research-article

Lightweight Location Verification in Air Traffic Surveillance Networks

Authors:

Martin Strohmeier,

Vincent Lenders,

Ivan MartinovicAuthors Info & Claims

CPSS '15: Proceedings of the 1st ACM Workshop on Cyber-Physical System Security

Pages 49 - 60

https://doi.org/10.1145/2732198.2732202

Published: 14 April 2015 Publication History

Abstract

In this work, we develop a realistic threat model for attacks on modern air traffic communication networks and show that current state-of-the-art countermeasures such as multilateration are insufficient. We propose two alternatives, a statistical location verification technique and a grid-based location estimation approach, to deal with the identified threats. We evaluate our proposals using real-world flight data and quantify their effectiveness in terms of aircraft location accuracy, resilience to message injection attacks, attack detection speed, and surveillance coverage.

Our results show that the statistical verification approach can increase the effective air traffic surveillance coverage compared to multilateration by a factor of more than 100. Concerning our location estimation method, we find that the mean aircraft location accuracy can be increased by up to 41% in comparison with multilateration while also being able to pinpoint ground-based attackers with a mean error of 145m for air-based attackers. Finally, we demonstrate that our proposal is lightweight as it does not require any changes to the existing air traffic protocols and transmitters, and is easily implemented using only low-cost hardware.

References

[1]

L. Vidal, "ADS-B Out and In - Airbus Status," ADS-B Taskforce - KOLKATA, Apr. 2013.

[2]

A. A. Cardenas, S. Amin, Z.-S. Lin, Y.-L. Huang, C.-Y. Huang, and S. Sastry, "Attacks against process control systems: risk assessment, detection, and response," in Proceedings of the 6th ACM symposium on information, computer and communications security. ACM, 2011, pp. 355--366.

Digital Library

[3]

D.-Y. Yu, A. Ranganathan, T. Locher, S. Capkun, and D. Basin, "Detection of GPS spoofing attacks in power grids," in Proc. of the 2014 ACM conference on Security and privacy in wireless & mobile networks. ACM, 2014.

Digital Library

[4]

A. Costin and A. Francillon, "Ghost in the Air (Traffic): On insecurity of ADS-B protocol and practical attacks on ADS-B devices," in Black Hat USA, 2012.

[5]

R. Kunkel, "Air traffic control insecurity 2.0," in DefCon 18, 2010.

[6]

M. Schäfer, V. Lenders, and I. Martinovic, "Experimental analysis of attacks on next generation air traffic communication," in Applied Cryptography and Network Security, ser. LNCS, no. 7954. Springer, Jun. 2013.

Digital Library

[7]

ICAO, "Cyber Security for Civil Aviation," in Twelfth Air Navigation Conference, 2012, pp. 1--4.

[8]

M. Clayton. (2014, Mar.) Malaysia airlines ight mh370: Are planes vulnerable to cyber-attack? Christian Science Monitor.

[9]

M. Strohmeier, V. Lenders, and I. Martinovic, "Security of ADS-B: State of the Art and Beyond," arXiv preprint arXiv:1307.3664, Jul. 2013.

[10]

D. McCallie, J. Butts, and R. Mills, "Security analysis of the ADS-B implementation in the next generation air transportation system," International Journal of Critical Infrastructure Protection, vol. 4, no. 2, pp. 78--87, Aug. 2011.

[11]

L. Purton, H. Abbass, and S. Alam, "Identification of ADS-B System Vulnerabilities and Threats," in Australian Transport Research Forum, Canberra, 2010.

[12]

A. Proano and L. Lazos, "Selective jamming attacks in wireless networks," in Communications (ICC), 2010 IEEE International Conference on. IEEE, 2010.

[13]

M. Strohmeier, M. Schäfer, V. Lenders, and I. Martinovic, "Realities and Challenges of NextGen Air Traffic Management: The Case of ADS-B," Communications Magazine, IEEE, vol. 52, no. 5, May 2014.

[14]

ICAO, "Guidance Material: Security issues associated with ADS-B," Tech. Rep., 2014.

