“Spoofing a GPS receiver on a UAV is just another way of hijacking a plane,” Humphreys told Fox News.

In other words, with the right equipment, anyone can take control of a GPS-guided drone and make it do anything they want it to.

“Spoofing” is a relatively new concern in the world of GPS navigation. Until now, the main problem has been GPS jammers, readily available over the Internet, which people use to, for example, hide illicit use of a GPS-tracked company van. It’s also believed Iran brought down that U.S. spy drone last December by jamming its GPS, forcing it into an automatic landing mode after it lost its bearings.

It looks like we have something more than radio jamming to worry about. Although the military drones use encrypted signals, I believe that it can be cracked just like any other encryption.

E-mail me when people leave their comments –

You need to be a member of diydrones to add comments!

Join diydrones


  • May be an interesting read for those of you interested in terrain mapping.


    I briefly spoke with the fellow in charge of this a year or so ago. They're to the point now a car can drive around on a hill and roughly determine where it is using only altitude and roll / pitch attitude. I believe it could be a valid replacement to GPS, but as Tom mentioned it will be difficult to pull off. 

  • @Mathew

    How does the inertial guidance system know the GPS is wrong? What if the GPS is working fine and the inertial is wrong? How can you tell the difference?

    "A man with two watches doesn't know what time it is."

    Augmenting the inertial with external sources, such as GPS, helps defeat spoofing by reducing the rate at which the spoofed position can diverge from the true position. In a tightly-coupled GPS/INS, this means the rate of divergence has to be low enough for the error to be attributed to accelerometer biases and process noise. This makes spoofing possible, but often impractical.

    You mention using "surface contour mapping". I agree that this provides a non-GPS position reference to augment the inertial solution. However, actually implementing terrain-matching is far from trivial. You need a terrain database, a mapping sensor (radar? lidar?), and a correlation algorithm. Difficult to pull off, but it does provide a non-GPS augmentation source.


  • Inertial heading reference usually requires magnetometer & GPS to compensate for yaw angle drift. Perhaps a combined attack where the spoofed GPS was used in combination with magnetic interference to give a false magnetic north to slowly lead the drone off course "by the nose". It could be convinced that it was maintaining a straight path when traveling in an arc. A drone following waypoint navigation would be traveling in a series of straight lines, but even a false GPS velocity reading could convince a drone it's approaching it's landing zone prematurely. Even that it has overshot it's targeted destination and that it needs to reverse direction. From the perspective of an INS, this would appear similar to being caught in a jet stream.

    Optical flow based velocity data or alternative velocity references could potentially detect this style of interference, but most velocity sensors have an uncertainty factor which could be "felt out" based on detected anti-spoofing behaviors.

    In any case, having a chase plane stalking a drone like this seems like a solution in search of a problem. If the goal is to steal a plane out of the air, a small UAS could probably be grabbed with something as simple as a butterfly net if it didn't take evasive action.

    For simply convincing a drone to crash itself in to the ground, doing nothing more than jamming GPS with a $20 device from dealextreme would probably force most UAS to loiter until they ran out of power.

    It's interesting in concept, but there's a ceiling where counter-electronic warfare is sophisticated enough that there are easier ways to skin a cat that require fewer resources.

  • I don't get what you're saying Tom because it doesn't matter if the GPS thinks it's working fine the inertial guidance system will know it's not and the uav will stop believing what the GPS says.




    the point is since we know GPS is flawed you design systems that's as least reliant on it as possible, you use a sensor fusion of many sensors all checking each other. inertial guidance system can guide a uav to a target without the needs for gps yes it's not as accurate but you can jam or spoof it so the inertial guidance system would overrule the gps when the spoofing makes them disagree. Add in surface contour mapping and it gets even better.



    besides that none of this over comes the largest problem with spoofing you need to know where the UAV is going. Other ways spoofing it pointless


  • Spoofing is difficult to do, but given a few years I am sure there will be some tools out there for those that want to be mischievous.

    In order to work well the spoofer needs to know the location of the target. Then they need to introduce false satellite signals with enough power to overwhelm the real satellite signals (easy to do) and vary the timing of the signals to alter the position of the vehicle to any location they desire. So long as they don't alter the position faster than the GPS's internal tracking limits, they should be fine. Having an INS will not help you since the GPS thinks it is working fine. However, using the INS to get tighter tracking limits will help prevent spoofing.

    It seems to me the first line of defense against spoofing is to not broadcast your position. Time to encrypt those datalinks!


  • in ten years the drones will be smarter then us.


    but honestly this won't be very hard to overcome because this will only work on drones that use gps only. add in an inertial guidance system and a map matching program to double check (the same way they fight gps jammers) and this is pointless.


    let alone to spoof a drone you need to know where it's going and what it was going to do when it got there. it could happen but it's far less useful then plain old jamming as I see it.

  • It is quite true that this is to bring up fear in the audience (especially since it is from fox news), but we can't help but imagine that this becomes very easily achievable in 5-10 years.

    If you think about it, over 10 years ago, not very many people (civilians) have or have access to a drone. But now, with communities like DIY drones and RC stores, it is quite easy to make a drone for personal use, whether it be good or bad. So maybe 10 years from now, there will be instructions on how to do GPS spoofing and etc. But then, at that point, the government will most likely have implemented a higher security GPS signal.

  • It's possible we've already seen the first fatality resulting from GPS jamming (the Scheibel engineer in South Korea), and jamming should be even easier than spoofing.

    And spoofing isn't very hard!  Here's a report from a guy who did it relatively easily back in 2008: http://www.ne.anl.gov/capabilities/vat/pdfs/GPS-Spoofing-(2002-2003...  I wonder how much cheaper and smaller that equipment is now.

  • Yeah, I would classify this as fear mongering. Especially considering that the researchers they quote created a method to prevent GPS spoofing! Clearly, they had to develop a spoofing mechanism to prove that their prevention method works. I wonder why the news article failed to mention that there is already a solution to GPS spoofing?

    I'm not concerned about spoofing. While it is possible, the attacker is limited to introducing large errors to the UAV. 1 us of delay between the real signal and spoofed signal corresponds to roughly 1000ft in position. It will be very very difficult to replicate a GPS signal with adequate timing accuracy to gain control of a UAV. Confuse it and make it crash? sure. But jammers can do that already and those are significantly cheaper and easier to implement.

  • Is there any protection present in modern gps chips? I would imagine this could be based on data rate, or difference in signal power, etc.

    Also, in my opinion, this is a fear mongering post. This is certainly feasible, but not easy to do. A similarly difficult highjacking technique was recently discussed for spoofing a certificate authority using MD5 vulnerability (just google it).



This reply was deleted.