Shinan Liu,Xiang Cheng,Hanchao Yang,Yuanchao Shu,Xiaoran Weng,Ping Guo,Kexiong (Curtis) Zeng,Gang Wang,Yaling Yang

2021-01-01

Abstract:The GPS has empowered billions of users and various critical infrastructures with its positioning and time services. However, GPS spoofing attacks also become a growing threat to GPS-dependent systems. Existing detection methods either require expensive hardware modifications to current GPS devices or lack the basic robustness against sophisticated attacks, hurting their adoption and usage in practice. In this paper, we propose a novel GPS spoofing detection framework that works with off-the-shelf GPS chipsets. Our basic idea is to rotate a one-side-blocked GPS receiver to derive the angle-of-arrival (AoAs) of received signals and compare them with the GPS constellation (consists of tens of GPS satellites). We first demonstrate the effectiveness of this idea by implementing a smartphone prototype and evaluating it against a real spoofer in various field experiments (in both open air and urban canyon environments). Our method achieves a high accuracy (95%-100%) in 5 seconds. Then we implement an adaptive attack, assuming the attacker becomes aware of our defense method and actively modulates the spoofing signals accordingly. We study this adaptive attack and propose enhancement methods (using the rotation speed as the "secret key") to fortify the defense. Further experiments are conducted to validate the effectiveness of the enhanced defense.

Aneet Kumar Dutta,Sebastian Brandt,Mridula Singh

DOI: https://doi.org/10.48550/arXiv.2310.14885

2023-10-23

Abstract:The availability of cheap GNSS spoofers can prevent safe navigation and tracking of road users. It can lead to loss of assets, inaccurate fare estimation, enforcing the wrong speed limit, miscalculated toll tax, passengers reaching an incorrect location, etc. The techniques designed to prevent and detect spoofing by using cryptographic solutions or receivers capable of differentiating legitimate and attack signals are insufficient in detecting GNSS spoofing of road users. Recent studies, testbeds, and 3GPP standards are exploring the possibility of hybrid positioning, where GNSS data will be combined with the 5G-NR positioning to increase the security and accuracy of positioning. We design the Location Estimation and Recovery(LER) systems to estimate the correct absolute position using the combination of GNSS and 5G positioning with other road users, where a subset of road users can be malicious and collude to prevent spoofing detection. Our Location Verification Protocol extends the understanding of Message Time of Arrival Codes (MTAC) to prevent attacks against malicious provers. The novel Recovery and Meta Protocol uses road users' dynamic and unpredictable nature to detect GNSS spoofing. This protocol provides fast detection of GNSS spoofing with a very low rate of false positives and can be customized to a large family of settings. Even in a (highly unrealistic) worst-case scenario where each user is malicious with a probability of as large as 0.3, our protocol detects GNSS spoofing with high probability after communication and ranging with at most 20 road users, with a false positive rate close to 0. SUMO simulations for road traffic show that we can detect GNSS spoofing in 2.6 minutes since its start under moderate traffic conditions.

Cryptography and Security

Fengkui Chu,Hong Li,Mingquan Lu

DOI: https://doi.org/10.33012/2017.15107

2017-01-01

Abstract:Global Navigation Satellite System (GNSS) based positioning, navigation, and time synchronization services have a profound influence on human society. However, the fundamental system is vulnerable due to the low power and the public structure of GNSS signals. The traditional menace for GNSS is jamming which disables the positioning function of receivers. Unlike jamming, spoofing attacks could deviate a victim receiver's reported position away from the authentic one. It is more precarious since the victim is unware of this threat. To detect such spoofing, a consistency check approach of measured and calculated carrier Dopplers is proposed. The measured Dopplers are extracted from carrier tracking loops; the calculated Dopplers are formulated by motion information of the receiver and satellites. The feasibility of the proposed method lies in the fact that the calculated Dopplers would be abnormal compared with the measured Dopplers when a position fix is spoofed away from the authentic one. To put the proposed method into practice and illustrate its performance, a generalized likelihood ratio test (GLRT) based statistical detection model is established in this paper. The simulation results demonstrate the theoretical performance. Moreover, the effectiveness of the developed detection method is validated by a replay spoofing test on a GNSS software-defined receiver. Besides, the spoofing detection performance is improved by a smoothing technique.

Fei Wang,Hong Li,Mingquan Lu

DOI: https://doi.org/10.3390/s17071532

IF: 3.9

2017-01-01

Sensors

Abstract:Spoofing attacks are threatening the global navigation satellite system (GNSS). The maximum likelihood estimation (MLE)-based positioning technique is a direct positioning method originally developed for multipath rejection and weak signal processing. We find this method also has a potential ability for GNSS anti-spoofing since a spoofing attack that misleads the positioning and timing result will cause distortion to the MLE cost function. Based on the method, an estimation-cancellation approach is presented to detect spoofing attacks and recover the navigation solution. A statistic is derived for spoofing detection with the principle of the generalized likelihood ratio test (GLRT). Then, the MLE cost function is decomposed to further validate whether the navigation solution obtained by MLE-based positioning is formed by consistent signals. Both formulae and simulations are provided to evaluate the anti-spoofing performance. Experiments with recordings in real GNSS spoofing scenarios are also performed to validate the practicability of the approach. Results show that the method works even when the code phase differences between the spoofing and authentic signals are much less than one code chip, which can improve the availability of GNSS service greatly under spoofing attacks.

Yuqing Zhao,Feng Shen,Guanghui Xu,Guochen Wang

DOI: https://doi.org/10.3390/s21030929

2021-01-01

Abstract:The presence of spoofing signals poses a significant threat to global navigation satellite system (GNSS)-based positioning applications, as it could cause a malfunction of the positioning service. Therefore, the main objective of this paper is to present a spatial-temporal technique that enables GNSS receivers to reliably detect and suppress spoofing. The technique, which is based on antenna array, can be divided into two consecutive stages. In the first stage, an improved eigen space spectrum is constructed for direction of arrival (DOA) estimation. To this end, a signal preprocessing scheme is provided to solve the signal model mismatch in the DOA estimation for navigation signals. In the second stage, we design an optimization problem for power estimation with the estimated DOA as support information. After that, the spoofing detection is achieved by combining power comparison and cross-correlation monitoring. Finally, we enhance the genuine signals by beamforming while the subspace oblique projection is used to suppress spoofing. The proposed technique does not depend on external hardware and can be readily implemented on raw digital baseband signal before the despreading of GNSS receivers. Crucially, the low-power spoofing attack and multipath can be distinguished and mitigated by this technique. The estimated DOA and power are both beneficial for subsequent spoofing localization. The simulation results demonstrate the effectiveness of our method.

Yangjun Gao,Guangyun Li

DOI: https://doi.org/10.3390/s22124503

2022-06-14

Abstract:When satellite navigation terminal sensors encounter malicious signal spoofing or interference, if attention is not paid to improving their anti-spoofing ability, the performance of the sensors will be seriously affected. The global navigation satellite system (GNSS) spoofing has gradually become a research hotspot of the jammer because of its great harm and high concealment. In the face of more and more sensors coupling GNSS and inertial measurement unit (IMU) to varying degrees and configuring a variety of anti-spoofing techniques to effectively detect spoofing, even if the spoofer intends to gradually pull the positioning results, if the spoofing strategy is unreasonable, the parameters of the coupled filter output and spoofing observation measurement will lose their rationality, which will lead to the spoofing being detected. To solve the above problems, in order to effectively counter the non-cooperative target sensors of assembling loosely coupled GNSS/IMU using GNSS spoofing, based on the analysis of the influence mechanism of spoofing on the positioning of loosely coupled GNSS/IMU, a slowly varying spoofing algorithm to avoid loosely coupled GNSS/IMU with multiple anti-spoofing techniques is proposed in this paper, and a measurement deviation determination method to avoid multiple anti-spoofing techniques is proposed, which can gradually pull the positioning results of the coupled system and successfully avoid the detection of anti-spoofing techniques of innovation sequence monitoring and a rationality check on parameters. Simulation experimental results show that the proposed algorithm gradually changes the positioning of loosely coupled GNSS/IMU, the north and east displacements achieve the purpose of spoofing, and error with expected offset is -0.2 m and 2.3 m, respectively. Down displacement also basically achieves the purpose of spoofing, and error with the expected offset is 13.2 m. At the same time, the spoofer avoids the detection of multiple anti-spoofing techniques, does not trigger the system alarm, and realizes the purpose of spoofing; thus, the effectiveness and high concealment of the spoofing algorithm are verified.

Xiangyong Shang,Fuping Sun,Bodong Liu,Lundong Zhang,Jianyong Cui

DOI: https://doi.org/10.1109/tim.2022.3232668

IF: 5.6

2023-01-13

IEEE Transactions on Instrumentation and Measurement

Abstract:In recent years, various new portable global navigation satellite system (GNSS) spoofers have emerged that have become an important threat to the integrated inertial navigation system (INS)/GNSS. The spoofing strategies have become increasingly advanced, and the spoofer gradually adjusts the counterfeit signals to covertly take over the target receiver. The existing anti-spoofing algorithms based on INS/GNSS integration show the shortcomings of the reduced detection probability and the inability to mitigate spoofing. In this study, the multipath estimating delay lock loop (MEDLL), originally designed for multipath mitigation, is used in conjunction with INS to suppress the spoofing attacks. First, a bank of correlators is employed to estimate the spoofing and authentic signals. Second, a new spoofing validation and mitigation structure is proposed based on the tightly coupled INS/GNSS integrated system. Finally, the INS-aided reacquisition and spoofing suppression method is derived. The simulated INS measurements were used together with Texas Spoofing Test Battery datasets to evaluate the performance of the proposed anti-spoofing algorithm. The results showed that the spoofing attacks were detected within 1 s and the positioning errors decreased from 600 to 12.9 m. The proposed algorithm can suppress different types of spoofing attacks and ensure reliable positioning and timing results in various complex threat environments.

Li He,Hong Li,Mingquan Lu

DOI: https://doi.org/10.1007/s10291-019-0868-5

2019-01-01

GPS Solutions

Abstract:Recent years have witnessed the emergence of portable global navigation satellite spoofing devices. A variety of anti-spoofing techniques have been dedicated to detecting the presence of spoofing signals, most of which solely utilize either signal characteristics or navigational information. However, since the GNSS system is under continuous monitoring and control, there is a subtle consistency between the signal and the navigational information in authentic GNSS signals, which the spoofing signal can hardly counterfeit. Here, we present a new dual-antenna spoofing detection technique based on this consistency. The essence of this method is the precise estimations of the frequency difference of arrival between a pair of fixed antennas from both the carrier phase observations and the navigational information. When there is no spoofing signal, the observation should be consistent with the prediction. Otherwise, spoofing signals would probably break the consistency because of the geometric and motion discrepancies between GNSS satellites and the spoofing device(s). Theoretically, since the proposed method does not make any presumptions about the spoofer, it can detect moving spoofers and multi-antenna spoofers. We analyze the optimal detection method in three different situations, and the corresponding detection performances are both theoretically and numerically investigated. We also intensively conduct experiments with various configurations to prove the detection capabilities against various spoofing techniques and strategies.

Jian Wen,Hong Li,Zhongxiao Wang,Mingquan Lu

DOI: https://doi.org/10.33012/2019.17075

2019-01-01

Abstract:Global navigation satellite system (GNSS) is vulnerable to spoofing attacks. For the purpose to shut down a spoofing attack eventually, spoofer localization is necessary before further appropriate action. A crucial step before spoofer localization is to detect and discriminate spoofing signals from authentic ones, which is the main intention of this paper. When several sensors are available for spoofer localization, we can utilize the spatial information to achieve our goal. Existing works usually require time synchronization in advance via cables between the sensors, which is inconvenient. Therefore, in this paper, we propose a new method to detect and discriminate spoofing signals using multiple independent GNSS receivers, lifting the restriction of time synchronization in advance. This method makes use of common measurements provided by most commercial off-the-shelf (COTS) receivers, including code-based pseudorange and pseudorange rate. The principle and methodology of this method are explained in detail, and performance analysis is also given. At last, we carry out some field tests with Android smartphones to demonstrate the feasibility of this method.

Zhiyuan Chen,Hong Li,Zhou Ziheng,Mingquan Lu

DOI: https://doi.org/10.33012/2021.17965

2021-01-01

Abstract:Global Navigation Satellite System (GNSS) spoofing attacks and defensive countermeasures are developing rapidly. Aiming at misleading the estimation of a fake solution toward the victim receiver, spoofing attacks are likely to cause severe consequences. To this end, the deception is achieved by manipulating the information of pseudorange in most cases. Hence, the difference of pseudorange between spoofing and authentic signals can be an effective separation basis. In this paper, a new approach based on relative positioning is proposed to separate GNSS spoofing from authentic signals, which is capable of substituting the detection and classification investigated in conventional works. Monte Carlo simulations and outdoor experiments illustrate this point in the end.

