DeepSpoofNet: a framework for securing UAVs against GPS spoofing attacks

GPS spoofing attack detection using non-ML methods

GPS spoofing is a security risk that can trick the receiver into computing inaccurate position data. Various techniques, such as non-ML as shown in Table 1 or conventional methods, are used to detect GPS spoofing in UAV. Non-ML methods include signal strength analysis, timing analysis, signal quality analysis, consistency checks, and cryptography techniques.

Rothmaier et al. (2021) introduce a generic framework that uses the Generalized Likelihood Ratio Test (GLRT) to merge many measurements for Global Navigation Satellite System (GNSS) spoofing detection. The framework was created to be resilient against various attack modes while also keeping a low rate of false alerts, according to the Neyman-Pearson paradigm. The study provides an overview of the GLRT framework previously published and evaluates its performance against traditional logical gate-based approaches for combining measurements, received signal power (RSP), and signal distortion metrics. The results indicate a 60% decrease in the maximum probability of miss-detection (PMD) scenario. The authors modify measurement models for a receiver model using flight data and confirm adherence to the false alarm (FA) guarantee for power, signal distortion metric, and pseudo-range residuals. The authors proved the framework’s usefulness by utilizing it in spoofing scenarios from the TEXBAT dataset with the same receiver type and combining three measures to achieve strong detection performance.

Basan et al. (2022) introduced a GPS spoofing detection technique for UAV that uses mathematical tools to address the issue without the need for extensive training data. In detecting GPS spoofing attacks in a group of UAV, a proposed method achieves 96% accuracy in detecting attacks, with a 3.5% rate of false positives. The text discusses key aspects of data analysis and normalization procedures for data analysis, as well as the use of the Kullback Leibler Divergence (KLD) measure to identify abnormalities in UAV systems. The article offers a method for detecting and minimizing the effects of intermediate GNSS spoofing, which involves transmitting bogus signals with tiny temporal differences from genuine signals received from satellites. The suggested anti-spoofing system combines techniques for antenna array processing with a multi-path identification algorithm to tell the difference between real and fake GNSS signals that are very similar to each other. The spoofing detection mechanism compares the steering vectors of received spatial components. The mitigation strategy uses adaptive beamforming to eliminate interference from shared directions and maintain original signals from GNSS satellites. Simulations confirm the efficacy of this approach in protecting GNSS receivers against intermediate spoofing interference, showcasing its usefulness. The authors in Varshosaz et al. (2019)’s proposed method compares the UAV’s relative sub-trajectory from visual odometry (VO) with its absolute replica from GPS, utilizing dissimilarity measures sum of Euclidean distances between corresponding points (SEDCP), angle distance, and taxicab distance. This allows for precise identification of UAV spoofing events, limiting the occurrence of VO drift errors. The approach demonstrates wide applicability, real-time execution, and efficiency in identifying different UAV spoofing cases. The results show that the method is effective in identifying instances of UAV spoofing, especially during long-range UAV flights with large changes in flight direction greater than 3 degrees and gradual UAV spoofing scenarios with a redirection rate of 1 degree. SEDCP is highly effective at identifying spoofing without redirection, providing excellent detection of false GPS locations. This solution dramatically enhances UAV security by accurately detecting spoofing and mitigating VO drift errors.

Mykytyn et al. (2023) aims to develop a system that can identify both single-transmitter and multi-transmitter GPS spoofing attempts to reduce their negative impacts. The detection mechanism identifies and confirms GPS spoofing attacks by comparing the distances between swarm members using GPS coordinates and Impulse Radio Ultra-Wideband ranging and determining if the discrepancy exceeds a predefined threshold. In Davidovich, Nassi & Elovici (2022) the authors suggest extracting frames from the video stream along with their respective GPS coordinates. The approach can effectively detect possible GPS spoofing attacks on a drone by evaluating the correlation between each frame. Operating a drone at an altitude of 50–100 m over an urban area, moving at an average speed of 4 km/h, and in low-light conditions, this approach demonstrates a high level of security. The system can identify GPS spoofing attacks, recognizing when the falsified location deviates by −4 m, with an average variance of 2.5 m from the actual location.

GPS spoofing attack detection using ML methods

ML methods are superior for identifying GPS-spoofing assaults on UAV. GPS systems play a crucial role in navigation, transportation, and essential infrastructure, which makes them susceptible to malevolent individuals. These malicious individuals aim to mislead recipients by sending counterfeit signals, which might result in malicious individuals circumventing conventional anti-spoofing techniques due to their limitations. Analyzing complex patterns in the data using ML techniques can accurately identify genuine and fake GPS signals. The models may learn from large datasets to identify tiny anomalies and variations indicating a spoofing attack. Tables 2–4 summarize the literature discussed in this section.

Using the 2009 High School Longitudinal Study dataset, Wongvorachan, He & Bulut (2023) explored several sampling approaches to address class imbalance in diverse circumstances. This study compares random oversampling (ROS), random undersampling (RUS), and a hybrid re-sampling method that combines Synthetic Minority Oversampling Technique for Nominal and Continuous (SMOTE-NC) with RUS. To evaluate each method, classification uses a random forest (RF). For moderately imbalanced data, ROS works, but hybrid re-sampling works better for very skewed data. The authors also proposed future research and discussed how these findings may affect educational data mining. The authors in Talaei Khoei et al. (2023) compared artificial neural networks (ANN), classification, regression decision tree (CART), logistic regression (LR), GaussianNB (GNB), RF, and support vector machine (SVM). Measurements included hyperparameters, dataset size, correlated features, imbalanced datasets, and regularization for thirteen distinct aspects of actual and manufactured GPS assault signals were investigated. Four criteria graded the models: PMD, accuracy, probability of false alert (PFA), and probability of detection (PD).

