<!DOCTYPE article PUBLIC "-//NLM//DTD JATS (Z39.96) Journal Archiving and Interchange DTD v1.0 20120330//EN" "JATS-archivearticle1.dtd">
<article xmlns:xlink="http://www.w3.org/1999/xlink">
  <front>
    <journal-meta />
    <article-meta>
      <title-group>
        <article-title>Machine Learning Assessment of Anti-Spoofing Techniques for GNSS Receivers</article-title>
      </title-group>
      <contrib-group>
        <contrib contrib-type="author">
          <string-name>Gabriel Marchand</string-name>
          <xref ref-type="aff" rid="aff0">0</xref>
        </contrib>
        <contrib contrib-type="author">
          <string-name>Abdelmalek Toumi</string-name>
          <xref ref-type="aff" rid="aff0">0</xref>
        </contrib>
        <contrib contrib-type="author">
          <string-name>Gonzalo Seco-Granados</string-name>
          <xref ref-type="aff" rid="aff1">1</xref>
        </contrib>
        <contrib contrib-type="author">
          <string-name>José A. López-Salcedo</string-name>
          <xref ref-type="aff" rid="aff1">1</xref>
        </contrib>
        <aff id="aff0">
          <label>0</label>
          <institution>Lab-STICC UMR CNRS 6285 ENSTA Bretagne</institution>
          ,
          <addr-line>Brest</addr-line>
          ,
          <country country="FR">France</country>
        </aff>
        <aff id="aff1">
          <label>1</label>
          <institution>Universitat Autònoma de Barcelona (UAB), IEEC-CERES</institution>
          ,
          <addr-line>Bellaterra</addr-line>
          ,
          <country country="ES">Spain</country>
        </aff>
      </contrib-group>
      <abstract>
        <p>Global Navigation Satellite Systems (GNSS) are often the target of malicious attacks and interferences, mainly spoofing, thus posing a significant threat to both civilian and military equipment, and therefore necessitating efective detection and identification of such attacks. In this 'Work-in-Progress' paper, we propose the application of Machine Learning neural networks, a methodology proven highly efective in fields like cyberattack detection, to identify spoofing events across various scenarios. Our approach consists in computing non-time related metrics from a dataset of known spoofed signals, using the observables and signal-level measurements provided by a GNSS software receiver. The training is validated on both spoofed and clean scenarios to ensure a comprehensive approach. Furthermore, we provide a description of the feature's importance in the decision-making process of the model.</p>
      </abstract>
    </article-meta>
  </front>
  <body>
    <sec id="sec-1">
      <title>1. Introduction</title>
      <p>To meet the needs of the United States armed forces, the first model of a satellite geolocation
system, TRANSIT, was implemented in the early 1960s. Developed by the U.S. Navy, TRANSIT
was quickly followed by more sophisticated models, particularly the Global Navigation Satellite
System (GNSS), which was the first satellite-based geolocation system open to civilians.s. Since
then, the Geolocation and Navigation Satellite System (GNSS) technology has made enormous
progress and has become indispensable for a plethora of uses in daily life. It has become a major
economic and political issue, hence the development of the Galileo and Beidou-3 systems by
European and Chinese respectively. Its architecture and functioning make it an easy target for
malicious attacks: in the recent years, successful attempts of spoofing and jamming by rogue
states or academic figures have shifted the debate on the urgent need to detect attacks and
mitigate the damage. Civil GPS, which are embarked in civil transportation facilities, mainly
boats or cars, are particularly vulnerable to this kind of threats but occurrences of jacking of
secured military utilities have also been reported, e.g. Iran allegedly stole a US Air Force drone
using low-cost spoofing [1].</p>
      <p>Spoofing involves transmitting counterfeit GNSS-like signals to generate a false position in
the target receiver without disrupting GNSS operations, ultimately gaining control over the
receiver. This technique entails mimicking a false signal that shares the same code phase, carrier
frequency, and Doppler frequency shift as the authentic navigation satellite signal, thereby
enabling interference and signal capture.</p>
      <p>Many counter techniques have been developed and published in the recent years, the majority
focusing on analyzing signal level characteristics in order to trigger alarms when abnormal
behavior is detected. They cover mainly disruption detection, for instance an abrupt change in
either amplitude, beat carrier phase, code phase, and primarily power monitoring (RPM). In that
sense, signal quality monitoring (SQM) consists in detecting distortions in the correlation peak
that results from the correlation of the received signal and the local replica. For instance, among
these SQM techniques, the most common metrics are often the delta and ratio tests [2], even
though a wide range of similar metrics have also been proposed in the literature. Moreover,
authentication of the signal by verifying the origin and integrity of signals is used to identify
and prevent unauthorized or counterfeit transmissions [1].</p>
      <p>In the past two decades, the integration of machine learning into practical, real-world
applications has experienced a remarkable surge, including the improvement of GNSS navigation
performance.[3] Despite this massive expansion to very various domains, GNSS spoofing
detection through machine learning implementation is fairly restrained [4, 5, 6, 7, 8]. Many of
these works involve detection techniques that require PVT observables, and thus they cannot
be applied until the GNSS receiver has succeeded in obtaining a position fix, which may take
several seconds in cold start.</p>
      <p>In this paper, we provide a comparative analysis of many of the existing anti-spoofing
techniques when they are tested in a common framework comprising the same GNSS software
receiver and the same input datasets of spoofed signals. To do so, a layer of machine learning
algorithms is implemented in order to gather all the outputs provided by the considered
antispoofing techniques, and then to determine the relevance of such techniques on the model
decision process that is followed by the machine learning algorithms. Machine learning’s
greatest strength lies in its ability to discover patterns, outliers and hidden relationships in vast
and intricate amounts of data, and therefore this feature is expected to help in unveiling which
are the most efective anti-spoofing techniques among those being considered. It is important
to remark that the input data for the machine learning algorithms (in our case, the output of
the anti-spoofing techniques) often requires pre-processing such data through techniques like
removal, cross-combination, and scaling, rather than directly converting these data into binary
data (i.e. hard-decisions) for triggering alerts. These pre-processed data is then used as input for
the machine learning model, which generates binary output predicting the presence of spoofing
[9].</p>
      <p>Once the introduction and motivation of this paper has been introduced, the remaining of this
paper is structured as follows. The problem statement and the specific tasks that are conducted
in the present work are briefly presented in Section 2. Next, a high-level explanation of the
mathematics and technology used in this work is introduced in Section 3. The fundamentals
of the considered Machine Learning architecture and its explicit the features are discussed in
Section 4. Finally, the experimental setup is described in Section 5 and conclusions are drawn
in Section 6.</p>
    </sec>
    <sec id="sec-2">
      <title>2. Problem Statement</title>
      <p>This work has two primary objectives. Firstly, we aim at developing a robust and eficient
spoofing detection system that leverages machine learning techniques, including both
traditional algorithms and neural networks to practically predict a malicious spoofing attempt. In
parallel, we collect metrics recently introduced in the literature along with exclusive metrics to
retrospectively evaluate their weight in the machine learning process. The ultimate goal is to
establish a ranking that reflects the efectiveness of each metric in detecting spoofing attempts.
