View article

Today's smartphones widely exploit Global Navigation Satellite System (GNSS) as a positioning source, but the impact of spoofing attacks on these devices has never been extensively investigated. Resource constrained mobile phones are designed to provide position, velocity and time to the end user even in the most challenging environments, where the GNSS signal is hardly available in the first place. This approach pursues usability and energy efficiency rather than security, thus leaving the smartphones exposed to potential vulnerabilities. Spoofing attacks are becoming a serious threat to applications that rely on GNSS: building a GNSS spoofer barely requires some basic knowledge and a few hundred euros. Differently from autonomous GNSS receivers, mobile devices have access to redundant positioning information (Assisted GNSS (A-GNSS), sensors, etc.) that can be useful for security purposes. The aim …