Although the ADS-B system is going to play a major role in the safe navigation of airplanes and air traffic control (ATC) management, it is also well known for its lack of security mechanisms. Previous research has proposed various methods for improving the security of the ADS-B system and mitigating associated risks. However, these solutions typically require the use of additional participating nodes (or sensors) (e.g., to verify the location of the airplane by analyzing the physical signal) or modification of the current protocol architecture (e.g., adding encryption or authentication mechanisms.) Due to the regulation process regarding avionic systems and the fact that the ADS-B system is already deployed in most airplanes, applying such modifications to the current protocol at this stage is impractical. In this paper we propose an alternative security solution for detecting anomalous ADS-B messages aimed at the detection of spoofed or manipulated ADS-B messages sent by an attacker or compromised airplane. The proposed approach utilizes an LSTM encoder-decoder algorithm for modeling flight routes by analyzing sequences of legitimate ADS-B messages. Using these models, aircraft can autonomously evaluate received ADS-B messages and identify deviations from the legitimate flight path (i.e., anomalies). We examined our approach on six different flight route datasets to which we injected different types of anomalies. Using our approach we were able to detect all of the injected attacks with an average false alarm rate of 4.3% for all of datasets.
The sophistication and complexity of cyber attacks and the variety of targeted platforms have grown in recent years. Adversaries are targeting a wide range of platforms, e.g., enterprise networks, mobile phones, PCs, and industrial control systems. The last few years have also seen various cyber attacks on transportation systems, including attacks on ports, trains, airports, and aircrafts. Due to the enormous potential damage inherent in attacking vehicles carrying many passengers and the lack of security measures applied in existing airborne systems, the vulnerability of aircraft systems is one of the most concerning topics in the vehicle security domain. This paper provides a comprehensive review of aircraft systems and components and their various networks, emphasizing the cyber threats they are exposed to and the impact of a cyber attack on these components and networks and an aircraft’s essential capabilities. In addition, we present a comprehensive and in-depth taxonomy that standardizes the knowledge and understanding of cyber security in the avionics field. The taxonomy divides attack techniques into relevant categories (tactics) reflecting the various phases of the adversarial attack lifecycle and maps existing attacks according to the MITRE ATT&CK methodology. To contribute to increased understanding of the potential risks, we categorize the identified threats related to the various systems based on STRIDE threat model and demonstrate the practical application of this taxonomy in the analysis of real-world attack use cases. Finally, we review various mitigation techniques aimed at addressing security risks related to aircraft systems. Future work directions are presented as guidelines for industry and academia.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.