. & McGraw, G. A. Receiver Autonomous Signal Authentication (RASA) Based On Clock Stability Analysis. Ieee Position Locat, 270-281 (2014).
- 19.Ugazio, S., Pini, M., Cavaleri, A., Fantino, M. & Presti, L. L. Signal quality monitoring applied to spoofing detection. Proceedings of International Technical Meeting of the Satellite Division of the Institute of Navigation, 1888-1896 (2011).
- 20.Phelts, R. E. Multicorrelator techniques for robust mitigation of threats to GPS signal quality, Stanford University, (2001).
- 21.Khan, A. M., Iqbal, N., Khan, A., Khan, M. & Ahmad, A. Detection of Intermediate Spoofing Attack on GNSS Receiver through Slope based Metrics. J. Navig.10.1017/S0373463320000168 (2020). [Google Scholar]
- 22.Pirsiavash, A., Broumandan, A. & Lachapelle, G. Performance Evaluation of Signal Quality Monitoring Techniques for GNSS Multipath Detection and Mitigation. (2017). [DOI] [PMC free article] [PubMed]
- 23.Mubarak, O. M. & Dempster, A. G. Analysis of early late phase in single-and dual-frequency GPS receivers for multipath detection. GPS Solut.14, 381–388. 10.1007/s10291-010-0162-z (2010). [Google Scholar]
- 24.Hegarty, C., O’Hanlon, B., Odeh, A., Shallberg, K. & Flake, J. Spoofing Detection in GNSS Receivers through Cross-Ambiguity Function Monitoring. I. Navig. Sat. Div. Int.10.33012/2019.16986 (2019). [Google Scholar]
- 25.Wesson, K. D., Gross, J. N., Humphreys, T. E. & Evans, B. L. GNSS Signal Authentication Via Power and Distortion Monitoring. Ieee. T. Aero. Elec. Sys.54, 739–754. 10.1109/Taes.2017.2765258 (2018). [Google Scholar]
- 26.Wang, F., Li, H. & Lu, M. Q. GNSS Spoofing Detection and Mitigation Based on Maximum Likelihood Estimation. Sens. Basel10.3390/s17071532 (2017). [DOI] [PMC free article] [PubMed] [Google Scholar]
- 27.Sun, C., Cheong, J. W., Dempster, A. G., Zhao, H. & Feng, W. GNSS Spoofing Detection by Means of Signal Quality Monitoring (SQM) Metric Combinations. IEEE. Access.6, 66428–66441. 10.1109/access.2018.2875948 (2018). [Google Scholar]
- 28.Wang, X. Y., Yang, J. J., Peng, Z. X., Wang, S. F. & Huang, M. Hilbert signal envelope-based multi-features methods for GNSS spoofing detection. Comput. Secur.10.1016/j.cose.2024.103959 (2024). [Google Scholar]
- 29.Zhu, X. F., Hua, T., Yang, F., Tu, G. Y. & Chen, X. Y. Global positioning system spoofing detection based on Support Vector Machines. Iet. Radar. Sonar. Nav.16, 224–237. 10.1049/rsn2.12178 (2022). [Google Scholar]
- 30.Chen, Z. K., Li, J. Z., Li, J., Zhu, X. W. & Li, C. H. GNSS Multiparameter Spoofing Detection Method Based on Support Vector Machine. Ieee. Sens. J.22, 17864–17874. 10.1109/Jsen.2022.3193388 (2022). [Google Scholar]
- 31.Iqbal, A., Aman, M. N. & Sikdar, B. A. Deep Learning Based Induced GNSS Spoof Detection Framework. IEEE Trans. Mach. Learn. Commun. Netw.2, 457–478. 10.1109/TMLCN.2024.3386649 (2024). [Google Scholar]
- 32.Blanco-Delgado, N. & Nunes, F. D. Multipath Estimation in Multicorrelator GNSS Receivers using the Maximum Likelihood Principle. Ieee. T. Aero. Elec. Sys.48(3222), 3233. 10.1109/Taes.2012.6324696 (2012). [Google Scholar]
- 33.Shang, X. Y. et al. GNSS spoofing detection based on multicorrelator distortion monitoring. GPS Solut.10.1007/s10291-023-01438-0 (2023). [Google Scholar]
- 34.Humphreys, T., Bhatti, J., Shepard, D. & Wesson, K. The Texas Spoofing Test Battery: Toward a Standard for Evaluating GPS Signal Authentication Techniques. Proceedings of the 25th International Technical Meeting of the Satellite Division of the Institute of Navigation (Ion Gnss 2012), 3569-3583 (2012).
Associated Data
This section collects any data citations, data availability statements, or supplementary materials included in this article.
Supplementary Materials
Data Availability Statement
The TEXBAT datasets are provided by the radio navigation laboratory of the University of Texas at Austin and can be downloaded via the hyperlink: https://radionavlab.ae.utexas.edu/texbat.