Ziheng Zhou,Hong Li,Zhiyuan Chen,Minghan Zhong,Mingquan Lu

DOI: https://doi.org/10.33012/2022.18251

2022-01-01

Abstract:Aiming at fabricating a false positioning solution towards the victim user, spoofing attacks are nowadays challenging the security of Global Navigation Satellite Systems (GNSS). Due to the relative motion between the spoofer and victim user, the potential inconsistency involved in the measurement of Doppler shift could be an efficient basis to reveal the attacks. Although several researches on anti-spoofing techniques via measured Doppler have been developed, weaknesses in terms of implementation complexity and strict assumptions such as single-antenna spoofing still remain. To this end, Doppler Residual Monitoring (DRM) is proposed and investigated in this paper as a novel anti-spoofing scheme. Firstly, caused by the presence of the spoofing attacks, abnormal bias within the measured Doppler shifts is demonstrated based on the modeling of GNSS spoofing. Due to the difficulty in directly observing the Doppler bias concealed in the counterfeit signal, Doppler positioning technique is exploited to reveal this part of the variation in an indirect way. In particular, Doppler residual provided by Doppler positioning equations is proposed and the relationship between Doppler bias and Doppler residual is illustrated. More specifically, Sum of Squares of Errors (SSE), which denotes the sum of squares of Doppler residual, is utilized as the test statistics for spoofing detection. To further distinguish all the counterfeit signals, a random traversal technique is investigated in this paper. Moreover, Doppler Shift Difference (DSD) is proposed to match the spoofing signals with its transmitting antenna based on the discrimination results, which could be an essential basis for the anti-spoofing techniques towards multi-antenna spoofing scenario. Also provided is the analysis of the theoretical performance along with the simulation results. Finally, the validity of our method is demonstrated through field tests with two spoofing scenarios, where the spoofing attacks are respectively achieved by one antenna and two antennas. Without external facilities assistance, our DRM-based scheme could be a significant complement to the GNSS anti-spoofing techniques as a novel spoofing discrimination method.

Xiao Zhou,Hong Li,Mingquan Lu

DOI: https://doi.org/10.33012/2023.18631

2023-01-01

Abstract:Global navigation satellite system (GNSS) spoofing is an emerging threat to GNSS security while GNSS plays an important role in military and civilian fields. Recently, taking into account IMU's characteristics of no external dependence, as well as the low cost and high precision of cameras, graph optimization-based SLAM (Simultaneous Localization and Mapping) system that is coupled with GNSS measurements has been developed to achieve a more stable positioning performance. However, few existing GNSS spoofing detection methods can be directly adapted to this kind of system. According to our analysis, the residuals in graph optimization can reflect the consistency of different sensor measurements. We proposed a detector exploiting the pseudorange residuals in the graph optimization. After the initialization of coordinates, the proposed method can generate the detector based on raw GNSS/IMU/camera measurements. Experimental results in different GNSS spoofing scenarios have verified the detection performance of our method.

Lu Bai,Chao Sun,Andrew G. Dempster,Hongbo Zhao,Joon Wayn Cheong,Wenquan Feng

DOI: https://doi.org/10.1109/tim.2022.3154821

IF: 5.6

2022-01-01

IEEE Transactions on Instrumentation and Measurement

Abstract:The fifth-generation (5G) network can be used jointly with a global navigation satellite system (GNSS) to help relieve the problem of having few visible satellites in urban environments and achieve highly accurate localization. The 5G base stations (BSs) can provide range and angle measurements at a much higher rate than GNSS. However, this benefit has not been fully employed by existing GNSS-5G hybrid methods. In addition, the near–far effect of 5G BS causes a large dynamic range of the measurement noise uncertainty. This challenge has not been well dealt with by the existing adaptive noise estimation methods, resulting in the decline of positioning accuracy and system convergence. This work proposes a multiple-rate adaptive Kalman filter (MRAKF) for GNSS-5G hybrid positioning with a hybrid sequential fusing scheme. It supports the fusion of GNSS and 5G measurements at different data rates to better employ the high-rate 5G measurements. A distance-dependent model is derived to quantitatively characterize the effect of BS-user equipment (UE) distance over the measurement noise covariance, leading to a proactive measurement uncertainty prediction algorithm to adaptively adjust the observation noise covariance matrix. Furthermore, a switchover strategy is proposed to switch its positioning mode to avoid the impact of variation of available line of sight (LOS) BSs. Both simulations and a real driving test were carried out. Results show that the proposed MRAKF method significantly improves the positioning accuracy compared with the other four adaptive noise estimation methods and the standard EKF. It requires the lowest computation complexity among all adaptive methods in this work.

