Litcius/Paper detail

Your Locations May Be Lies: Selective-PRS-Spoofing Attacks and Defence on 5G NR Positioning Systems

Kaixuan Gao, Huiqiang Wang, Hongwu Lv, Pengfei Gao

202314 citationsDOI

Abstract

5G positioning systems, as a solution for city-range integrated-sensing-and-communication (ISAC), are flooding into reality. However, the positioning security aspects of such an ISAC system have been overlooked, bringing threats to more than a billion 5G users. In this paper, we propose a new threat model for 5G positioning scenarios, namely the selective-PRS-spoofing attack (SPS), disabling the latest security enhancement method reported in 3GPP R18. In our attack pattern, the attacker first cracks the broadcast information of a 5G network and then poisons specific resource elements of the channel, which can introduce substantial localization errors at victims or even completely control the positioning results. Worse, such attacks are transparent to both the UE-end and the network-end due to their stealthiness and easily bypass the current 3GPP defense mechanisms. To solve this problem, a DL-based defense method called in-phase quadrature Network (IQ-Net) is proposed, which utilizes the hardware features of base stations to perform identification at the physical level, thereby thwarting SPS attacks on 5G positioning systems. Extensive experiments demonstrate that our method has 98% defense accuracy and good robustness to noise.

Topics & Concepts

Spoofing attackComputer scienceRobustness (evolution)Computer securityComputer networkBase stationGeneBiochemistryChemistryIndoor and Outdoor Localization TechnologiesAntenna Design and AnalysisRFID technology advancements
Your Locations May Be Lies: Selective-PRS-Spoofing Attacks and Defence on 5G NR Positioning Systems | Litcius