[15]

A. Smith, R. Cassell, T. Breen, R. Hulstrom, and C. Evers, "Methods to Provide System-wide ADS-B Back-Up, Validation and Security," in 25th Digital Avionics Systems Conf., 2006.

[16]

ICAO, "Guidance Material on Comparison of Surveillance Technologies (GMST)," Tech. Rep. September, 2007.

[17]

M. Gariel and E. Feron, "Graceful degradation of air traffic operations: airspace sensitivity to degraded surveillance systems," Proceedings of the IEEE, vol. 96, no. 12, 2008.

[18]

K. D. Wesson, T. E. Humphreys, and B. L. Evans, "Can cryptography secure next generation air traffic surveillance?" IEEE Security and Privacy Magazine, 2014.

[19]

A. Greenberg. (2012, Jul.) Next-gen air traffic control vulnerable to hackers spoofing planes out of thin air. Forbes.

[20]

K. Zetter. (2012, Jul.) Air traffic controllers pick the wrong week to quit using radar. Wired.

[21]

B. Haines, "Hacker + airplanes = no good can come of this," in Confidence X, 2012.

[22]

B. Kovell, B. Mellish, T. Newman, and O. Kajopaiye, "Comparative Analysis of ADS-B Verification Tech." 2012.

[23]

K. Sampigethaya and R. Poovendran, "Security and privacy of future aircraft wireless communications with offboard systems," in 2011 Third International Conference on Communication Systems and Networks (COMSNETS 2011). IEEE, 2011.

[24]

B. Nuseibeh, C. B. Haley, and C. Foster, "Securing the Skies: In Requirements We Trust," Computer, vol. 42, no. 9, 2009.

Digital Library

[25]

I. A. Mantilla-Gaviria, M. Leonardi, G. Galati, and J. V. Balbastre-Tejedor, "Localization algorithms for multilateration (MLAT) systems in airport surface surveillance," Signal, Im. and Video Processing, 2014.

[26]

W. W. Li and P. Kamal, "Integrated Aviation Security for Defense-in-Depth of Next Generation Air Transportation System," in IEEE Conf. on Tech. for Homeland Sec., 2011.

[27]

M. Schäfer, V. Lenders, and I. Martinovic, "Experimental Analysis of Attacks on Next Generation Air Traffic Communication," in Applied Cryptography and Network Security. Springer, 2013, pp. 253--271.

Digital Library

[28]

C. Finke, J. Butts, R. Mills, and M. Grimaila, "Enhancing the security of aircraft surveillance in the next generation air traffic control system," International Journal of Critical Infrastructure Protection, vol. 6, no. 1, pp. 3--11, Mar. 2013.

[29]

K. Sampigethaya and L. Bushnell, "A Framework for Securing Future e-Enabled Aircraft Navigation and Surveillance," in AIAA Proceedings, 2009, pp. 1--10.

[30]

E. Chan-Tin, V. Heorhiadi, N. Hopper, and Y. Kim, "The Frog-Boiling Attack: Limitations of Secure Network Coordinate Systems," ACM Transactions on Information and System Security (TISSEC), vol. 14, no. 3, p. 27, 2011.

Digital Library

[31]

RTCA Inc., "Minimum Operational Performance Standards for 1090 MHz Extended Squitter Automatic Dependent Surveillance - Broadcast (ADS-B) and Traffic Information Services - Broadcast (TIS-B)," DO-260B with Corrig. 1, 2011.

[32]

N. J. Gomes, P. P. Monteiro, and A. Gameiro, Next generation wireless communications using radio over fiber. Wiley, 2012.

Digital Library

[33]

M. Mosavi and H. Azami, "Applying Neural Network Ensembles for Clustering of GPS Satellites." International Journal of Geoinformatics, vol. 7, no. 3, 2011.

[34]

G. Galati, M. Leonardi, P. Magarò, and V. Paciucci, "Wide area surveillance using SSR mode S multilateration: advantages and limitations," in European Radar Conference (EURAD), 2005.