Albulayhi et al. (2022) developed a novel method for selecting and extracting features from anomaly-based intrusion detection system (IDS) for Internet of Things (IoT). This method extracted significant features in different proportions using information gain (IG) and gain ratio (GR) entropy-based methods. Mathematical set theory extracts the most valuable properties, especially using union and intersection procedures. Researchers used the IoT Intrusion Dataset 2020 (IoTID20) and Network-based Survivable Learning-Knowledge Discovery (NSL-KDD) datasets to train and evaluate the model framework to determine its efficacy. The authors used bagging, multilayer perceptron (MLP), J48, and instance-based learning with k nearest neighbors (IBk) in this experiment. Using the intersection operation, 11 of the 86 IoTID20 features and 15 of the 41 NSL-KDD features were the union operation resulting in 28 IoTID20 and 25 acNSL-KDD characteristics. This method excelled with 99.98% classification accuracy. Alomari et al. (2023) proposed a novel malware detection approach using deep learning and feature selection. Researchers used two datasets—one with malware and one with innocent activities—to create a training system. The authors created multi-feature-selected datasets using pre-processing and correlation-based feature selection. The authors trained dense and long-short-term memory networks (LSTM) based deep learning models on these feature-selected datasets. The authors measure model performance using precision, recall, accuracy, and the F1-score. An intriguing finding was that certain feature-selected situations performed similarly to the baseline dataset. Performance decreases vary by dataset. Performance degradation in the first dataset ranges from 0.07% to 5.84%, with feature reduction ratios between 18.18% and 42.42%. The second dataset shows an 81.77–93.5% decrease rate and 3.79–9.44% performance degradation.

The authors in Puri & Kumar Gupta (2022) propose a novel re-sampling method for imbalanced datasets. The noise-reduction method uses K-means Synthetic Minority Oversampling Technique (SMOTE) oversampling to resolve this issue and the datasets are initially clustered using K-means. SMOTE constructs synthetic minority class instances in clusters to resolve the class imbalance. Finally, it eliminates noise with edited nearest neighbor (ENN), noise is eliminated. Performance tests were done on 11 binary, unbalanced datasets using area under receiver operating curve (AUC). The results showed that the proposed method outperformed others in terms of varying attributive noise. The proposed method also performed well on binary imbalanced datasets with substantial attribute noise. The authors in Yin et al. (2023) combined RF with IG filters which improves feature selection. This strategy uses RF to manage the influence of less significant features chosen by IG based on their high-frequency values. Thus, the feature subset search space has more relevant features. Recursive feature elimination (RFE), a ML-based wrapper method, reduces feature dimensions by assessing the importance of related features in the second phase. Experimental results on the University of New South Wales—Network-Based 2015 (UNSW-NB15) dataset confirm the suggested method’s anomaly detection accuracy improvement. As shown, MLP multi-classification accuracy improves from 82.25% to 84.24%, while the number of features decreases from 42 to 23. The authors in Joloudari et al. (2023) examine how DNN and CNN work with other methods to handle imbalanced data. Oversampling, undersampling, and CNN-based SMOTE integration are involved. These methods are tested utilizing the KEEL, breast cancer, and Z-Alizadeh Sani datasets. Repeat the trials 100 times with random data distributions to ensure reliability. The SMOTE-Normalization-CNN model outperformed other methods with 99.08% accuracy on 24 unbalanced datasets. Thus, this flexible hybrid model effectively addresses imbalanced binary classification difficulties in real-world datasets.

The authors in Wu et al. (2023) propose an interpretability-focused detection methodology CNN-BiLSTM-Attention (CBA) using Shapley Additive Explanations (SHAP). This novel system uses GPS, IMU, and gyroscope data to target UAV. This model aims to address the constraints of standard attack detection systems, which use NN models that complicate detection results and reduce trustworthiness. The framework uses local and global explanations to maintain interpretability. Local explanations reveal the individual causes of detection outcomes by examining each input and model choice. The framework also provides global explanations of the model’s key aspects and how they relate to attack types. SHAP and generally available sensor status data form a framework that provides deeper insight into the relationship between feature values and a variety of attack scenarios, improving UAV attack detection reliability and comprehensibility. The authors in Shafiee, Mosavi & Moazedi (2018) developed a novel assault detection method by studying GPS signal characteristics. They used a multi-layer neural network, an enhanced K-nearest neighbor (KNN) algorithm, and a Bayesian classifier to identify several targets. To extract GPS signal features, the detection method used early-late phase, delta, and signal level to extract GPS signal features. A novel multi-layer neural network algorithm that uses feature selection as inputs to improve GPS spoofing detection. The neural network showed good identification accuracy in short simulations on a software GPS receiver. The authors in Wei, Wang & Sun (2022) propose detecting UAV GPS spoofing using a machine-learning technique and perceptual data. For features, they chose a barometer, GPS, magnetometer, gyroscope, and accelerometer. Despite their many disadvantages, these sensors’ diversity allows them to offset perceptual data and collect experimental data during actual flights, making their proposed PerDet solution more feasible. The study in Aissou et al. (2022) examined five instance-based learning models for detecting GPS spoofing in uncrewed aerial system (UAS). Radius neighbor, KNN, C-SVM, linear SVM, and nu-SVM were these models. The study used software-defined radio modules to capture and initialize satellite signal data, as well as simulated simplistic, intermediate, and complex GPS spoofing assaults. After evaluation, Nu-SVM outperformed other instance learning classifiers in accuracy, detection, FA, and miss-detection. The nu-SVM model showed good memory and processing efficiency during detection.

Jiang, Wu & Xin (2022) established deep learning-based approach for pose estimation (DeepPOSE), a deep learning model. Researchers developed a novel deep-learning model to identify fake GPS signals in mobile systems and noisy sensor data. The authors used convolutional and recurrent neural networks to decrease noise and deliver exact vehicle trajectories based on sensor data. They also developed a novel way to precisely display sensor data on Google Maps, decreasing trajectory determination errors. By reconstructing sensor trajectory data, the suggested method may detect GPS spoofing attacks. Since it detects such attacks more accurately than other methods, this strategy is better. Jullian et al. (2022) used a new GPS spoofing defense using a multi-layer perceptron neural network. GPS signals and flight parameters are inputs, and GPS spoofing attacks trigger an alarm. Note that dataset analysis affects this system’s accuracy. TEXBAT data shows 83.23% accuracy, implying that GPS spoofing assaults occur 83.23% of the time. The system’s MAVLINK dataset GPS spoofing detection accuracy is 99.93%, better than its competitor. The system detects attacks 99.93% of the time. The accuracy scores above only apply to the proposed solution’s evaluation using the TEXBAT and MAVLINK datasets. Manesh et al. (2019) proposed a new GPS spoofing detection method that employs artificial neural networks and supervised ML. Classifying GPS signals using pseudo-range, signal-to-noise ratio (SNR), and Doppler shift is easier. The authors compare two-hidden-layer neural networks with different numbers of hidden neurons. The results show that their machine-learning method detects spoofing signals with few FA. Wang et al. (2020) developed a novel GPS spoofing detection approach using the LSTM algorithm. UAV follow a predetermined flight route and help identify GPS spoofing attempts, improving detection rates. We’re proud to be the first to use ML to detect attacks. Extensive testing has confirmed that our GPS spoofing detection method delivers fast and accurate results. Simulated trials accompany our technique to combat GPS spoofing attacks. The experiments showed that our technique detected UAV GPS spoofing attacks quickly and accurately. No equipment upgrades are necessary. This study thoroughly describes our method.

Arthur (2019) explores that the ground or airborne vehicles within transmission range have the ability to spoof and hack drones. These safeguards are insufficient. Attackers can take control of the drone’s flight or autopilot. Due to intermittent network connectivity, drone communication is complicated. To solve these issues and safely return the drone, there is a need for an adaptive IDS that leverages deep learning. Arthur (2019) suggested an IDS that can detect threats in unknown environments using a multiclass SVM and self-taught learning (STL). The Deep-Q Network’s dynamic route learning allows the IDS to self-heal and guide the drone home. These technologies give the IDS a high true positive rate. Simulation findings show that the proposed IDS can defend drones against cyber security assaults due to its accuracy, sensitivity, and specificity. Cyber attacks are typical, suspicious, malicious, or aberrant based on their type. The worst cyber attacks on UAV networks include gray hole and black hole attacks, jamming, GPS spoofing, and misleading information dissemination. Sedjelmaci, Senouci & Ansari (2018) conducted numerous simulations and demonstrated that their proposed approach can detect these attacks from multiple UAV and attackers with low communication costs. They trained the model with Signal Strength Intensity (SSI), Number of Packets Sent (NPS), Jitters, and Number of Packets Dropped (NPD). High detection and low false-positive rates characterize this model (Sedjelmaci, Senouci & Ansari, 2018).

Sun et al. (2023) uses deep learning to detect GPS signal spoofing in small UAV. The authors talk about the UAV hardware system, the experiment jammer, the collection settings such as time and weather, Spearman correlation coefficients for preprocessing, and SVM-SMOTE’s data imbalance solution for getting the GPS signal dataset and preprocessing it. The new principal component analysis (PCA)-CNN-LSTM approach extracts features, CNN captures local features, and LSTM processes and models. Tenfold cross-validation ensures the robustness of the simulation experiment and compares the model to ML and deep learning methods. The PCA-CNN-LSTM neural network model achieves a very high accuracy value which is 0.9949%. This study lays the groundwork for micro UAV GPS signal spoofing detection. Escorcia-Gutierrez et al. (2023) created the Sea Turtle Foraging Algorithm with Hybrid Deep Learning-based Intrusion Detection (STFA-HDLID). This method identifies and classifies Internet of Drones (IoD) intrusions and for accuracy, the authors used min-max normalization and Sea Turtle Foraging Algorithm (STFA) feature selection. The authors also categorized them using Deep Belief Network (DBN) and Sparrow Search Optimization (SSO) and proposed a new IoD intrusion detection mechanism. The authors extensively tested STFA-HDLID on a benchmark dataset. The algorithm was accurate, peaking at 99.51% for TON_IoT and 98.85% for UNSW-NB15. The results show that the proposed algorithm outperformed its competitors.

IDS with an evolutionary feature selector and a RF classifier. A unique fitness function helps evolutionary techniques find relevant features and reduce data dimensionality. The real positive rate rises, whereas the false positive rate falls. Researchers employ the random forest technique for anomaly detection due to its multi-classification accuracy and noise tolerance in huge data sets. The suggested technique selects more trustworthy properties than current technologies, enhancing categorization. We provide the statistical results and method comparisons. The UNSW-NB15 and NSL-KDD datasets assess framework efficacy (Liu & Shi, 2022).