By combining a sophisticated detection system with a comprehensive understanding of the
factors influencing its success, we hope to enhance the overall reliability and practicality of our
approach.</p>
      <p>To achieve this, we will:
• Analyze multiple datasets containing both genuine and spoofed GNSS signals.
• Investigate, extract and build relevant features and metrics for spoofing detection using a
software receiver.
• Train and evaluate a machine learning neural network to identify the most efective
approach.
• Assess the impact of diferent features on the decision-making process of the models.
• Validate the performance of the developed system in realistic scenarios.</p>
    </sec>
    <sec id="sec-3">
      <title>3. Signal Model and Software Receiver</title>
      <sec id="sec-3-1">
        <title>3.1. Signal Model</title>
        <p>
          A typical GNSS signal can be represented in a simplified manner by Eq (
          <xref ref-type="bibr" rid="ref1">1</xref>
          ) [10],
(; , , ) = ()() cos(2  + ())
(
          <xref ref-type="bibr" rid="ref1">1</xref>
          )
where (; , , ) is the received signal at time ,  is the amplitude of the signal, which
is related to the signal power, () is the data-modulated signal containing the bits of the
navigation message, () is the spreading code or the pseudorandom noise (PRN) code,  is the
carrier frequency and () is the carrier phase.
        </p>
        <p>
          In a spoofing attack, the attacker generates a counterfeit GNSS signal, sp(), that closely
resembles the genuine signal, gn(). The goal is to deceive the GNSS receiver into locking
onto the counterfeit signal instead of the genuine one. The received signal in the presence of a
spoofing attack can be modeled by Eq (
          <xref ref-type="bibr" rid="ref2">2</xref>
          ) given in [5]:
() = gn( −  gn; gn, ,gn, gn) + sp( −  sp; sp, ,sp, sp) + ()
(
          <xref ref-type="bibr" rid="ref2">2</xref>
          )
where gn() is the genuine GNSS signal and sp() is the counterfeit GNSS signal generated by
the spoofer,  is the propagation delay and () is the additive noise.
        </p>
        <p>The signal model forms the basis for feature extraction and analysis in the subsequent stages
of our spoofing detection system. By exploring the diferences between genuine and counterfeit
GNSS signals, we can identify meaningful features and metrics that can be used as input for the
machine learning models.</p>
      </sec>
      <sec id="sec-3-2">
        <title>3.2. Software Receiver: A High-Level Overview</title>
        <p>A GNSS software receiver is a GNSS receiver that processes the received signals using software
algorithms. It consists of several modules working together to acquire, track, and decode the
GNSS signals. These modules operate in a synchronized manner to compute the position,
velocity, and time (PVT) information [11]. The main components of a software receiver are
summarized in Fig. 1 and briefly described below:
• Signal Acquisition: This module searches for and acquires the GNSS signals transmitted
by the satellites. It correlates the incoming signals with locally generated replicas of the
PRN codes to determine the time delay and Doppler frequency shift.
• Signal Tracking: Once a signal is acquired, the tracking module continuously adjusts
the local replicas of the PRN code and carrier frequency to keep them aligned with the
incoming signal. This process involves adjusting the code delay and carrier frequency
using tracking loops, such as the code phase tracking loop and the carrier phase tracking
loop.
• Demodulation and Decoding: After tracking the signals, the receiver demodulates and
decodes the navigation data. This information includes satellite ephemeris, clock corrections,
and other auxiliary data. These data are essential for calculating the PVT solution.</p>
        <p>• PVT Calculation: The receiver uses the decoded navigation data and the measured
pseudoranges to compute the PVT solution. This calculation involves solving a set of nonlinear
equations, which can be done using various algorithms, such as the least squares method
or the extended Kalman filter.</p>
      </sec>
    </sec>
    <sec id="sec-4">
      <title>4. Neural Network, Features and Input Data</title>
      <sec id="sec-4-1">
        <title>4.1. Neural Network</title>
        <p>Neural Networks are a subset of machine learning, mimicking the structure and function of
biological neural networks, like the ones found in the human brain. It is typically structured
with an input layer, one or multiple hidden layers and an output layer, they are well suited for
modeling non-linear relationships. Therefore they have been increasingly used in various fields,
from image recognition to language processing [5]. In this work, we choose to focus on one in
particular:</p>
        <p>The Multi-Layer Perceptron is a type of feedforward artificial neural network that consists
of multiple layers of interconnected neurons. These connections have associated weights
that are adjusted during the training process. The network learns to optimize these weights
using an algorithm such as backpropagation, which minimizes the error between the predicted
output and the actual target values. MLP is convenient in our case for multiple reasons. Firstly,
it is a complex enough model to be able to handle complex and high-dimensional data to
sense the outliers and patterns in non-linear relationships. Secondely, despite being highly
eficient in most cases, it remains a fairly straightforward and computationally light algorithm
in our particular architecture. This eficiency also facilitates the empirical search for optimal
parameters through methods such as grid search[12].</p>
      </sec>
      <sec id="sec-4-2">
        <title>4.2. Features Descriptors</title>
        <p>To train and evaluate the performance of our machine learning models, we extract a set of
features from the received GNSS signals. The following metrics are used for feature extraction[13]
[14]:
• Carrier to noise spectral density (/0): It measures the strength of the GNSS signal
relative to the noise level. It is an essential metric to assess signal quality and can be
afected by spoofing attacks.</p>
        <p>
          The /0 is computed by first calculating the signal power  and noise variance  2 from
the tracked signal. Specifically, the signal power is calculated as  = 2 + 2 , where 
and  represent the in-phase and quadrature components of the signal. We plot it in Fig.
2. In that case, the scenario being a 10 dB power advantage, the metric is expected to raise,
suggesting there might be an issue. The dataset involves a 2 ms (milliseconds) time delay
or ’push’, also described as a ’two chip delay’, the signal is delayed by the duration of two
pulses. In our case the software receiver, never being able to locate the newest strongest
peak, is keeping track of the authentic signal instead of tracking the spoofed signal.
