GPS Spoofing Fooled Drivers Into Taking Wrong Way

Drivers in unfamiliar cities may not notice if they’re led astray by fake GPS coordinates, according to an experiment that suggests small, inexpensive spoofing devices might pose a threat to personal safety.

Virginia Tech researchers fed incorrect locations to GPS receivers, making navigation systems direct drivers to the wrong places, and reported that most drivers never noticed that their surroundings didn’t match where they were supposed to be. This could allow attackers to ambush people or send them the wrong way down a one-way street, according to the authors of a recent paper.

The study [PDF] was quite small, involving just 40 participants in the US and China, but it hints at how easy it might be to lure drivers — or self-driving cars — into dangerous situations.

The hacking didn’t require access to onboard navigation software or a cloud-based service such as Google Maps, only the capacity to “spoof” the GPS in a car or smartphone by making it pay attention to signals from a rogue device instead of GPS satellites, said Kexiong Zeng, a Ph.D student at Virginia Tech.

Spoofing has been used against ships and drone aircraft, misdirecting them on the open sea or air. Throwing cars off the right path is more complicated, because purely random GPS coordinates are likely to trigger driving directions that can’t be followed, like left turns where there are no cross streets.

The Virginia Tech researchers, along with colleagues from Microsoft Research and the University of Electronic Science and Technology of China, created a system that can find bad routes that work in the real world, Zeng said. It uses open source map data and an algorithm to calculate the feasibility of potential bad routes.

They built a spoofing device out of a Raspberry Pi platform, a software-defined radio, and other components, that was small enough to fit in one hand. The cost was less than $250. It could be planted inside the targeted car or operated from a following car. By offering a stronger signal than the receiver gets from GPS satellites, the device would cause the receiver to start paying attention to its fake coordinates instead of the real ones.

The spoofer feeds the GPS a nearby “ghost” location, which forces the navigation software to generate a new route to the original destination. Then the navigation system keeps giving turn-by-turn directions as if it’s still on the way to the right destination, but it’s being fed fake coordinates by the spoofing device. In reality, the driver is following those directions along a completely different path in the physical world — but one where the directions seem to make sense, because the turns can be made.

The researchers found that most drivers only listen to turn-by-turn directions. When the navigation software calls for a turn, they make it just as long as there is a road to turn onto, even if GPS spoofing threw off the whole trajectory of the trip. If the street names and the landmarks don’t match, they don’t notice it. The new real-world route sends the driver where the attackers want them.


They could even end up going the wrong way onto a freeway, if they were lulled into following the directions.

To learn the driver’s intended destination, attackers can use publicly available information like Tweets or Facebook posts, Zeng said. It’s also possible to roughly predict where the car will go based on its route so far. It’s not always necessary to learn the exact destination, as long as the attackers can make the car go through the area where they want to make contact with it, he said.

The researchers tested their GPS spoofing device in controlled settings to prevent interference with other cars. For the test of whether drivers would notice they were being misdirected, they used a driving simulation game, “Euro Truck Simulator II,” that features detailed surroundings.

Each test subject was asked to drive the same route in the game four times, guided by a simulated in-car navigation system. Simulated GPS spoofing sent them on the same bad route each time, in different weather conditions.

The route they were on didn’t match up with what the navigation software showed on its map, taking them on highways instead of local roads, for example. But only two of the subjects noticed under any weather conditions, they said.

— Stephen Lawson is a freelance writer based in San Francisco. Follow him on Twitter @sdlawsonmedia.

Leave a comment

Your email address will not be published. Required fields are marked *