Spoofing in Geography and Countermeasures

What Is Geo-Spoofing?

Geographical spoofing is a technique of hiding someone’s location or even counterfeiting a genuine GPS signal. It can be done for both neutral and nefarious purposes. In the former scenario it is performed to bypass geographical restrictions that can be put on online services, content, information, and so on.

In the latter case, the technique, basically, turns into an attack: it can be used to falsify coordinates for misdirection, alter destination, disguise geographic location of a malicious actor, and even “move the borders” of a country as outlined by Alistair Maclenan in the Fake Geography article.

Examples of Location Spoofing

There’s a record of the geography spoofing incidents.

1. Examples of Spoofing in Geography

Geo-spoofing has been registered since at least the early 2010s. Notably, marine geo-spoofing was observed in 2013 when an 80-million dollar yacht was misdirected by the University of Texas researchers who “hijacked” the vessel’s GPS receivers with a special device.

In 2013, an incident occurred near the Newark Liberty International Airport, near which a truck driver used a GPS jammer to “hide his whereabouts from his employer”. Jamming caused interference to the ground-based augmentation system, which provides differential corrections to the navigation system — it resulted in a $31,875 fine for the driver.   

Internet of Things (IoT) gadgets are also vulnerable to the attack. A detection algorithm dubbed ELSA is proposed to solve the issue: it employs Enhanced Location Spoofing Detection using Audibility and implicit available audibility information to avoid attacks.

2. Spoofing in Location-Based Games

Pokemon Go is the most notable example of a GPS-based game. It was reported that players used GPS spoofing with the help of available specialized apps to change locations. 

The motive could be that some countries have better hunting grounds: e.g., the US have such regionals as Heracross and Corsola, as well as top hotspots where rare Pokemons may spawn. To avoid detection, they used reasonable time intervals before spoofing GPS to imitate traveling.

3. Location Spoofing

A positive example of GPS spoofing took place in 2009 in Iran during the presidential elections — International Twitter users set their GPS signal and time zones to Teheran to confuse the local authorities who tried to identify opposition leaders and their location through their tweets.

A similar incident occured In 2011, during the Arab spring, it was reported that Geo-spoofing was used to shield protesters in Egypt and Tunisia from the riot police ambushes. 

Deepfake Geography

It is acknowledged that some generative models — based on a Cycle-Consistent Adversarial Network (CycleGAN) or Neural Radiance Fields (NeRF) — are capable of creating complex and realistic images of places and scenery. For example, such an image can be presented as a bona fide satellite image both to a human observer or an AI-operated system.

Detection of Location Spoofing in Geography

The assortment of the detection methods for Geo-spoofing is rather scarce at the moment. However, there are some concepts that can help reveal such attempts.

One of the methods employs the Bayesian time geographic approach, as it helps detect spatial-temporal dynamics that GPS-spoofing typically displays. It sets specific mobile constraints that, for example, a human cannot violate physically. If the violation is detected, the system labels it as spoofing.

Another approach, for detecting deepfake locations, relies on common geographical knowledge. For example, such a method can benefit from Waldo Tobler’s first geography law that states that objects located near each other are more related than distant objects. If a certain loctaion’s characteristics go against the rule, then there’s a high probability it’s a deepfake image.