Authentication by polarization: A powerful anti-spoofing method

This paper presents a method to detect and mitigate a spoofing attack by means of a dual polarized antenna. It exploits the similarity in polarization of spoofed satellites to identify spoofed satellites and copes with three major challenges. A first challenge is to avoid false alarms, which could be triggered by occasional polarization alignment of authentic satellites. The second challenge is the detection of spoofed signals out of a mix of spoofed and non-spoofed signals, as is the case in most practical spoofing attacks. The final challenge is to be able to work with spoofed signals from RHCP spoofing antennas operating from a higher elevation. The technique was developed based on analysis of a large amount of experimental signal data recorded in spoofed and non-spoofed environments. The paper first describes the recording system, which uses a high-performance dual polarized antenna, optimized for low axial ratio. This connects to a multi-frequency multi-constellation receiver, supporting concurrent coherent tracking of the RHCP and LHCP signal components provided by the antenna. We subsequently discuss the measurement campaign. It is rather straightforward to collect data in a variety of non-spoofed environments to build a database of scenarios which are supposed to yield a negative spoofing indication. This doesn't hold for spoofing scenarios, because of regulatory constraints. Therefore, the spoofing tests were done in a special anechoic chamber which can simulate both polarization and angle of arrival of satellite signals. This wave field synthesis (WFS) testbed was configured to create a mix of satellite signals, some of them emulating authentic signals and the other ones representing the spoofer. The WFS testbed was used to simulate an advanced matched power timing attack. Finally, the paper discusses a new spoofing detection algorithm, based on the experimental data. We present an analysis of the spoofing classification performance, analyzing metrics for probability of false alarm and probability of detection.