TY - UNPB
T1 - VizADS-B
T2 - Analyzing Sequences of ADS-B Images Using Explainable Convolutional LSTM Encoder-Decoder to Detect Cyber Attacks
AU - Akerman, Sefi
AU - Habler, Edan
AU - Shabtai, Asaf
PY - 2019/6/19
Y1 - 2019/6/19
N2 - The purpose of the automatic dependent surveillance broadcast (ADS-B) technology is to serve as a replacement for the current radar-based, air traffic control systems. Despite the considerable time and resources devoted to designing and developing the system, the ADS-B is well known for its lack of security mechanisms. Attempts to address these security vulnerabilities have been made in previous studies by modifying the protocol's current architecture or by using additional hardware components. These solutions, however, are considered impractical because of 1) the complex regulatory process involving avionic systems, 2) the high costs of using hardware components, and 3) the fact that the ADS-B system itself is already deployed in most aircraft and ground stations around the world. In this paper, we propose VizADS-B, an alternative software-based security solution for detecting anomalous ADS-B messages, which does not require any alteration of the current ADS-B architecture or the addition of sensors. According to the proposed method, the information obtained from all aircraft within a specific geographical area is aggregated and represented as a stream of images. Then, a convolutional LSTM encoder-decoder model is used for analyzing and detecting anomalies in the sequences of images. In addition, we propose an explainability technique, designed specifically for convolutional LSTM encoder-decoder models, which is used for providing operative information to the pilot as a visual indicator of a detected anomaly, thus allowing the pilot to make relevant decisions. We evaluated our proposed method on five datasets by injecting and subsequently identifying five different attacks. Our experiments demonstrate that most of the attacks can be detected based on spatio-temporal anomaly detection approach.
AB - The purpose of the automatic dependent surveillance broadcast (ADS-B) technology is to serve as a replacement for the current radar-based, air traffic control systems. Despite the considerable time and resources devoted to designing and developing the system, the ADS-B is well known for its lack of security mechanisms. Attempts to address these security vulnerabilities have been made in previous studies by modifying the protocol's current architecture or by using additional hardware components. These solutions, however, are considered impractical because of 1) the complex regulatory process involving avionic systems, 2) the high costs of using hardware components, and 3) the fact that the ADS-B system itself is already deployed in most aircraft and ground stations around the world. In this paper, we propose VizADS-B, an alternative software-based security solution for detecting anomalous ADS-B messages, which does not require any alteration of the current ADS-B architecture or the addition of sensors. According to the proposed method, the information obtained from all aircraft within a specific geographical area is aggregated and represented as a stream of images. Then, a convolutional LSTM encoder-decoder model is used for analyzing and detecting anomalies in the sequences of images. In addition, we propose an explainability technique, designed specifically for convolutional LSTM encoder-decoder models, which is used for providing operative information to the pilot as a visual indicator of a detected anomaly, thus allowing the pilot to make relevant decisions. We evaluated our proposed method on five datasets by injecting and subsequently identifying five different attacks. Our experiments demonstrate that most of the attacks can be detected based on spatio-temporal anomaly detection approach.
KW - cs.CR
KW - eess.SP
U2 - 10.48550/arXiv.1906.07921
DO - 10.48550/arXiv.1906.07921
M3 - Preprint
BT - VizADS-B
ER -