GNSS Spoofing Detection in TDD Networks: A 3GPP Standards-Based Security Framework

2026-07-13Networking and Internet Architecture

Networking and Internet ArchitectureCryptography and Security
AI summary

AI summary is being generated…

Authors
Ravi Kant Sharma, John Owens, Kevin Kiernan
Abstract
Time Division Duplex (TDD) mobile networks require synchronization accuracy of $\pm$1.5 $μ$s (3GPP TS 38.104), with GNSS-disciplined grandmaster clocks as the predominant timing source. GNSS spoofing -- now a documented operational threat -- can corrupt timing across all downstream base stations, yet neither the 3GPP management framework (SA5) nor the security framework (SA3) provides standardized mechanisms to detect or report such attacks. This paper proposes a detection and monitoring framework operating within existing 3GPP management structures. The framework introduces GNSS timing alarms and performance counters aligned with TS 28.111 and TS 28.552, a topology-aware correlation mechanism that classifies anomalies by grouping gNB-DUs by serving grandmaster, and a security event bridging fault management with SECHAND incident handling (TR 33.894). Monte Carlo simulation demonstrates detection probability exceeding 95% for drift rates above 0.5 ns/s with false positive rates below 1% under well-provisioned PTP network conditions. The framework requires no new interfaces, is generation-agnostic, and is validated through scenario analysis distinguishing spoofing from signal loss, equipment faults, and maintenance transients.