The noise variance  2 is obtained from the deviation of the noise level from its mean over
a certain interval. The /0 is then given by the formula:
(
          <xref ref-type="bibr" rid="ref3">3</xref>
          )
(
          <xref ref-type="bibr" rid="ref4">4</xref>
          )
(
          <xref ref-type="bibr" rid="ref5">5</xref>
          )
(
          <xref ref-type="bibr" rid="ref6">6</xref>
          )
∆  () = , () − , ()
        </p>
        <p>
          2 ()
In this equation, , () and , () correspond to early and late taps, respectively, which
are  seconds ahead and behind the prompt tap  () in the in-phase component at time .
Since the delta test exhibits symmetry, [∆  ()] = 0 under conditions free from multipath
and spoofing.
• Quadrature discriminant metric: This metric is similar to the delta metric, but for the
quadrature component. It is represented as  and calculated as follows in Eq (
          <xref ref-type="bibr" rid="ref4">4</xref>
          ):
where the   factor is the time duration over which the signal power and noise variance
are averaged.
• The delta metric (∆  ()): is used as a metric for detecting spoofing and it is based on
computing the following ratio [13]:
• Early-late phase metric ( ): This metric captures the phase diference between early
and late taps. It can help detect spoofing and multipath efects. It is calculated in Eq (
          <xref ref-type="bibr" rid="ref5">5</xref>
          ):
Qdiscr =
, () − , ()
        </p>
        <p>
          2 ()
ELP = arctan
︂( , ()
, () −
, () )︂
, ()
(
          <xref ref-type="bibr" rid="ref7">7</xref>
          )
(
          <xref ref-type="bibr" rid="ref8">8</xref>
          )
(
          <xref ref-type="bibr" rid="ref9">9</xref>
          )
• In-phase and quadrature ratio discriminant metrics ( and ): These metrics measure
the ratio between the sum of early and late taps and the prompt tap for both in-phase and
quadrature components, respectively, as given in Eq (
          <xref ref-type="bibr" rid="ref6">6</xref>
          ) and Eq (
          <xref ref-type="bibr" rid="ref7">7</xref>
          ):
RD =
RD =
, () + , ()
2 ()
        </p>
        <p>,
, () + , ()</p>
        <p>
          2 ()
• Magnitude Diference Metric (   ): This metric evaluates the diference between the
magnitudes of the early and late taps normalized by the prompt tap magnitude. It can
help detect spoofing attacks. It is calculated in Eq (
          <xref ref-type="bibr" rid="ref8">8</xref>
          ):
        </p>
        <p>MD =
√︀, ()2 + , ()2 −</p>
        <p>
          √︀, ()2 + , ()2
√︀ ()2 +  ()2
• Q-channel Signal Quality Monitoring (SQM) metric: It is also denoted as sqm, is a novel
SQM metric proposed in [15] to address the limitations of traditional SQM metrics, such
as limited spoofing detection accuracy and low robustness due to false alarms caused by
environmental efects like multipath. Traditional SQM metrics are mainly constructed
based on the in-phase correlator outputs in the tracking loop of a GNSS instrument. During
a spoofing attack, the interaction between genuine and fake signals may lead to a transfer
of correlation energy into the quadrature channel. This abnormal quadrature channel
energy serves as the primary indicator for the sqm metric. In the absence of spoofing,
the typical value of Q-channel energy is 0, while the typical value of I-channel energy is
large and nonzero. When spoofing is present, even a weak abnormal energy can quickly
appear in the Q-channel. The metric is given in Eq (
          <xref ref-type="bibr" rid="ref9">9</xref>
          ):
SQM =
√︃
︂( , () )︂ 2 (︂ , () )︂ 2
        </p>
        <p>
          +
 ()
 ()
(
          <xref ref-type="bibr" rid="ref10">10</xref>
          )
• Partial Correlation: It is computed by means of the cumulative sum of the samples
comprising a bit period. When attempting spoofing, the attacker will struggle to instantly
know what to output in the first instant of a bit sign change, thus often giving a null or
random output. This phenomenon is highlighted in the right hand of Fig. 3, where the
presence of random guesses of the bit during the first samples of the bit period causes
the cumulative sum to stagnate for a while. In contrast, for the case of a clean signal, the
cumulative sum follows its linear regression nicely. The idea of this technique is to exploit
this phenomenon by computing the correlation between the first and last samples of the
bit period [16].
• Custom CCAF Metric: We compute the Cross-Ambiguity Function (CCAF) periodically,
every second before the tracking loop when this computation is traditionally only done
during the acquisition process. The CCAF can be useful to spot the presence of multiple
signals even in cases where the spoofing is inaccurate and the counterfeit peak is
significantly distant from the authentic signal by computing the correlation over both the
Doppler frequency and code delay [17]. On the other hand, the computation is heavier and
longer in time than other metrics proposed. In the matlab code, we reduced the calculation
in an specific area around the first peak found: the computation is faster but the spoofer
signal’s peak could be missed. In our custom metric, we analyze the CCAF to identify the
two largest peak values, which can correspond to the authentic and counterfeit signals:
after finding the first peak, we erase and replace a given area around this peak by the
average noise level before grid searching for the highest peak.
        </p>
        <p>
          The metric is computed using with Eq (
          <xref ref-type="bibr" rid="ref10">10</xref>
          ):
where 1 represents the largest peak value and 2 represents the second-largest peak
value of the CCAF. This custom metric helps us assess the impact of spoofing on the CCAF
over time, by quantifying the relative diference between the two most prominent peaks.
As an example, Fig. 4 displays the CCAF when there is spoofing, where one can see that
two peaks do appear, thus indicating the presence of two simultaneous GNSS signals, one
of which must be the spoofed signal.