[35]

N. O. Tippenhauer, C. Pöpper, K. B. Rasmussen, and S. Capkun, "On the requirements for successful GPS spoofing attacks," in Proceedings of the 18th ACM conference on Computer and Communications Security. ACM, 2011.

Digital Library

[36]

W. Y. Poe, "Design problems in large-scale, time-sensitive wsns," Ph.D. dissertation, TU Kaiserslautern, Germany, 2013.

[37]

H. Liu, H. Darabi, P. Banerjee, and J. Liu, "Survey of wireless indoor positioning techniques and systems," Systems, Man, and Cybernetics, Part C: Applications and Reviews, IEEE Transactions on, vol. 37, no. 6, 2007.

Digital Library

[38]

P. Bahl and V. N. Padmanabhan, "RADAR: An in-building RF-based user location and tracking system," in INFOCOM 2000. 19th Annual Joint Conf. of the IEEE Computer and Communications Societies. Proceedings. IEEE, vol. 2, 2000.

[39]

A. Rozyyev, H. Hasbullah, and F. Subhan, "Combined K-Nearest Neighbors and Fuzzy Logic Indoor Localization Technique for Wireless Sensor Network," Research Journal of Inform. Tech., vol. 4, no. 4, 2012.

[40]

M. Schäfer, M. Strohmeier, V. Lenders, I. Martinovic, and M. Wilhelm, "Bringing Up OpenSky: A Large-scale ADS-B Sensor Network for Research," in ACM/IEEE International Conf. on Information Processing in Sensor Networks, 2014.

Digital Library

[41]

A. Jafarnia-Jahromi, A. Broumandan, J. Nielsen, and G. Lachapelle, "GPS vulnerability to spoofing threats and a review of antispoofing techniques," International Journal of Navigation and Observation, 2012.

Cited By

Abu Al-Haija QAl-Tamimi A(2024)Secure Aviation Control through a Streamlined ADS-B Perception SystemApplied System Innovation10.3390/asi70200277:2(27)Online publication date: 26-Mar-2024
https://doi.org/10.3390/asi7020027
Brighente AConti MSalaeva STurrin F(2024)One Class to Test Them All: One-Class Classifier-Based ADS-B Location Spoofing DetectionApplied Cryptography and Network Security Workshops10.1007/978-3-031-61489-7_4(55-74)Online publication date: 5-Mar-2024
https://dl.acm.org/doi/10.1007/978-3-031-61489-7_4
McDougall JBrighente AGroβmann WMcDougall BStock JFederrath H(2023)LoVe is in the Air - Location Verification of ADS-B Signals using Distributed Public SensorsICC 2023 - IEEE International Conference on Communications10.1109/ICC45041.2023.10278848(6040-6045)Online publication date: 28-May-2023
https://doi.org/10.1109/ICC45041.2023.10278848
Show More Cited By

Index Terms

Lightweight Location Verification in Air Traffic Surveillance Networks
1. Security and privacy
  1. Network security

Recommendations

Investigation of multi-device location spoofing attacks on air traffic control and possible countermeasures
MobiCom '16: Proceedings of the 22nd Annual International Conference on Mobile Computing and Networking

Multilateration techniques have been proposed to verify the integrity of unprotected location claims in wireless localization systems. A common assumption is that the adversary is equipped with only a single device from which it transmits location ...
MAVPro: ADS-B message verification for aviation security with minimal numbers of on-ground sensors
WiSec '20: Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks

Automatic Dependent Surveillance Broadcast (ADS-B) centrally contributes to aircraft traffic control in the US and Europe since 2020. ADS-B messages contain information about aircraft location and tracks to provide better real-time traceability of ...
Localization of Spoofing Devices using a Large-scale Air Traffic Surveillance System
ASIA CCS '17: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security

Systems relying on satellite positioning techniques such as GPS can be targeted by spoofing attacks, where attackers try to inject fake positioning information. With the growing spread of flying drones and their usage of GPS for localization, these ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CPSS '15: Proceedings of the 1st ACM Workshop on Cyber-Physical System Security

