Conference PaperPDF Available

Test Data Generation for False Data Injection Attack Testing in Air Traffic Surveillance

Authors:

Abstract and Figures

The ADS-B-Automatic Dependent Surveillance Broadcast-technology requires aircraft to broadcast their position and velocity periodically. The protocol was not specified with cyber security in mind and therefore provides no encryption nor identification. These issues, coupled with the reliance on aircraft to communicate on their status, expose air transport to new cyber security threats, and especially to FDIAs-False Data Injection Attacks-where an attacker modifies, blocks, or emits fake ADS-B messages to dupe controllers and surveillance systems. This paper is part of an ongoing research initiative toward the generation of FDIA test scenarios and focuses on the test generation activity, i.e. providing the mechanisms to alter existing ADS-B recordings as if an attacker had tempered with the communication flow, in order to improve the detection capabilities of surveillance systems. We propose a set of alteration algorithms covering the taxonomy of FDIA attacks for ADS-B previously defined in the literature. We experiment this approach by generating test data for an AI-based FDIA detection system [9]. Experimental results show that the proposed approach is straightforward to generate the initial situations used to validate the detection system. Moreover, it provides a efficient way to easily generate sophisticated alterations that were not picked up by the detection system.
Evolution of anomaly score for TRJ. For instance, results can differ depending on the time gap between messages. If this gap is bigger, deleting 4 messages out of 5 means that the aircraft goes dark for a longer period of time, easing the detection. Overall, the false data injections recreated by FDI-T is also detected as handcrafted ones. As for the results presented in Figure 4 concerning the anomaly TRJ generated on a flight between Oslo and Paris, we find that the anomaly score goes way below the detection threshold set for the other five anomalies. It results to an unnoticed attack. However, we can also observe that the use of FDI-T to modify trajectories has the side effect of smoothing the curve, making it detectable for a human eye. A workaround is to add some noise to generate more realistic data. We show with TRJ that our tool is capable to create alterations that would be too cumbersome to create by hand as we are close to 5000 messages modified from the original flight. In addition, these crafted attacks are smart enough to be not detected by a model taken from the litterature, which exposes its limits on real contexts. So, we can now provide an answer to the research question RQ2 (To what extent is the approach relevant to generate synthetic data for AI Testing?). Not only it was possible to generate the anomalies that were used to evaluate Habler et. al.'s model, but the presented approach made it possible to generate a more complex anomaly that was not picked up by the model. Moreover, it is suitable for providing synthetic test data for ML based detection systems.
… 
Content may be subject to copyright.
Test Data Generation for False Data Injection
Attack Testing in Air Traffic Surveillance
Aymeric Cretin
FEMTO-ST Institute, UBFC, CNRS
Besanc¸on, FRANCE
aymeric.cretin@femto-st.fr
Alexandre Vernotte
FEMTO-ST Institute, UBFC, CNRS
Besanc¸on, FRANCE
alexandre.vernotte@femto-st.fr
Antoine Chevrot
FEMTO-ST Institute, UBFC, CNRS
Besanc¸on, FRANCE
antoine.chevrot@femto-st.fr
Fabien Peureux
FEMTO-ST Institute, UBFC, CNRS
Besanc¸on, FRANCE
fabien.peureux@femto-st.fr
Bruno Legeard
FEMTO-ST Institute, UBFC, CNRS
Smartesting Solutions and Services
Besanc¸on, FRANCE
bruno.legeard@femto-st.fr
Abstract—The ADS-B — Automatic Dependent Surveillance
Broadcast — technology requires aircraft to broadcast their posi-
tion and velocity periodically. The protocol was not specified with
cyber security in minds and therefore provides no encryption nor
identification. These issues, coupled with the reliance on aircraft
to communicate on their status, expose air transport to new cyber
security threats, and especially to FDIAs — False Data Injection
Attacks — where an attacker modifies, blocks, or emits fake
ADS-B messages to dupe controllers and surveillance systems.
This paper is part of an ongoing research initiative toward FDIA
test generation intended to improve the detection capabilities
of surveillance systems. It focuses on the mechanisms used to
alter existing legitimate ADS-B recordings as if an attacker had
tempered with the communication flow. We propose a set of
alteration algorithms covering the taxonomy of FDIA attacks for