• SAM Metric: We adapted a metric originally designed for multipath detection, as described
in [18], to suit our needs. The Slope Asymmetry Metric (SAM) is based on comparing the
left and right slopes of the received signal correlation peak. Ideally, both slopes should be
equal (but sign reversed), and their sum should be close to zero. The metric was developed
primarily for static multipath scenarios, but we have adjusted it to be applicable in our
A = ⎢⎢⎣32 11⎥⎦⎥ ,
Let y and y be the 4 × 1 column vectors containing the corresponding correlation
values:
        </p>
        <p>⎡1⎤
y = ⎢⎢⎣23⎥⎦⎥ ,
4</p>
        <p>⎡1⎤
y = ⎢⎢⎣23⎥⎦</p>
        <p>⎥
4
︂[ ]︂</p>
        <p>
          AA 
context. Using Least Squares Regression on four points of each side of the correlation
function centered on its peak, the sum of the two slopes is the metric used to detect any
spoofing. Starting from the least squares regression, we can use the normal equations
to find the slopes for the left and right sides of the correlation function. Given 4 points
on each side, we can express the problem in matrix form. Let A and A be the 4 × 2
matrices for the left and right sides respectively, where the first column contains the time
shift values  and the second column is filled with ones:
(
          <xref ref-type="bibr" rid="ref12">12</xref>
          )
(
          <xref ref-type="bibr" rid="ref13">13</xref>
          )
(
          <xref ref-type="bibr" rid="ref14">14</xref>
          )
(
          <xref ref-type="bibr" rid="ref15">15</xref>
          )
(
          <xref ref-type="bibr" rid="ref16">16</xref>
          )
The normal equation for each side can be expressed as:
        </p>
        <p>︂[ ]︂
AA 
= Ay,
= Ay
These normal equations can be solved to obtain the slope and intercept (, , , )
for each side. In matrix notation, these solutions would be:
︂[ ]︂

= (AA)− 1Ay,</p>
        <p>
          = (AA)− 1Ay
︂[ ]︂

After obtaining the slopes  and , we can calculate the Slope Asymmetry Metric
(SAM) as the sum of the two slopes in Eq (
          <xref ref-type="bibr" rid="ref15">15</xref>
          ):
        </p>
        <p>SAM =  +</p>
        <p>A significant deviation of the SAM metric from zero would indicate potential spoofing.</p>
      </sec>
      <sec id="sec-4-3">
        <title>4.3. Input Datasets</title>
        <p>In this study, we employ two publicly available datasets to evaluate the performance of our
machine learning models, namely the Texas Spoofing Test Battery (TEXBAT) provided by
the University of Texas at Austin, and the Oak Ridge Spoofing and Interference Test Battery
(OAKBAT) from the US Oak Ridge National Laboratory. These datasets consist of diverse
scenarios of spoofed GPS L1 C/A signals, as well as the baseline clean scenarios.
• TEXBAT dataset [19]: The Texas Spoofing Test Battery (TEXBAT) is a collection of six
highifdelity digital recordings of live static and dynamic GPS L1 C/A spoofing tests, conducted
by the Radionavigation Laboratory of the University of Texas at Austin. The purpose of
TEXBAT is to serve as the data component of an evolving standard aimed at defining spoof
resistance for civil GPS receivers. The recordings capture a wide range of bandwidth and
quantization considerations to support the evaluation of various authentication techniques.
TEXBAT includes six spoofing attack scenarios and two clean datasets, with parameters
such as spoofing type, platform mobility, power advantage, frequency lock, noise padding,
and file size. The battery enables researchers to develop and evaluate spoofing detection
techniques by studying the response of GPS L1 C/A receivers to the diferent spoofing
attack scenarios presented in TEXBAT [20].
• OAKBAT dataset [21]: The OAKBAT dataset is a more recent dataset explicitly designed for
GNSS spoofing detection research. It has been developed following the same methodology
as the TEXBAT dataset to provide more data for researchers as those specific resources have
proven to be scarce. This collection of digitized RF signals serves as both a complementary
"sibling" and an advancement to the widely used TEXBAT dataset. It comprises both
authentic and spoofed GNSS signals collected in controlled environments, with the latter
being generated using a commercially available signal simulator. The OAKBAT dataset
consists of 16 unique datasets, with eight sets containing only the GPS L1 C/A signal and
another eight sets containing only the Galileo E1 signal. Each group has two spoof-free,
clean baseline sets and six sets with various degrees and types of spoofing. The datasets
share several common parameters and are designed with reproducibility and accessibility
in mind, making it an invaluable resource for researchers in the field of GNSS security
and robustness.</p>
      </sec>
    </sec>
    <sec id="sec-5">
      <title>5. Results</title>
      <sec id="sec-5-1">
        <title>5.1. Experimental Setup</title>
        <p>Our experimental setup comprises three main components: downloading spoofing or clean
scenarios from the TEXBAT and OAKBAT datasets, processing the scenarios through a modified
version of our software receiver to extract and build desired metrics, and building a machine
learning neural network using these metrics as input.</p>
        <p>1. Datasets: We aimed to include a diverse range of scenarios from both TEXBAT and
OAKBAT datasets. In our experiments, we specifically used the Scenario 2 dataset from the
TEXBAT collection, referred herein as ’ds2’. This scenario, also known as Static Overpowered
Time Push (SOTP), features a spoofing attack where the spoofer has a 10 dB power advantage
over the authentic signal ensemble. This scenario showcases the efects of a timing attack with
a significant power advantage, forcing authentic signals into the noise floor and making the
interaction between authentic and counterfeit signals less apparent. We also used the scenario
2 of the OAKBAT dataset, herein referred as ’os2’, which gives similar features. To have a more
complete training, we also used the two clean of spoofing static scenarios from both datasets. As
a validation feature, scenario 4, herein referred as ’os4’, of the OAKBAT dataset will be utilized.</p>
        <p>2. Data Processing: We employed the FGI-GSRx software receiver for signal processing
and analysis, which is provided as a companion software to [22]. Developed by the Finnish
Geospatial Research Institute (FGI), this versatile GNSS software-defined radio tool is built with
MATLAB, allowing users to process and analyze GNSS signals, which is particularly useful for
research purposes. In our study, we used the FGI-GSRx software to evaluate the performance of
spoofing detection techniques. We input the entire dataset into the software receiver but we
focus on a shortened sample, which spans from approximately 10 seconds before the start of
spoofing to 10 seconds after, according to the timestamps given by [ 19] for the TEXBAT dataset
and [21] for OAKBAT.</p>
        <p>For the non-spoofed scenarios, we compute from 100 to 120 seconds for the TEXBAT dataset
and 110 to 130 seconds for the OAKBAT dataset. As a result, most metrics comprise 20,000
epochs, given that observations are obtained from the GPS L1 C/A signal every 1 ms. Some
other metrics, such as those using the /0, are obtained every 1 s. It is also important to
remark that only one satellite is being processed at a time in the results to be shown next, in
particular SV3 for TEXBAT and SV8 for OAKBAT.</p>
        <p>3. Machine Learning: We implemented a feedforward neural network using python libraries
TensorFlow and Keras to classify the presence of spoofing attacks based on the metrics extracted
from the GNSS signals, with the goal of predicting the binary label. The choice to use a neural
network was motivated by multiple reasons. The main reason is their ability to model complex
relationships very well, which is not as eficient in diferent models like Support Vector Machines
(SVMs) or the gradient boosting XGBoost. They are able to extract non-linear relationships
and intricate interactions between features. Another reason is their flexibility in tuning the
parameters and the architecture of the layer; as the training dataset is still to be updated with
more various scenarios, the adaptability of Multi-Layer Perceptron (MLP) simplifies the modeling
process. On the other hand, it is important to pay attention to overfitting and bias while training,
some early setups really struggled to accurately predict the spoofing due to strong overfitting.