The authors in Wei et al. (2022) proposed Control Semantics-based Detection Approach (CONSTDET) which employs control semantics to detect UAV GPS spoofing attempts using ML. The research collected flight data from real trials to build CONSTDET, a viable detection system. Training GPS spoofing detection models requires carefully selecting flight data with control semantics. The data covered dynamic flight and control operations, such as altitude and horizontal position control. The authors put CONSTDET on UAV to detect GPS spoofing. The authors also trained and produced the most accurate classifier using ML. Gasimova, Khoei & Kaabouch (2022) compare bagging, stacking, and boosting ensemble-based ML algorithms. The GPS security breach tracking capabilities were assessed by prediction time per sample, memory size, processing time, PMD, PFA, and accuracy. The stacking model outperformed the other two models in accuracy, PD, PMD, and FA. The Study in Dang et al. (2022) explores deep ensemble learning and also proposes a method that detects GPS spoofing in cellular-connected UAVs. GPS-spoofing-related UAV trajectory abnormalities are identified by measuring route losses between base stations (BSs) and UAVs. To mitigate environmental impacts on path losses and ensure reliable identification, The authors use three statistical methods. MLP neural networks decide path loss statistics on the edge cloud servers. Experimental findings show that the proposed method can detect GPS spoofing with 97% accuracy with two BS and 83% with one. The proposed solution is unique because it requires no UAV energy or equipment Dang et al. (2022). The authors in Basan (2022) recommend evaluating UAV cyber-physical characteristics to identify attacks and results. A new method for producing false-attack databases and assessing their correctness is also provided in their study. To solve GPS spoofing attempts, the authors in Panice et al. (2017) used state estimation and a one-class SVM. For product efficacy and efficiency testing, they also constructed a simulation environment.

The study in Qiao, Zhang & Du (2017) suggests detecting GPS spoofing with a DJI Phantom 4 UAV’s monocular camera and IMU sensor. The authors show that incorporating these sensors can identify GPS spoofing. By analyzing the UAV’s speed using its sensors, monocular camera, and IMU, the authors can detect spoofing attacks in 5 s. The authors in Al-Wesabi et al. (2022) developed Opposition Poor and Rich Optimization-based Feature Selection with Optimal Deep Feed-forward Neural Network (OPRFS-ODFNN) to choose optimal deep feed-forward networks over poor and rich optimization-based feature selection. A new method for detecting network intrusions in IoT device communication has been developed by Al-Wesabi et al. (2022). This technique prioritizes IoD communication network safety. By scaling preliminary features and identifying important characteristics with OPRFS, OPRFS-ODFNN achieves this goal. The Optimal Deep Feed-forward Neural Network (ODFNN) model detects and classifies intrusions using Improved Mayfly Optimization (IMFO). The researchers thoroughly simulated the OPRFS-ODFNN technique to establish its usefulness. Khan et al. (2021) aims to boost UAV skills by decentralizing ML architectures with blockchain. This will enhance data integrity and storage, enabling complex, system-wide UAV decision-making. Blockchain will lead to decentralized predictive analytics and faster ML model sharing will result from blockchain. Their proposed system will demonstrate the feasibility and efficacy of collaborative intrusion detection for UAV and related applications (Khan et al., 2021).

A perfect partnership between vehicular ad-hoc networks (VANETs) and UAVs could boost network connectivity and prevent towering infrastructures, ensuring speedy data transmission. Secure VANETs and UAVs are essential. Deep learning defends VANET and UAV communications from cyberattacks that compromise data integrity, confidentiality, and availability. Bangui & Buhnova (2021) examines VANET and UAV intrusion detection systems using ML. It also addresses research gaps and suggests Intelligent Transportation System (ITS) security improvements. The study in Ahmetoglu & Das (2022) examines automatic cyber-attack identification and rapid prediction and analysis through ML. Research focuses on network traffic anomaly detection, categorization, grouping, and analysis. Each study assesses datasets, attack detection ML methods, feature selection, and dimension reduction. Ahmetoglu & Das (2022) also compares classification methods in several studies to alternatives, performance metrics, and outcomes. It analyzes open-access network attack statistics and provides a simple classification algorithm. Finally, it addresses ML’s network attack issues and offers solutions.

Yakkati et al. (2022) classifies GNSS signals using a multi-correlation receiver, examining interference-free, multi-path, jamming, and spoofing. The authors assess the test’s accuracy and confusion matrix using neural networks, SVM, KNN, kernel approximation, decision trees, discriminant analysis, naive Bayes, and ensemble classifiers. The study uses multi-correlation output to calculate average power and distortion correlation for GNSS signal categorization. Da Silva, Ferrão & Branco (2022) UAV swarms use IDS and it covers categorization, observed infiltration, ML, UAV swarm applicability, and development standards. After examining 56 relevant studies, they compared them. This study recommended IDS development. This study is significant because it was the first Database to meticulously map this topic, this study is significant.

The research in Siemuri et al. (2022) examined 2000–2021 GNSS ML studies. The authors evaluated the literature methods’ efficacy, advantages, and downsides. The investigation discovered 213 machine-learning studies. Notably, these results reveal good GNSS performance across applications. In GNSS usage scenarios, ML produces results like classical models. While ML models in GNSS have significant potential, their adoption is minimal. Promoting ML models in positioning, navigation, and timing (PNT) requires extra effort. Results reveal that hyperparameters, regularization parameters, imbalanced datasets, correlated features, and dataset size hinder ML. Using linked attributes and optimizing parameters in a balanced dataset, the Classification and Regression Decision Tree classifier obtained 99.99% accuracy. The accuracy was 99.98%, the error was 0.2%, and the false positive was 1.005%. The Random forest model has 99.94% accuracy, 99.6% likelihood of recognizing the intended outcome, 0.4% possibility of failing to detect it, and 1.01% probability of mistakenly identifying it under similar conditions. The study in Dhal & Azad (2022) investigates FS extensively. It details FS frameworks and models. FS algorithms process structured, labeled, or unstructured data. The study covers FS principles, common approaches, popular datasets, and important contributions from several ML domains relevant to FS applications. This descriptive survey examines FS’s concepts and application in different issue categories. Overall, the presentation is good in Dhal & Azad (2022).

Aissou et al. (2021) suggest comparing tree-based ML methods such as RF, Gradient Boost, XGBoost, and LightGBM to detect GPS spoofing attacks to address the security issue. XGBoost surpassed the others with 95.52% accuracy and 2 ms detection. These findings imply that XGBoost’s precision and speed could help UAS. The article Talaei Khoei, Ismail & Kaabouch (2022) proposes a one-stage feature selection technique to remove associated and low-importance dataset features. To determine the optimum assault classifier, this study introduced metric-optimized and weighted dynamic selectors to determine the optimum assault classifier. We assess ten ML models for accuracy, detection, false detection, and processing time. Our innovative method dynamically chooses the best classifier, surpassing ensemble models. This yields 99.6% accuracy, 98.9% detection likelihood, 1.56% FA likelihood, 1.09% misdetection likelihood, and 1.24 s of processing time.

This article offers significant improvements that surpass current research on GPS spoofing attack detection. It has a hybrid model that combines bidirectional long short-term memory (BiLSTM) networks with convolutional neural networks (CNN). This makes detection more accurate than with some machine learning methods. The research utilizes extensive feature selection methods, such as ANOVA, to identify the most important features for detecting GPS spoofing, thereby overcoming the shortcomings of inadequate feature selection in previous studies. We employ stringent oversampling approaches to address the prevalent issue of imbalanced datasets and ensure reliable detection performance. The suggested hybrid model exhibits exceptional performance measures, attaining a precision of 98.84%, an accuracy of 99.25%, an F1 Score of 99.26%, and a recall of 99.69%, signifying significant advancements over current methodologies. The dataset includes different types of GPS spoofing attacks, such as simple spoofing, in which fake GPS signals confuse the UAV’s navigation system, intermediate spoofing, in which GPS signals are changed gradually to control the UAV, and advanced spoofing, in which the attacker can fake real signals to get around normal detection methods. The proposed architecture proposes extensive detection capabilities by tackling these attack types, rendering it resilient to various GPS spoofing scenarios.

In recent years, the safety of multi-UAV systems (MUSs) has garnered heightened attention due to increasing threats from composite attacks, including denial-of-service (DoS) attacks, false data injection (FDI) attacks, camouflage attacks, and actuation attacks (AAs). In order to mitigate these advanced threats, Gong et al. (2023) introduced a robust two-tiered system. The framework uses a digital twin architecture to divide the defenses into two levels: a twin layer (TL) to protect against DoS attacks and a cyber-physical layer (CPL) to handle unbounded AAs. When a topology-repairing method is combined with a decentralized adaptive controller, uniformly ultimately bound (UUB) convergence is guaranteed. This makes multi-agent systems (MUSs) more resistant to composite attacks. Protecting multi-agent systems (MASs) from malicious threats, including Byzantine assaults, is a persistent concern in distributed systems. Gong et al. (2024b) created a Distributed Byzantine-Resilient Observer (DBRO) that makes sure that high-order multi-agent systems (MASs) working on directed graphs converge to zero errors in finite time. This edge-based DBRO system assesses the leader’s state inside a multi-agent network while mitigating Byzantine threats. Robust graph theory underpins the methodology’s cascading architecture, which enhances its applicability to both time-invariant and time-varying topologies, thereby demonstrating notable resilience against Byzantine agents (Gong, Li & Shu, 2024). The emphasis on multi-agent systems (MASs) and UAV swarms has brought considerable attention to security issues, especially for human-in-the-loop (HiTL) systems susceptible to Byzantine assaults. Gong et al. (2024a) created a strong two-tier hierarchical control system that protects against Byzantine edge attacks (BEAs) and Byzantine node attacks (BNAs). It uses a digital twin layer (DTL) and a cyber-physical layer (CPL). The architecture enables a human operator to direct a non-autonomous leader UAV while mitigating these hostile assaults. The results of their experiments showed that the control framework worked well at protecting multiple UAV systems. This suggests that resilient swarm robotics could be useful in dangerous situations (Gong et al., 2024a). Multi-agent systems (MAS) have made significant progress in resilient control, particularly in preventing Byzantine attacks, which pose a significant threat due to their ability to disseminate false information through compromised agents. Gong et al. (2024b) presented an innovative twin-layer hierarchical control scheme that separates the defense mechanisms for Byzantine Node Attacks (BNAs) and Byzantine Edge Attacks (BEAs). Their method uses a DTL to fight BEAs and a CPL with a decentralized adaptive controller to fight BNAs. This unique design improves system resilience by implementing a trusted-node method to protect important nodes and applying a chattering-free control scheme for efficient response to diverse attack scenarios. Compared to other protection methods, this two-layer strategy guarantees better performance for both compromised and benign agents. It sets a new standard for multi-agent system security in hostile environments. Path planning for UAVs in hostile situations is essential, especially when confronting clandestine assaults that alter sensor data or control inputs undetected. He et al. (2023) present a strong path planning method to protect ultrawideband (UWB) sensors from hidden attacks. They use Pontryagin’s maximal principle and think of the problem as a Stackelberg game. This method enables the UAV to calculate energy-efficient routes while predicting and alleviating the impacts of covert assaults. Their approach is innovative in tackling vulnerabilities in UWB sensors and enhancing resilience through game theory, beyond conventional tactics that concentrate on detectable threats such as GPS spoofing. This study makes UAVs safer by simulating how an attacker and a defender interact with each other. It then offers ways to defend against sneaky attacks while still completing missions in both single base station (SBS) and double base station (DBS) settings. These advances have tangible implications for improving UAV resilience and operational integrity, particularly in military, surveillance, and emergency response contexts.

