In this paper, we investigate the requirements for successful GPS spoofing
attacks on individuals and groups of victims with civilian or military
GPS receivers. In particular, we are interested in identifying
from which locations and with which precision the attacker needs
to generate its signals in order to successfully spoof the receivers.
We will show, for example, that any number of receivers can
easily be spoofed to one arbitrary location; however, the attacker is
restricted to only few transmission locations when spoofing a group
of receivers while preserving their constellation.
In addition, we investigate the practical aspects of a satellitelock
takeover, in which a victim receives spoofed signals after first
being locked on to legitimate GPS signals. Using a civilian GPS
signal generator, we perform a set of experiments and find the minimal
precision of the attacker’s spoofing signals required for covert