To compare performances, we also implemented an SVM model in our preliminary stages.
While the SVM model delivered results comparable to the MLP, we decided to concentrate on
optimizing and detailing results from the neural network due to its aforementioned benefits.
We aim in this work at using binary classification to predict whether an epoch, here a 1 ms
period, is spoofed or not. The algorithm consists of categorizing data into two classes: True
or False. During the preprocessing, we first removed extreme outliers, mainly the first 1,000
points of the implementation, to eliminate any anomalous efects at the beginning of the dataset.
Then, we applied a 1-second (1,000 points) rolling mean to smooth the data and reduce the
noise. Thus, our input data is reduced from 20,000 epochs to 19,000 for 11 features. We also add
the spoofed label that indicates whether a row is spoofed (equals 1) or not (equals 0).
The dataset is randomly divided between training and test datasets with a ratio 70%− 30%. To
this efect, we utilized the train_test_split function from the Scikit-learn Python library. This
function first shufles the dataset randomly, then allocates a specified proportion of data points
to the training set and the remainder to the test set As a result, the training and test datasets
are composed of 13 300 and 5700 points respectively.</p>
        <p>Additionally, we computed the correlation between the diferent features to better understand
their relationships and potentially reduce dimensionality as illustrated in Fig. 5: it displays
the 11 features used before reducing the dimensionality as well as the label value spoofed. It
is important to remark that the importance of the correlation is given by the absolute value:
a value close to 1 or -1 means a strong relationship between the variable whereas the closer
to 0 the weaker the link. Reducing dimensionality is primordial in making the training more
eficient by getting rid of useless noisy features and particularly to avoid overfitting: other
methods could be implemented such as Principal Component Analysis (PCA) to reduce the
number of features using their variance [23].</p>
        <p>To better training performance, the metrics of size 20,000 are scaled using MinMaxScaler
following the formula:
std =</p>
        <p>
          − min
max − min
scaled = std * (max − min) + min
(
          <xref ref-type="bibr" rid="ref17">17</xref>
          )
(
          <xref ref-type="bibr" rid="ref18">18</xref>
          )
where min, max are the features size.
        </p>
        <p>In our model, we employed an L2 regularization technique to prevent any single feature from
dominating the learning process. This technique adds a penalty proportional to the square of
the magnitude of the weights to the loss function, discouraging the model from assigning too
much importance to any particular feature. This helps in reducing overfitting and makes the
model more generalizable [24].</p>
        <p>The architecture of the implemented neural network is as follows:
• Input layer: A dense layer with 32 neurons and a ReLU activation function, which takes
the feature vector with a length equal to the number of metrics.</p>
        <p>• Dropout layer: A dropout layer with a dropout rate of 0.5 is added to prevent overfitting.</p>
        <p>• Hidden layer: A dense layer with 16 neurons and a ReLU activation function. The Rectified
Linear Unit layer (ReLU) is an activation function that simply retains positive inputs and
sets all negative inputs to zero. Although simple, this function has several interesting
properties that make it very useful in neural networks. Firstly, while being a linear function
for positive values, ReLU introduces non-linearity due to the threshold at zero, allowing
neural networks with ReLU activations to model complex patterns and relationships.
Secondly, ReLU leads to sparse activation, meaning that at any layer, some neurons can
output a true zero, contrary to tanh and sigmoid functions that only can approach the
zero value, making the network more eficient and easier to train. Thirdly, the computation
is very straightforward and basic, making the computation very eficient, the function
can be represented as  () = max(0, )[25].
• Dropout layer: Another dropout layer with a dropout rate of 0.5 is added.
• Output layer: A dense layer with a single neuron and a sigmoid activation function, as
this is a binary classification problem.The sigmoid activation function, also known as the
logistic function, is commonly used in the output layer of binary classification problems
due to its ability to map any real-valued number into the range between 0 and 1. This
makes it useful for outputting probabilities for the two classes in a binary classification
problem. The sigmoid function is represented as  () = 1/(1 + − ) where  is the input
to the function.</p>
        <p>The model is compiled using the Adam optimization algorithm and the binary cross-entropy
loss function, which is appropriate for a binary classification task. After hypertuning the
parameter using a randomSearch, The model is trained on the training dataset for 30 epochs with
a batch size of 32 and learning rate  = 0.01. The performance of the model is evaluated on
the test dataset using validation data during training.</p>
      </sec>
      <sec id="sec-5-2">
        <title>5.2. Metrics Ranking</title>
        <p>In this section, we present the results obtained from our experiments. The primary objective
was to retrospectively identify the most influential metrics in our algorithm’s decision-making
process during training, in the idea to mitigate the "black-box" efect of such algorithms. At
this point of time we build the ranking for a dataset composed of both TEXBAT and OAKBAT
second scenarios and the OAKBAT clean static scenario. (ds2+os2+cleanStatic_os).
To compute the metrics importance, we use two diferent methods:
• Feature importance using connections weights This method aims at computing the relative
importance of input features by calculating the weights of the neural network [26]. In our
code, we evaluate the weight in between the input layer and the first hidden layer. The
results are shown in the left hand side plot of Fig. 6.
• Permutation importance This method involves randomly shufling the values of a single
feature, running the model with the shufled data, and measuring the change in
performance. The larger the performance drop, the more important the feature. To visualize
the results, we plot the importance of each feature with bar style, as well as the standard
deviation error to estimate uncertainty in the right hand side plot of Fig. 6. It is worth
noting that this does not represent a percentage because it doesn’t involve breaking a
whole into parts: it represents the average diference between the model with and without
shufling over multiple tries (here ten times for each feature). A feature could even have a
negative value if shufling it actually improves the model, for instance if the metrics only
add noise to the model [27].</p>
        <p>The first method uses directly the inner working of the neural network but treats the metrics
independently, which could cause a wrong estimation of features’ correlation and therefore
output wrong results. The second method is not relying on the model’s structure, thus can more
adequately estimate more complex models despite being computionally heavier. We hope to
have a better vision of the model computation by exhibiting those two methods together.</p>
      </sec>
      <sec id="sec-5-3">
        <title>5.3. Validation Results</title>
        <p>In this section, we discuss the validation for our merged datasets (os2+ds2+oakbatCleanStatic).