By conducting in-depth research and thorough analysis, it has become evident that the detection of GPS spoofing attacks is of paramount importance due to their potential to compromise critical systems reliant on accurate positioning information. The need for a new framework arises from the limitations of existing methods in effectively detecting GPS spoofing attacks. Current approaches often struggle with minimizing detection time, ensuring transferability, and reducing false negatives. Moreover, they may lack the capability to handle complex attacks that manipulate ambient parameters or duplicate natural trajectories without sufficient context. These limitations highlight the necessity for a more comprehensive and efficient framework, which prioritizes dataset balancing, feature extraction, noise removal, and NN efficiency to address these challenges effectively.

Hardware/software used

In this study, the experimental PC utilized is equipped with an Intel Core 2.4 GHz i5 6th generation processor, 8 GB of RAM, and a 256 GB hard disk. Prioritizing resource efficiency and accessibility, the experiment was conducted without a graphics card. Anaconda Navigator serves as the management tool for packages and environments in our lab, eliminating the need to manually enter conda commands in a terminal. For practical studies, Jupyter Notebook is employed, offering a user-friendly interface for code development and analysis. Python serves as the primary programming language, ensuring compatibility and versatility for research experiments. This integrated approach enhances workflow, facilitating efficient experimentation and code creation within the research environment. A diverse range of libraries are utilized in the practical study to enable effective data manipulation, analysis, and ML. Numpy 1.26.0 (van der Walt, Colbert & Varoquaux, 2011) serves as a foundational tool for numerical operations and array manipulations, along with essential scientific computing functionalities. Pandas 2.1.1 (McKinney, 2010) simplifies structured data management and preparation for exploratory data analysis. Seaborn 0.13.0 (Waskom, 2021) and Matplotlib 3.8.0 (Hunter, 2007) are employed for creating visually appealing plots and graphs that elucidate experimental results. TensorFlow 2.14.0 (Abadi, 2016) and Keras 2.14.0 (Chollet, 2015) support the implementation of complex neural network models, while scikit-learn 1.3.1 (Pedregosa, 2011) provides reliable ML algorithms and model assessment tools. The experimental framework is constructed around this carefully selected library collection to ensure the attainment of dependable and efficient study goals.

Dataset description

The study’s dataset comprises a carefully curated collection of both synthetic and real-world data, capturing a diverse array of scenarios essential to the study’s objectives. This comprehensive dataset ensures a thorough examination of the proposed hypotheses. To maintain data integrity and enable trustworthy experimentation and analysis, rigorous preparation techniques were meticulously applied. This meticulous preparation not only safeguards data integrity but also enhances the reliability of the experimental process. The UAV Attack dataset (Whelan et al., 2020), provided by the IEEE for research in UAV security, aggregates instances of UAV attacks orchestrated by various jammers. Table 5 outlines the features used in this study, while Table 6 illustrates the ratio of benign to attacked data.

Data pre-processing

This research employed various essential strategies during the preprocessing phase to achieve data balancing, cleaning, and feature selection. Initially, we utilized SMOTE (Synthetic Minority Oversampling Technique) to rectify class imbalance within the dataset. Given the infrequency of GPS spoofing attempts relative to standard data points, SMOTE facilitated the creation of synthetic samples for the minority class. This ensured the equilibration of the dataset and provided the model with sufficient examples of both authentic and counterfeit data, thereby boosting its ability to generalize across categories. After balancing the data, we sanitized the dataset to remove any null or missing values, which ensured uniformity across all characteristics. This stage was crucial for preventing inadequate information during the model training process, which could result in inaccurate predictions or biased outcomes. We employed various statistical methods for feature selection to reduce complexity and enhance the effectiveness of the model. We employed PCA to transform the dataset into a lower-dimensional space, thereby maximizing variance and reducing redundancy. Furthermore, we assessed feature relevance using chi-square tests, Pearson correlation coefficient (PCC), and ANOVA (Analysis of Variance), each providing distinct insights into the relationship between characteristics and the objective variable. These strategies facilitated the elimination of irrelevant or redundant features, preserving the most informative information for model training. We ultimately applied the model to the altered datasets produced by each feature selection method (PCA, chi-square, PCC, and ANOVA). We subsequently compared the results using the model’s performance measures, which included accuracy, precision, recall, and F1-score. We chose the optimal combination of features and preprocessing techniques for subsequent model optimization, ensuring the use of the most efficient configuration in the final implementation.

