An official website of the United States government
As more aircraft are using the Automatic Dependent Surveillance-Broadcast (ADS-B) devices for navigation and surveillance, the risks of injection attacks are highly increasing. The exchanged ADS-B messages are neither encrypted nor authenticated while containing valuable operational information, which imposes high risk on the safety of the airspace. For this reason, we propose in this paper an SVM-based ADS-B message injection attack detection technique for UAV onboard implementation. First, we simulated several message injection attacks on real raw ADS-B data. Then, three Support Vector Machine (SVM) models were examined in terms of two types of assessment criteria, detection efficiency and model performance. The results show that the C-SVM model is the best fit for our application, with an accuracy of 95.32%.
more »
« less
Detecting Injection Attacks in ADS-B Devices Using RNN-Based Models
The Automatic Dependent Surveillance Broadcast (ADS-B) system is a critical communication and surveillance technology used in the Next Generation (NextGen) project as it improves the accuracy and efficiency of air navigation. These systems allow air traffic controllers to have more precise and real-time information on the location and movement of aircraft, leading to increased safety and improved efficiency in the airspace. While ADS-B has been made mandatory for all aircraft in the Federal Aviation Administration (FAA) monitored airspace, its lack of security measures leaves it vulnerable to cybersecurity threats. Particularly, ADS-B signals are susceptible to false data injection attacks due to the lack of authentication and integrity measures, which poses a serious threat to the safety of the National Airspace System (NAS). Many studies have attempted to address these vulnerabilities; however, machine learning and deep learning approaches have gained significant interest due to their ability to enhance security without modifying the existing infrastructure. This paper investigates the use of Recurrent Neural Networks for detecting injection attacks in ADS-B data, leveraging the time-dependent nature of the data. The paper reviews previous studies that used different machine learning and deep learning techniques and presents the potential benefits of using RNN algorithms to improve ADS-B security.
more »
« less
- Award ID(s):
- 2006674
- PAR ID:
- 10564790
- Publisher / Repository:
- IEEE
- Date Published:
- ISBN:
- 979-8-3503-9309-5
- Page Range / eLocation ID:
- 1 to 8
- Format(s):
- Medium: X
- Location:
- Herndon, VA, USA
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
This work proposes the use of machine learning (ML) as a candidate for the detection of various types of message injection attacks against automatic dependent surveillance-broadcast (ADSB) messaging systems. Authentic ADS-B messages from a high-traffic area are collected from an open-source platform. These messages are combined with others imposing path modification, ghost aircraft injection, and velocity drift obtained from simulations. Then, ADS-B-related features are extracted from such messages and used to train different ML models for binary classification. For this purpose, authentic ADS-B data is considered as Class 1 (i.e., no attack), while the injection attacks are considered as Class 2 (i.e., presence of attack). The performance of the models is analyzed with metrics, including detection, misdetection, and false alarm rates, as well as validation accuracy, precision, recall, and Fl-score. The resulting models enable identifying the presence of injection attacks with a detection rate of 99.05%, and false alarm and misdetection rates of 0.76% and 1.10%, respectively.more » « less
-
Cyber-physical system security is a significant concern in the critical infrastructure. Strong interdependencies between cyber and physical components render cyber-physical systems highly susceptible to integrity attacks such as injecting malicious data and projecting fake sensor measurements. Traditional security models partition cyber-physical systems into just two domains – high and low. This absolute partitioning is not well suited to cyber-physical systems because they comprise multiple overlapping partitions. Information flow properties, which model how inputs to a system affect its outputs across security partitions, are important considerations in cyber-physical systems. Information flows support traceability analysis that helps detect vulnerabilities and anomalous sources, contributing to the implementation of mitigation measures. This chapter describes an automated model with graph-based information flow traversal for identifying information flow paths in the Automatic Dependent Surveillance-Broadcast (ADS-B) system used in civilian aviation, and subsequently partitioning the flows into security domains. The results help identify ADS-B system vulnerabilities to failures and attacks, and determine potential mitigation measures.more » « less
-
Air traffic control (ATC) is a safety-critical service system that demands constant attention from ground air traffic controllers (ATCos) to maintain daily aviation operations. The workload of the ATCos can have negative effects on operational safety and airspace usage. To avoid overloading and ensure an acceptable workload level for the ATCos, it is important to predict the ATCos’ workload accurately for mitigation actions. In this paper, we first perform a review of research on ATCo workload, mostly from the air traffic perspective. Then, we briefly introduce the setup of the human-in-the-loop (HITL) simulations with retired ATCos, where the air traffic data and workload labels are obtained. The simulations are conducted under three Phoenix approach scenarios while the human ATCos are requested to self-evaluate their workload ratings (i.e., low-1 to high-7). Preliminary data analysis is conducted. Next, we propose a graph-based deep-learning framework with conformal prediction to identify the ATCo workload levels. The number of aircraft under the controller’s control varies both spatially and temporally, resulting in dynamically evolving graphs. The experiment results suggest that (a) besides the traffic density feature, the traffic conflict feature contributes to the workload prediction capabilities (i.e., minimum horizontal/vertical separation distance); (b) directly learning from the spatiotemporal graph layout of airspace with graph neural network can achieve higher prediction accuracy, compare to hand-crafted traffic complexity features; (c) conformal prediction is a valuable tool to further boost model prediction accuracy, resulting a range of predicted workload labels. The code used is available at Link.more » « less
-
With the growing popularity of small unmanned aircraft systems (UAS), there is a significant need to enable small UAS to detect and avoid collisions with both manned and unmanned aircraft. The capabilities of ADS-B make it an attractive sensor for detect and avoid (DAA), but it is susceptible to frequency congestion. This paper quantitatively analyzes the frequency limitations of 978 MHz ADS-B. It then uses these limitations to make a recommendation for well clear in ADS-B-equipped airspace that has a high density of small UAS operations.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Conference Paper:
- https://doi.org/10.1109/ICNS60906.2024.10550816