To ensure a comprehensive evaluation, we validate on two independent datasets: the spoofed
OAKBAT scenario ’os4’ and the clean TEXBAT ’cleanStatic’ scenario. This approach allows us
to gauge the algorithm’s performance in detecting and diferentiating between the two types of
data.</p>
        <p>Firstly, being sure that our algorithm does not wrongly overly identify spoofing events in a
clean dataset is primordial: hereby the left hand side plot in Fig. 7 shows the /0 over the
acquisition stage of the GNSS receiver according to the predictions on the non-spoofed scenario.
The results are quite promising: over 80 % of the epochs are predicted correctly.</p>
        <p>In terms of the spoofed dataset, we plot the /0 where the color-coded data points represent
diferent prediction states in the right hand side plot of Fig. 7 alongside with the confusion
matrix in Fig. 8: we observe that the model identifies almost perfectly the non-spoofed period
(in blue, 98% precision) whilst it struggles more on the spoofed event (79%). This is confirmed
by the confusion matrix Fig. 8: 417 spoofed epochs are being predicted wrongly.
For a practical use, we could convene that if the frequency of predicted spoofing exceeds a
specified threshold (e.g., 75%) within a certain time frame, it is likely that a spoofing attempt is
in progress. Tab. 1 summarizes all the validation results.</p>
        <p>We proceeded to test our model using only the top five (CNO, ccafMetric, MetricSAM, ELP,
Msqm) and top three (CNO, ccafMetric, MetricSAM, ELP, Msqm) metrics according to their
importance given in Fig. 6. The model’s performance degraded slightly: this suggests that even
the lowest ranked metrics have valuable information, as illustrated in Tab. 2. Therefore, while
our analysis confirms the significant impact of the top-ranked metrics, it also highlights the
collective contribution of all metrics in achieving optimal detection accuracy. Regarding the
clean Oakbat dataset, the results are sensibly the same.</p>
      </sec>
    </sec>
    <sec id="sec-6">
      <title>6. Conclusions</title>
      <p>This work-in-progress article showcases an approach for developing an eficient machine
learning-based spoofing detector concomitantly with a importance review of various metrics
build in the process. This paper uses the neural network multi-layer perceptron neural network
on selected metrics and combined datasets to classify artificially created spoofing scenarios. The
procedure involves acquiring primary data through a software receiver, constructing the desired
metrics mathematically, and applying classical machine learning pre-processing and scaling
techniques.. The results give promising results as the algorithm is able to display spoofing
and non spoofing events with correct results (with a minimum of 82% recall). As our range of
validated datasets is fairly limited, we aim at improving the work by expanding the dataset with
home generated spoofing scenarios using the Skydel GSG-8 GNSS simulator available at the
SPCOMNAV research group. Those new datasets will enable a wider range of spoofing attacks,
helping reduce the potential bias in our results.</p>
    </sec>
    <sec id="sec-7">
      <title>Acknowledgments</title>
      <p>This work was supported in part by the Spanish Agency of Research (AEI) under the Research
and Development projects PID2020-118984GB-I00/AEI/10.13039/501100011033 and
PDC2021121362-I00/AEI/10.13039/501100011033.</p>
      <p>Support for DOI 10.13139/ORNLNCCS/1664429 dataset (OAKBAT) is provided by the U.S.
Department of Energy, project LOIS 9445 under Contract DE-AC05-00OR22725. Project LOIS
9445 used resources of the Oak Ridge Leadership Computing Facility at Oak Ridge National
Laboratory, which is supported by the Ofice of Science of the U.S. Department of Energy under
Contract No. DE-AC05-00OR22725.
[19] A. Lemmenes, P. Corbell, S. Gunawardena, Detailed analysis of the TEXBAT datasets using
a high fidelity software GPS receiver (2016) 3027–3032. doi: 10.33012/2016.14668.
[20] T. Humphreys, J. Bhatti, D. Shepard, K. Wesson, The Texas spoofing test battery: Toward
a standard for evaluating GPS signal authentication techniques (2012).
[21] A. Albright, S. Powers, J. Bonior, F. Combs, A tool for furthering GNSS security research:
The oak ridge spoofing and interference test battery (OAKBAT) (2020) 3697–3712. doi: 10.
33012/2020.17712.
[22] K. Borre, I. Fernández-Hernández, J. A. López-Salcedo, M. Z. H. Bhuiyan (Eds.),
GNSS Software Receivers, Cambridge University Press, Cambridge, 2022. doi:10.1017/
9781108934176.
[23] L. van der Maaten, E. Postma, H. Herik, Dimensionality reduction: A comparative review,</p>
      <p>Journal of Machine Learning Research - JMLR 10 (2007).
[24] A. Y. Ng, Feature selection, l1 vs. l2 regularization, and rotational invariance, in:
Proceedings of the Twenty-First International Conference on Machine Learning, ICML
’04, Association for Computing Machinery, New York, NY, USA, 2004, p. 78. URL:
https://doi.org/10.1145/1015330.1015435. doi:10.1145/1015330.1015435.
[25] A. F. Agarap, Deep learning using rectified linear units (relu), arXiv preprint
arXiv:1803.08375 (2018).
[26] J. D. Olden, An accurate comparison of methods for quantifying variable importance in
artificial neural networks using simulated data, Ecological Modelling 178 (2004) 389–397.
doi:10.1016/S0304-3800(04)00156-5.
[27] L. Breiman, Random forests, Machine Learning 45 (2001) 5–32. doi:10.1023/A:
1010950718922.</p>
    </sec>
  </body>
  <back>
    <ref-list>
      <ref id="ref1">
        <mixed-citation>
          [1]
          <string-name>
            <given-names>M. L.</given-names>
            <surname>Psiaki</surname>
          </string-name>
          ,
          <string-name>
            <given-names>T. E.</given-names>
            <surname>Humphreys</surname>
          </string-name>
          ,
          <article-title>Gnss spoofing and detection</article-title>
          ,
          <source>Proc. IEEE</source>
          <volume>104</volume>
          (
          <year>2016</year>
          )
          <fpage>1258</fpage>
          -
          <lpage>1270</lpage>
          . doi:
          <volume>10</volume>
          .1109/JPROC.
          <year>2016</year>
          .
          <volume>2526658</volume>
          .