Feature selection

Developing a reliable and effective model to identify GPS spoofing attempts on UAV requires feature selection (FS). The study uses PCA, chi-square, PCC, and ANOVA for FS. PCA, a popular linear dimension reduction method, was used to find the dataset’s most variable components. To choose the most important features for classification, the chi-square statistical test was used to evaluate the features and the target variable. The linear link between each attribute and the target variable was assessed using the PCC. A stronger correlation indicates greater relevance. ANOVA was performed to determine how much each component explained target variable variability, with smaller p-values indicating greater relevance. Our FS method reduces the dataset’s dimensionality and identifies the best characteristics for building a robust and accurate GPS spoofing detection model for UAV. The recommended detection model is trained and tested using the selected attributes, outperforming current methods, and shows how FS improves UAV GPS-spoofing attack detection systems.

Model evaluation

The framework requires model building following dataset preparation. Predict multiple modalities for effective classification. The article uses CNN and ANN deep learning algorithms. These models are used with chi-square, PCC, ANOVA, and PCA to find the best UAV GPS spoofing assault detection approach. Industry guidelines require us to split the dataset 70% for model training and 30% for testing. Because they work well in binary datasets, this study’s hyper-parameter settings use sigmoid and RELU activation functions. We optimize the models with ADAM because of its strength and noise tolerance. The loss function is binary cross-entropy since GPS spoofing detection is binary. We alter hyper-parameters, especially epoch fluctuation, to discover the optimal GPS spoofing attack detection epoch configuration. Activation functions and optimizers are distinguished by their binary dataset and GPS spoofing detection capabilities. This technique optimizes deep learning model hyper-parameters and FS. Dataset experiments test the framework’s GPS spoofing detection. Our machine learning model evaluation criteria prompted us to divide the dataset into 70% training and 30% testing sets. This section employs two deep-learning models and four feature extraction methods. This study evaluates GPS signal alteration detection models. The dataset’s training helps algorithms identify benign and spoofed patterns. Chi-square, PCC, ANOVA, and PCA extract characteristics from two deep learning models with distinct architectures. A detailed analysis of the models’ performance across feature sets shows their strengths and flaws. To discover the optimal GPS spoofing detection setup, this study changes feature extraction models and approaches.

ANN with FS methods

ANN performance with PCA, PCC, Chi-Squared test, and ANOVA helps us detect GPS spoofing assaults. PCA gives the model 97.48% accuracy, exhibiting good performance. The PCA is less precise than other methods. PCA captures variance effectively; however, it may not be as excellent at identifying subtle GPS spoofing patterns. Table 7 shows ANN with different FS methods. GPS spoofing detection concerns arise from the PCC’s 80.91% precision. Lower precision increases the likelihood of declassifying irrelevant cases, indicating feature interaction issues. A 91.12% precision and 94.72% accuracy make the chi-squared test good.

ANN with FS method maintains accuracy while identifying patterns, striking a balance between precision and recall as shown in Table 7, and Fig. 5. The chi-squared test produces competitive GPS spoofing detection (FS) results. ANOVA consistently performs well, exhibiting 95.99% precision and 97.40% accuracy. ANN with FS technique aids in detecting GPS spoofing by uncovering subtle group deviations. A thorough analysis underscores the importance of evaluating FS methods in conjunction with ANN. While PCA is accurate, its precision may limit practicality. On the other hand, the PCC, offering lower precision, may not be suitable for applications requiring high accuracy in GPS spoofing detection. The balanced performance of the chi-squared test is intriguing for precision and memory considerations. With its precision and accuracy, ANOVA emerges as the optimal FS method for robust GPS spoofing detection within the ANN framework. Particularly adept at identifying GPS spoofing trends, ANOVA can unveil significant changes and connections across variables.

CNN with FS methods

This CNN-based FS study has enhanced GPS spoofing attack detection. The comparison underscores crucial performance parameters, such as model efficacy and accuracy as shown in Table 8, and Fig. 6. Notably, CNN and PCA demonstrated a tradeoff with 20 and 18 features, respectively. Utilizing 18 features, the model exhibited adaptability to a smaller feature space, achieving 96.38% precision and 97.87% accuracy. This adaptability ensures efficient calculation and resource utilization. However, the PCC significantly diminished CNN performance measures, showcasing challenges in understanding complex feature interactions. Linear correlation alone may prove insufficient for identifying GPS spoofing. Conversely, the CNN with chi-squared test effectively identifies variable dependencies, yielding 99.34% precision and 96.89% accuracy. Nonetheless, the lower F1 score and recall may pose challenges in balancing all metrics, potentially obscuring critical data trends. On the other hand, CNN ANOVA FS consistently delivered strong performance, with an F1 score, precision, accuracy, and recall of 98.23%, 98.94%, 98.96%, and 99.69%, respectively.

This group variance-focused method gathered complex GPS signal data patterns with several features. The comparison study concludes that CNN FS is crucial for GPS spoofing detection. Balance is needed because the chi-squared test was precise but difficult to recall. With its vast feature set and excellent performance across all parameters, ANOVA was the most robust method. This work informs the design and optimization of GPS spoofing detection systems.