April 2015

116 pages

ISBN:9781450334488

DOI:10.1145/2732198

General Chair:
Jianying Zhou
I2R, Singapore
,
Program Chairs:
Jianying Zhou
I2R, Singapore
,
Douglas Jones
ADSC, Singapore

Copyright © 2015 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 April 2015

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ASIA CCS '15

Sponsor:

SIGSAC

ASIA CCS '15: 10th ACM Symposium on Information, Computer and Communications Security

April 14 - March 14, 2015

Singapore, Republic of Singapore

Acceptance Rates

CPSS '15 Paper Acceptance Rate 9 of 26 submissions, 35%;

Overall Acceptance Rate 43 of 135 submissions, 32%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

38
Total Citations
View Citations
404
Total Downloads

Downloads (Last 12 months)16
Downloads (Last 6 weeks)3

Reflects downloads up to 03 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Abu Al-Haija QAl-Tamimi A(2024)Secure Aviation Control through a Streamlined ADS-B Perception SystemApplied System Innovation10.3390/asi70200277:2(27)Online publication date: 26-Mar-2024
https://doi.org/10.3390/asi7020027
Brighente AConti MSalaeva STurrin F(2024)One Class to Test Them All: One-Class Classifier-Based ADS-B Location Spoofing DetectionApplied Cryptography and Network Security Workshops10.1007/978-3-031-61489-7_4(55-74)Online publication date: 5-Mar-2024
https://dl.acm.org/doi/10.1007/978-3-031-61489-7_4
McDougall JBrighente AGroβmann WMcDougall BStock JFederrath H(2023)LoVe is in the Air - Location Verification of ADS-B Signals using Distributed Public SensorsICC 2023 - IEEE International Conference on Communications10.1109/ICC45041.2023.10278848(6040-6045)Online publication date: 28-May-2023
https://doi.org/10.1109/ICC45041.2023.10278848
Naganawa J(2022)Improvement in RSSI-Based Distance Estimation for Aircraft ADS-B Signal by Antenna DiversityProceedings of the Multimedia University Engineering Conference (MECON 2022)10.2991/978-94-6463-082-4_31(358-366)Online publication date: 23-Dec-2022
https://doi.org/10.2991/978-94-6463-082-4_31
Habler EShabtai A(2022)Analyzing Sequences of Airspace States to Detect Anomalous Traffic ConditionsIEEE Transactions on Aerospace and Electronic Systems10.1109/TAES.2021.312419958:3(1843-1857)Online publication date: Jun-2022
https://doi.org/10.1109/TAES.2021.3124199
Allmann CStanzel SSteffes C(2022)TDOA-based Position Verification of ADS-B Information Using a Sensor Network2022 Sensor Data Fusion: Trends, Solutions, Applications (SDF)10.1109/SDF55338.2022.9931704(1-6)Online publication date: 12-Oct-2022
https://doi.org/10.1109/SDF55338.2022.9931704
Naganawa JMiyazaki H(2022)Comparison of ADS-B Verification Methods: Direct TDOA and MLATIEEE Access10.1109/ACCESS.2022.320494310(97276-97288)Online publication date: 2022
https://doi.org/10.1109/ACCESS.2022.3204943
Rudys SAleksandravicius JAleksiejunas RKonovaltsev AZhu CGreda L(2022)Physical layer protection for ADS-B against spoofing and jammingInternational Journal of Critical Infrastructure Protection10.1016/j.ijcip.2022.10055538:COnline publication date: 1-Sep-2022
https://dl.acm.org/doi/10.1016/j.ijcip.2022.100555
Yang HLi HShen XYang HLi HShen X(2022)Aircraft Location VerificationSecure Automatic Dependent Surveillance-Broadcast Systems10.1007/978-3-031-07021-1_4(85-115)Online publication date: 24-Aug-2022
https://doi.org/10.1007/978-3-031-07021-1_4
Tang A(2021)A Review on Cybersecurity Vulnerabilities for Urban Air MobilityAIAA Scitech 2021 Forum10.2514/6.2021-0773Online publication date: 4-Jan-2021
https://doi.org/10.2514/6.2021-0773
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten