Global navigation satellite system (GNSS) spoofing attacks pose severe threats to position security. Since the 5G signals are unaffected by GNSS spoofing attacks, they have the potential to provide external assistance to detect GNSS spoofing threats and recover the user equipment (UE)’s authentic position. It can be easily achieved when multiple 5G base stations (BSs) are accessible, as the true position can be directly calculated by using 5G measurements alone. However, in a common situation where only one 5G BS is available, this problem would be difficult. This work aims to detect GNSS spoofing attacks and help the UE recover its authentic position when only one BS is available. First, we extend the innovation-based anomaly detection concept to the GNSS-5G hybrid positioning system for spoofing detection. Then, the fusion extended Kalman filter output model under spoofing attacks is derived and proved mathematically. Based on this, a three-stage authentic position estimation algorithm is proposed. Both simulations and a real field test were implemented. Results illustrate that our method can directly rebuild the actual location of the UE from the spoofed GNSS-5G hybrid positioning result with only one 5G BS.

中文翻译：

---

通过单个 5G 基站辅助进行 GNSS 欺骗检测和缓解


全球导航卫星系统（GNSS）欺骗攻击对位置安全构成严重威胁。由于 5G 信号不受 GNSS 欺骗攻击的影响，因此它们有可能提供外部协助来检测 GNSS 欺骗威胁并恢复用户设备 (UE) 的真实位置。当有多个 5G 基站 (BS) 接入时，这一点很容易实现，因为仅使用 5G 测量就可以直接计算出真实位置。然而，在通常只有一个 5G 基站可用的情况下，这个问题会很困难。这项工作旨在检测 GNSS 欺骗攻击，并帮助 UE 在只有一个 BS 可用时恢复其真实位置。首先，我们将基于创新的异常检测概念扩展到 GNSS-5G 混合定位系统中进行欺骗检测。然后，推导了欺骗攻击下的融合扩展卡尔曼滤波器输出模型并进行了数学证明。在此基础上，提出了一种三阶段真实位置估计算法。进行了模拟和实际现场测试。结果表明，我们的方法可以仅使用一个 5G 基站，根据欺骗的 GNSS-5G 混合定位结果直接重建 UE 的实际位置。