中文

GNSS Spoofing Detection in TDD Networks: A 3GPP Standards-Based Security Framework

网络与互联网体系结构 2026-07-13 v1 密码学与安全

摘要

Time Division Duplex (TDD) mobile networks require synchronization accuracy of ±\pm1.5 μ\mus (3GPP TS 38.104), with GNSS-disciplined grandmaster clocks as the predominant timing source. GNSS spoofing -- now a documented operational threat -- can corrupt timing across all downstream base stations, yet neither the 3GPP management framework (SA5) nor the security framework (SA3) provides standardized mechanisms to detect or report such attacks. This paper proposes a detection and monitoring framework operating within existing 3GPP management structures. The framework introduces GNSS timing alarms and performance counters aligned with TS 28.111 and TS 28.552, a topology-aware correlation mechanism that classifies anomalies by grouping gNB-DUs by serving grandmaster, and a security event bridging fault management with SECHAND incident handling (TR 33.894). Monte Carlo simulation demonstrates detection probability exceeding 95% for drift rates above 0.5 ns/s with false positive rates below 1% under well-provisioned PTP network conditions. The framework requires no new interfaces, is generation-agnostic, and is validated through scenario analysis distinguishing spoofing from signal loss, equipment faults, and maintenance transients.

引用

@article{arxiv.2607.11398,
  title  = {GNSS Spoofing Detection in TDD Networks: A 3GPP Standards-Based Security Framework},
  author = {Ravi Kant Sharma and John Owens and Kevin Kiernan},
  journal= {arXiv preprint arXiv:2607.11398},
  year   = {2026}
}

备注

13 pages, 5 figures, 7 tables