        </mixed-citation>
      </ref>
      <ref id="ref2">
        <mixed-citation>
          [2]
          <string-name>
            <given-names>E. G.</given-names>
            <surname>Manfredini</surname>
          </string-name>
          ,
          <article-title>Signal processing techniques for GNSS anti-spoofing algorithms</article-title>
          ,
          <source>Ph.D. thesis</source>
          ,
          <year>2017</year>
          . doi:
          <volume>10</volume>
          .6092/POLITO/PORTO/2672749.
        </mixed-citation>
      </ref>
      <ref id="ref3">
        <mixed-citation>
          [3]
          <string-name>
            <given-names>A.</given-names>
            <surname>Siemuri</surname>
          </string-name>
          ,
          <string-name>
            <given-names>H.</given-names>
            <surname>Kuusniemi</surname>
          </string-name>
          ,
          <string-name>
            <given-names>M.</given-names>
            <surname>Elmusrati</surname>
          </string-name>
          ,
          <string-name>
            <given-names>P.</given-names>
            <surname>Välisuo</surname>
          </string-name>
          ,
          <string-name>
            <given-names>A.</given-names>
            <surname>Shamsuzzoha</surname>
          </string-name>
          ,
          <article-title>Machine learning utilization in GNSS-use cases, challenges and future applications (</article-title>
          <year>2021</year>
          )
          <fpage>1</fpage>
          -
          <lpage>6</lpage>
          . doi:
          <volume>10</volume>
          . 1109/ICL-GNSS51451.
          <year>2021</year>
          .
          <volume>9452295</volume>
          .
        </mixed-citation>
      </ref>
      <ref id="ref4">
        <mixed-citation>
          [4]
          <string-name>
            <given-names>R. Morales</given-names>
            <surname>Ferre</surname>
          </string-name>
          , A.
          <string-name>
            <surname>de la Fuente</surname>
            ,
            <given-names>E. S.</given-names>
          </string-name>
          <string-name>
            <surname>Lohan</surname>
          </string-name>
          ,
          <article-title>Jammer classification in GNSS bands via machine learning algorithms</article-title>
          ,
          <source>Sensors</source>
          <volume>19</volume>
          (
          <year>2019</year>
          )
          <article-title>4841</article-title>
          . doi:
          <volume>10</volume>
          .3390/s19224841.
        </mixed-citation>
      </ref>
      <ref id="ref5">
        <mixed-citation>
          [5]
          <string-name>
            <given-names>P.</given-names>
            <surname>Borhani-Darian</surname>
          </string-name>
          ,
          <string-name>
            <given-names>H.</given-names>
            <surname>Li</surname>
          </string-name>
          ,
          <string-name>
            <given-names>P.</given-names>
            <surname>Wu</surname>
          </string-name>
          ,
          <string-name>
            <given-names>P.</given-names>
            <surname>Closas</surname>
          </string-name>
          ,
          <article-title>Deep neural network approach to detect GNSS spoofing attacks (</article-title>
          <year>2020</year>
          )
          <fpage>3241</fpage>
          -
          <lpage>3252</lpage>
          . doi:
          <volume>10</volume>
          .33012/
          <year>2020</year>
          .17537.
        </mixed-citation>
      </ref>
      <ref id="ref6">
        <mixed-citation>
          [6]
          <string-name>
            <given-names>J.</given-names>
            <surname>Winkel</surname>
          </string-name>
          ,
          <article-title>Modeling and simulating gnss signal structures and receivers (</article-title>
          <year>2003</year>
          ).
        </mixed-citation>
      </ref>
      <ref id="ref7">
        <mixed-citation>
          [7]
          <string-name>
            <given-names>S.</given-names>
            <surname>Semanjski</surname>
          </string-name>
          , I. Semanjski, W. De Wilde,
          <string-name>
            <given-names>A.</given-names>
            <surname>Muls</surname>
          </string-name>
          ,
          <article-title>Use of supervised machine learning for GNSS signal spoofing detection with validation on real-world meaconing and spoofing data-part i</article-title>
          ,
          <source>Sensors</source>
          <volume>20</volume>
          (
          <year>2020</year>
          )
          <article-title>1171</article-title>
          . doi:
          <volume>10</volume>
          .3390/s200411.
        </mixed-citation>
      </ref>
      <ref id="ref8">
        <mixed-citation>
          [8]
          <string-name>
            <given-names>S.</given-names>
            <surname>Semanjski</surname>
          </string-name>
          , I. Semanjski,
          <string-name>
            <given-names>W. D.</given-names>
            <surname>Wilde</surname>
          </string-name>
          , S. Gautama,
          <article-title>GNSS spoofing detection by supervised machine learning with validation on real-world meaconing and spoofing data-part ii</article-title>
          ,
          <source>Sensors</source>
          <volume>20</volume>
          (
          <year>2020</year>
          )
          <year>1806</year>
          . doi:
          <volume>10</volume>
          .3390/s20071806.
        </mixed-citation>
      </ref>
      <ref id="ref9">
        <mixed-citation>
          [9]
          <string-name>
            <given-names>P.</given-names>
            <surname>Domingos</surname>
          </string-name>
          ,
          <article-title>A few useful things to know about machine learning</article-title>
          ,
          <source>Communications of the ACM</source>
          <volume>55</volume>
          (
          <year>2012</year>
          )
          <fpage>78</fpage>
          -
          <lpage>87</lpage>
          . doi:
          <volume>10</volume>
          .1145/2347736.2347755.
        </mixed-citation>
      </ref>
      <ref id="ref10">
        <mixed-citation>
          [10]
          <string-name>
            <given-names>K.</given-names>
            <surname>Borre</surname>
          </string-name>
          ,
          <string-name>
            <given-names>D. M.</given-names>
            <surname>Akos</surname>
          </string-name>
          ,
          <string-name>
            <given-names>N.</given-names>
            <surname>Bertelsen</surname>
          </string-name>
          ,
          <string-name>
            <given-names>P.</given-names>
            <surname>Rinder</surname>
          </string-name>
          ,
          <string-name>
            <given-names>S. H.</given-names>
            <surname>Jensen</surname>
          </string-name>
          ,
          <string-name>
            <given-names>A</given-names>
            <surname>Software-Defined</surname>
          </string-name>
          <string-name>
            <given-names>GPS</given-names>
            and
            <surname>Galileo Receiver</surname>
          </string-name>
          :
          <string-name>
            <given-names>A</given-names>
            <surname>Single-Frequency Approach</surname>
          </string-name>
          ,
          <year>2007</year>
          . doi:
          <volume>10</volume>
          .1007/ 978-0-
          <fpage>8176</fpage>
          -4540-3.
