Abstract: ‍ ‍As a malicious attack by manipulating the received GPS signal of an unmanned aerial vehicle （UAV）， a GPS spoofing attack may cause severe abnormal behaviors in UAVs， such as deviating from the intended path， flying into the no-fly zone， and forced landing. Therefore， to ensure the safety of UAVs， it is urgently demanded to investigate the GPS spoofing attack detection methods. Currently， the detection of GPS spoofing attacks still suffers from low model training efficiency and low detection performance. To tackle this problem， a collaborative UAV GPS spoofing attack detection scheme is proposed in this paper. Specifically， a federated learning framework is adopted， where multiple base stations （BSs） train the anomaly detection model and calculate the anomaly detection threshold with locally received UAV operation data， to detect whether the UAV suffers a GPS spoofing attack. To mitigate the performance deterioration resulting from uneven data distribution in the federated learning model， the shrink autoencoder is used. Compared with conventional autoencoders， a new loss term is added to the loss function in the shrink autoencoder， which can compress the low-dimensional representation of the training data sample into a smaller range. Thus， the low-dimensional features of the training data can be captured more easily， and the distinguishing capability of abnormal data can be improved. Experimental results with an open data set show that the accuracy rate， precision rate， and recall rate with the proposed scheme can reach up to 96.49%， 96.03%， and 93.85%， respectively， which are 1.63%， 0.8%， and 4.62% higher， respectively， than the original autoencoder. It has been proven that the shrink autoencoder can improve the detection performance of the collaborative detection method. Compared with the centralized learning framework， the proposed collaborative detection method can improve training efficiency. Moreover， the proposed shrink autoencoder， within a federated learning framework， shows the least sensitivity to changes in the balance coefficient， maintaining good detection results even with an inaccurate anomaly detection threshold. In conclusion， simulation experiments prove that the collaborative UAV GPS spoofing attack detection scheme proposed in this paper can achieve better detection performance and higher model training efficiency on open data sets.