engineering, electrical & electronic,instruments & instrumentation

Jiajia Chen,Xueying Wang,Zhibo Fang,Cheng Jiang,Ming Gao,Ying Xu

DOI: https://doi.org/10.3390/electronics13061134

IF: 2.9

2024-03-21

Electronics

Abstract:The vulnerability of civil receivers of the Global Satellite Navigation System (GNSS) to spoofing jamming has raised significant concerns in recent times. Traditional multi-antenna spoofing detection methods are limited in application scenarios and come with high hardware costs. To address this issue, this paper proposes a novel GNSS spoofing detection method utilizing three low-cost collinear antennas. By leveraging the collinearity information of the antennas, this method effectively constrains the observation equation, leading to improved estimation accuracy of the pointing vector. Furthermore, by employing a binary statistical detection model based on the sum of squares (SSE) between the observed value and the estimated value of the pointing vector, real-time spoofing signal detection is enabled. Simulation results confirm the efficacy of the proposed statistical model, with the error of the skewness coefficient not exceeding 0.026. Experimental results further demonstrate that the collinear antenna-based method reduces the standard deviation of the angle deviation of the pointing vector by over 55.62% in the presence of spoofing signals. Moreover, the experiments indicate that with a 1 m baseline, this method achieves 100% spoofing detection.

engineering, electrical & electronic,computer science, information systems,physics, applied

Nianzu Gu,Fei Xing,Zheng You

DOI: https://doi.org/10.3390/s21206769

IF: 3.9

2021-01-01

Sensors

Abstract:Spoofing attacks are one of the severest threats for global navigation satellite systems (GNSSs). This kind of attack can damage the navigation systems of unmanned air vehicles (UAVs) and other unmanned vehicles (UVs), which are highly dependent on GNSSs. A novel method for GNSS spoofing detection based on a coupled visual/inertial/GNSS positioning algorithm is proposed in this paper. Visual inertial odometry (VIO) has high accuracy for state estimation in the short term and is a good supplement for GNSSs. Coupled VIO/GNSS navigation systems are, unfortunately, also vulnerable when the GNSS is subject to spoofing attacks. The method proposed in this article involves monitoring the deviation between the VIO and GNSS under an optimization framework. A modified Chi-square test triggers the spoofing alarm when the detection factors become abnormal. After spoofing detection, the optimal estimation algorithm is modified to prevent it being deceived by the spoofed GNSS data and to enable it to carry on positioning. The performance of the proposed spoofing detection method is evaluated through a real-world visual/inertial/GNSS dataset and a real GNSS spoofing attack experiment. The results indicate that the proposed method works well even when the deviation caused by spoofing is small, which proves the efficiency of the method.

Dingbo Yuan,Hong Li,Mingquan Lu

DOI: https://doi.org/10.1007/978-3-642-54737-9_66

2014-01-01

Abstract:GNSS spoofing is extremely deceitful and destructive because it can lead victim receivers to output misleading time and position information. Therefore, timely and low cost spoofing detection and mitigation is of great importance for critical GNSS applications and services. This paper presents a method for GNSS spoofing mitigation based on joint detection of code Doppler and carrier Doppler in acquisition. Subsequently, the performance of the method is evaluated. Theoretical and simulation results demonstrate that the method is effective, and it does not require additional hardware.

Yuqing Zhao,Feng Shen,Dingjie Xu,Zhen Meng

DOI: https://doi.org/10.1109/icemi59194.2023.10270233

2023-01-01

Abstract:A novel antenna array-based spoofing defense scheme for the Global Navigation Satellite System (GNSS) is developed in this paper. The basis of the proposed approach is the spatial processing, which can be divided into two successive steps. In the first step, to identify and suppress the spoofing under the noise level, we build a cyclic correlation matrix to provide the direction of arrival (DOA) of the incoming signals. A robust adaptive beamforming process based on eigenspace projection is then designed to eliminate the spoofing in the second step. In particular, the proposed technique is capable of adaptively eliminating spoofing while providing protection to the desired navigation signals. By exploiting the digitised baseband signals, our framework avoids acquiring and tracking all arriving signals, reducing the receiver's computational load. The effectiveness of our anti-spoofing strategy is illustrated by the simulation experiments.