CNN-BiLSTM with FS methods

GPS spoofing attack detection using CNN-BiLSTM with various FS methods results in diverse performance metrics, as depicted in Table 9 and Fig. 7. Leveraging PCA’s 18 attributes, the model exhibits strong performance with 97.17% precision, 98.11% accuracy, 98.15% F1 score, and 99.14% recall. This underscores the effectiveness of PCA in gathering data for accurate categorization. Conversely, CNN-BiLSTM demonstrates subpar performance with PCC FS. The model achieves a precision of 78.77%, an accuracy of 86.30%, an F1 score of 88.03%, and a recall of 99.77% for GPS spoofing attacks, contrasting with PCA. Here, the linear relationship of PCC may not offer meaningful insights. Conversely, employing the Chi-Squared test for feature selection enhances precision, accuracy, F1 score, and recall by 93.17%, 96.30%, 96.47%, and 100.00%, respectively. This underscores the significance of feature independence in the model’s ability to detect subtle GPS modification patterns. Employing ANOVA characteristics, CNN-BiLSTM achieves 99.25% accuracy, 98.84% precision, 99.26% recall, and a 99.26% F1 score, leading to improved performance. This highlights the capability of ANOVA in identifying classification-relevant traits. The comparison underscores the impact of FS on CNN-BiLSTM GPS spoofing attack detection performance.

Table 9 shows results, while Fig. 7 show graphs. ANOVA emphasizes essential feature contributions; chi-squared tests feature independence; and PCA captures overall variance. These results drive FS and implementation to improve CNN-BiLSTM GPS spoofing detection accuracy.

Overall best-performed models with FS methods

We tested different FS methods and deep learning model combinations to find the best GPS spoofing attack detection method. ANN and CNN were integrated with PCA and ANOVA for FS. The experiment produced ANN outcomes with 97.07% precision, 96.48% accuracy, 97.52% F1 score, and 97.97% recall using 20 PCA-selected features. This method provided a baseline for comparison and demonstrated PCA’s ability to extract ANN features. CNN and ANOVA indicated considerable improvements: precision 98.23%, accuracy 98.94%, F1 score 98.96%, and recall 99.69%. The CNN architecture detected GPS signal to fake better with ANOVA’s discriminative properties. Out of all the methods tested, CNN-BiLSTM with ANOVA worked best. The hybrid model had 98.84% precision, 99.25% accuracy, a 99.26% F1 score, and a 99.69% recall. GPS spoofing detection was more predictive using ANOVA-selected features and CNN and BiLSTM layers. The comparison of these results underscores the importance of hybrid models, which combine deep learning architectures with well-chosen features. ANN and PCA work well, but CNN and BiLSTM layers with ANOVA-selected features provide unprecedented detection accuracy.

This investigation illustrates the optimal combinations and underscores the importance of tailoring model architectures to feature attributes for enhancing GPS spoofing detection systems. Tables 10 and 11 respectively present a comparative analysis of the best performing GPS spoofing detection models and complexity analysis of deep learning models with PCA, PCC, X2, and ANOVA. Additionally, Fig. 8 depict the results. We used a methodical approach to choose models by combining PCA, chi-square, PCC, and ANOVA feature selection methods with CNN-BiLSTM and CNN models. Both models assessed every dataset with selected features. The CNN-BiLSTM integrated CNN for feature extraction with BiLSTM to identify sequential patterns, whereas the independent CNN concentrated on spatial feature extraction. We evaluated performance using accuracy, precision, recall, and F1 score for each combination. These metrics guided the selection of the most effective feature selection approach and model architecture, ensuring maximum accuracy and resilience for the GPS spoofing detection framework.

Comparative analysis with state-of-the-art research

UAVs are difficult to detect GPS spoofing, although machine learning models like DeepSpoofNet, Wu et al. (2023), and Wei et al. (2022) offer several solutions. DeepSpoofNet, our model, performs better due to its complex design, extensive feature selection, and effective data imbalance control. CNNs and BiLSTM layers make up DeepSpoofNet’s hybrid design. In this integration, the model can detect geographical and temporal correlations in GPS signal data, effectively distinguishing legitimate signals from fakes. The CNN-BiLSTM design catches detailed GPS spoofing signal distortions, making it more robust to many assault situations. DeepSpoofNet selects only the most important and relevant features using ANOVA. Reducing noise and focusing the model on key data improves forecast accuracy. With the synthetic minority oversampling technique, DeepSpoofNet reduces class imbalances. This helps the model learn from dominant and minority classes—even rare spoofing events. DeepSpoofNet performs well by training on a large dataset that comprises self-experiment data and IEEE Dataport data. It has a spectacular 99.25% detection accuracy, 98.84% precision, 99.69% recall, and 99.26% F1 score. These results show that DeepSpoofNet is the best GPS spoofing detection technology. Wu et al. (2023) built a CNN-BiLSTM model to emphasize GPS signal spatial and temporal characteristics. Table 12 provides a detailed comparison of the state-of-the-art methods.

In contrast, Wei et al. (2022) uses XGBoost, a gradient-boosting algorithm that works well with structured data. For GPS spoofing detection, Wei et al. (2022) prioritize flight dynamics—latitude, longitude, altitude, velocity, and orientation angles (roll, pitch, yaw). Wei et al. (2022) model modifies the flight dataset for UAV activities, making it domain-specific. Although XGBoost manages structured data well, Wei et al. (2022) model is less accurate than DeepSpoofNet. Because of its hybrid design, feature selection, and class imbalance mitigation, DeepSpoofNet outperforms Wu et al. (2023) and Wei et al. (2022) DeepSpoofNet uses CNN-BiLSTM layers, ANOVA feature selection, and SMOTE to provide the most accurate and reliable GPS spoofing available. It is the best way to protect UAVs against GPS spoofing.