        </mixed-citation>
      </ref>
      <ref id="ref11">
        <mixed-citation>
          [11]
          <string-name>
            <given-names>M.</given-names>
            <surname>Cutugno</surname>
          </string-name>
          , U. Robustelli, G. Pugliano,
          <article-title>Low-cost GNSS software receiver performance assessment</article-title>
          , volume
          <volume>10</volume>
          ,
          <year>2020</year>
          , p.
          <fpage>79</fpage>
          . doi:
          <volume>10</volume>
          .3390/geosciences10020079.
        </mixed-citation>
      </ref>
      <ref id="ref12">
        <mixed-citation>
          [12]
          <string-name>
            <given-names>F.</given-names>
            <surname>Murtagh</surname>
          </string-name>
          ,
          <article-title>Multilayer perceptrons for classification and regression</article-title>
          ,
          <source>Neurocomputing</source>
          <volume>2</volume>
          (
          <year>1991</year>
          )
          <fpage>183</fpage>
          -
          <lpage>197</lpage>
          . URL: https://www.sciencedirect.com/science/article/pii/0925231291900235. doi:https://doi.org/10.1016/
          <fpage>0925</fpage>
          -
          <lpage>2312</lpage>
          (
          <issue>91</issue>
          )
          <fpage>90023</fpage>
          -
          <lpage>5</lpage>
          .
        </mixed-citation>
      </ref>
      <ref id="ref13">
        <mixed-citation>
          [13]
          <string-name>
            <given-names>E.</given-names>
            <surname>Shafiee</surname>
          </string-name>
          ,
          <string-name>
            <given-names>M.</given-names>
            <surname>Mosavi</surname>
          </string-name>
          ,
          <string-name>
            <given-names>M.</given-names>
            <surname>Moazedi</surname>
          </string-name>
          ,
          <article-title>Detection of spoofing attack using machine learning based on multi-layer neural network in single-frequency GPS receivers</article-title>
          ,
          <source>Journal of Navigation</source>
          <volume>71</volume>
          (
          <year>2017</year>
          )
          <fpage>1</fpage>
          -
          <lpage>20</lpage>
          . doi:
          <volume>10</volume>
          .1017/S0373463317000558.
        </mixed-citation>
      </ref>
      <ref id="ref14">
        <mixed-citation>
          [14]
          <string-name>
            <given-names>K.</given-names>
            <surname>Wesson</surname>
          </string-name>
          ,
          <string-name>
            <given-names>D.</given-names>
            <surname>Shepard</surname>
          </string-name>
          ,
          <string-name>
            <given-names>J.</given-names>
            <surname>Bhatti</surname>
          </string-name>
          ,
          <string-name>
            <given-names>T.</given-names>
            <surname>Humphreys</surname>
          </string-name>
          ,
          <article-title>An evaluation of the vestigial signal defense for civil gps anti-spoofing 4 (</article-title>
          <year>2011</year>
          ).
        </mixed-citation>
      </ref>
      <ref id="ref15">
        <mixed-citation>
          [15]
          <string-name>
            <given-names>C.</given-names>
            <surname>Sun</surname>
          </string-name>
          ,
          <string-name>
            <given-names>J. W.</given-names>
            <surname>Cheong</surname>
          </string-name>
          ,
          <string-name>
            <given-names>A. G.</given-names>
            <surname>Dempster</surname>
          </string-name>
          ,
          <string-name>
            <given-names>H.</given-names>
            <surname>Zhao</surname>
          </string-name>
          ,
          <string-name>
            <given-names>L.</given-names>
            <surname>Bai</surname>
          </string-name>
          , W. Feng,
          <article-title>Robust spoofing detection for GNSS instrumentation using Q-channel signal quality monitoring metric</article-title>
          , volume
          <volume>70</volume>
          , IEEE,
          <year>2021</year>
          , pp.
          <fpage>1</fpage>
          -
          <lpage>15</lpage>
          . doi:
          <volume>10</volume>
          .1109/TIM.
          <year>2021</year>
          .
          <volume>3102753</volume>
          .
        </mixed-citation>
      </ref>
      <ref id="ref16">
        <mixed-citation>
          [16]
          <string-name>
            <given-names>G.</given-names>
            <surname>Seco-Granados</surname>
          </string-name>
          ,
          <string-name>
            <given-names>D.</given-names>
            <surname>Gómez-Casco</surname>
          </string-name>
          ,
          <string-name>
            <given-names>J. A.</given-names>
            <surname>López-Salcedo</surname>
          </string-name>
          ,
          <string-name>
            <surname>I.</surname>
          </string-name>
          <article-title>Fernandez-Hernandez, Detection of replay attacks to GNSS based on partial correlations and authentication data unpredictability</article-title>
          ,
          <source>GPS Solutions 25</source>
          (
          <year>2021</year>
          ). doi:
          <volume>10</volume>
          .1007/s10291-020-01049-z.
        </mixed-citation>
      </ref>
      <ref id="ref17">
        <mixed-citation>
          [17]
          <string-name>
            <given-names>S.</given-names>
            <surname>Ahmed</surname>
          </string-name>
          ,
          <string-name>
            <given-names>S.</given-names>
            <surname>Khanafseh</surname>
          </string-name>
          ,
          <string-name>
            <given-names>B.</given-names>
            <surname>Pervan</surname>
          </string-name>
          ,
          <article-title>GNSS spoofing detection based on decomposition of the complex cross ambiguity function</article-title>
          ,
          <source>Navigation: Journal of The Institute of Navigation</source>
          <volume>68</volume>
          (
          <year>2021</year>
          )
          <fpage>3569</fpage>
          -
          <lpage>3580</lpage>
          . doi:
          <volume>10</volume>
          .33012/
          <year>2021</year>
          .17987.
        </mixed-citation>
      </ref>
      <ref id="ref18">
        <mixed-citation>
          [18]
          <string-name>
            <given-names>J. A.</given-names>
            <surname>López-Salcedo</surname>
          </string-name>
          ,
          <string-name>
            <given-names>J.</given-names>
            <surname>Parro-Jimenez</surname>
          </string-name>
          ,
          <string-name>
            <given-names>G.</given-names>
            <surname>Seco-Granados</surname>
          </string-name>
          ,
          <article-title>Multipath detection metrics and attenuation analysis using a GPS snapshot receiver in harsh environments</article-title>
          ,
          <year>2009</year>
          , pp.
          <fpage>3692</fpage>
          -
          <lpage>3696</lpage>
          .
        </mixed-citation>
      </ref>
    </ref-list>
  </back>
</article>