Hao Wang,Hong Li,Mingquan Lu

DOI: https://doi.org/10.33012/2023.18633

2023-01-01

Abstract:Global Navigation Satellite System (GNSS) spoofing is one of the most dangerous attacks, with the purpose of inducing false information and maliciously manipulating the positioning and timing results of GNSS applications. To protect the safety of the GNSS, a lot of anti-spoofing methods have been well-researched. Most of them are based on the single-antenna assumption, where multiple spoofing signals are transmitted from the same spoofing antenna. However, these methods would fail when confronted with distributed spoofing attacks. This type of spoofing attack simulates a scenario where authentic signals are coming from satellites in different directions by utilizing multiple transmitting antennas, more covert and more threatening. The calibrated antenna array can be utilized to cope with such threats. It compares whether the signal direction estimated by the antenna array and the expected signal direction obtained from the ephemeris message is consistent to detect spoofing signals. However, utilizing an antenna array is of high complexity both in the aspects of hardware and software. Besides, the antenna array needs to be calibrated in advance to compensate relative phase and gain of the antenna elements, which is inconvenient in practical use. The idea presented in this paper intends to overcome such limitations, based on the rotating dual antennas. Our method is able to detect spoofing attacks both utilizing single or multiple antennas. Furthermore, compared with the methods with the calibrated antenna array, the number of antenna elements is reduced by utilizing the rotating characteristics of antennas and no calibration process should be conducted. The performance analysis is supported by several simulation tests and field experiments, to prove the effectiveness of the proposed method.

Jian Wen,Hong Li,Mingquan Lu

DOI: https://doi.org/10.33012/navi.511

2022-01-01

NAVIGATION Journal of the Institute of Navigation

Abstract:Global navigation satellite systems (GNSS) are vulnerable to spoofing attacks. To shut down a spoofer, it is necessary to locate the spoofer first. Many spoofer localization systems use long cables for the synchronization of multiple receivers. However, a flexible spoofer localization system free from cables is sometimes essential so the receivers can move freely and are flexible to deploy. This paper solves two major problems in developing such a system: spoofing discrimination without requiring synchronization and having an effective method using asynchronous raw measurements with no other assistance. First, this paper proposes to use the extended pseudorange double-difference method to discriminate spoofing signals. The performance is then analyzed and the effectiveness is verified. Then, a quasi-synchronization spoofer localization method (QSSL) is proposed, and it is verified that its localization performance can attain the Cramer-Rao lower bound. Above all, a field experiment demonstrates the effectiveness of the proposed methods and the feasibility of such system.

Hao Wang,Xiaoming Zhang,Ziheng Zhou,Zhiyuan Chen,Mingquan Lu,Hong Li

DOI: https://doi.org/10.33012/2022.18452

2022-01-01

Abstract:Global navigation satellite system (GNSS) is under the threat of spoofers that can spoof GNSS timing and positioning results by transmitting fake signals, leading to serious consequences. A lot of anti-spoofing methods have been proposed, among which the spoofing direction-finding methods play an important role in this field. It enables users to locate the spoofers and take the initiative to eliminate these attacks from the source. The antenna arrays are typically utilized in most spoofing direction-finding methods, which are of high complexity in the aspects of both software and hardware. To reduce the system complexity, this paper proposes a method for spoofing direction-finding with the short baseline rotating dual antennas. In the process of spoofing discrimination, a Sinusoidal Detection of the Double Differences (SD3 ) method is proposed to improve the robustness of discrimination. By utilizing the rotating characteristics, the effect of measurement ambiguity and geometric ambiguity is largely eliminated. The theoretical analysis and all-day simulations are conducted to compare the performance between the Dispersion of the Double Differences (D3 ) method and the SD3 method, showing that the SD3 method is more robust with a smaller probability of the Detection Dead Zones (DDZ). In the process of spoofing direction-finding, the antenna baseline attitudes at different times are estimated by utilizing the measurements of authentic signals through the Kalman Filtering (KF) algorithm. And then, the parabolic and linear interpolations are adopted to estimate the location of zero and peak points, further reducing the computational complexity. All of the processes can be completed within a single rotation period, providing real-time protection in GNSS applications. Some theoretical analysis and field tests have been conducted, and it shows that the accuracy of direction-finding is better than 1 degree when the sampling interval is properly selected.