ADS-B previously defined in the literature. We experiment this
approach by generating test data for an AI-based FDIA detection
system [8]. Experimental results show that the proposed approach
is straightforward to generate attack situations and provides a
efficient way to easily generate sophisticated alterations that were
not picked up by the detection system.
Keywords—AI testing, test data generation, false data injection
attacks, air surveillance.
I. INTRODUCTION
The world of air transport is facing new challenges as the
traffic load keeps growing steadily1. With an increasingly con-
gested airspace, Air Traffic Control (ATC) needs surveillance
technologies that can support the increasing constraints in
terms of simultaneously handled aircraft as well as positioning
accuracy. The Automatic Dependent Surveillance-Broadcast
(ADS-B) protocol is currently being rolled out in an effort
to reduce costs and improve aircraft position accuracy [21].
Communication via ADS-B consists of participants broadcast-
ing their current position and other information periodically
(a.k.a. a beacon) in an unencrypted message [14].
However, the fundamental technological changes in ATC
needed to support increasing traffic, which consist of a shift
from independent and non-cooperative surveillance technolo-
gies to dependent and cooperative ones, have rendered the ATC
1http://www.boeing.com/commercial/market/current-market-outlook-2017/
community unable to foresee the new emerging threats related
to cyber security. The ADS-B protocol was not designed with
security in mind since securing ADS-B communication was
not a high priority during its specification. As a consequence,
anyone with the right equipment can listen and emit freely. For
instance, there is a market for equipping private aircraft with
ADS-B transponders using a smartphone and a dongle2. The
complete freedom of ADS-B both in emission and reception
makes it vulnerable to spoofing, and more precisely to a class
of attack called False Data Injection Attack (FDIA) which
purpose is to covertly emit meticulously-crafted fake surveil-
lance messages in order to dupe ATC controllers into thinking,
for instance, that some aircraft is dangerously approaching a
building, while in reality it is flying normally.
Although it is not the only means for Aircraft tracking
— other protocols are also used in conjunction of radar
technologies —, ADS-B plays a central role in the current
shift regarding aircraft position, collected from radar systems
to GNSS [4]. It is so central in fact that it has become a
mandatory brick of air traffic surveillance and any observed
problem will ground all aircraft in the area3. Hence there is
a strong need to improve its overall security. Nevertheless,
because of the inherent properties of the protocol, current
solutions for securing ADS-B communications are only partial
or involve an unbearable cost [22].
Instead, ATC should be made more secure by strengthening
its logic, but the ability to differentiate attacks from real
critical situations still remains a challenge that is being tackled
by the ATC community. Indeed, multiple integrity checks or
detection approaches are rolled out or under study. These
solutions are new and need to be deeply tested. To the best of
our knowledge, there is no direct previously published work
addressing the assessment of the efficiency of this kind of
security. The most related work is a framework proposed by
Barreto et. al. [3], which allows for the simulation of an
2https://www.uavionix.com/products/skybeacon/
3https://hackaday.com/2019/06/09/gps-and-ads- b-problems- cause-cancelled- flights/
entire air traffic environment (aircraft, radio relay, network
infrastructure, etc.). They perform FDIAs in the simulated
environment to evaluate the attack impact on each compo-
nent. The approach provides substantial information on how
components react to an FDIA. Still, implementing all network
behaviours of a scenario requires a lot of effort and the
approach does not allow for the concretization of the simulated
attacks on actual ATC software.
The contribution of this paper is part of an ongoing research
initiative about FDIA testing that ultimately led to the creation
of a testing framework called FDI-T [6] (False Data Injection
Testing framework). This framework allows ATC experts to
simulate FDIAs by creating, modifying and deleting recorded
legitimate ADS-B messages in a fruitful, scalable and pro-
ductive manner. The generated test scenarios can be executed
on ATC systems in order to evaluate their resilience against
potential security and safety anomalies related to FDIAs. They
can also be used as test data to evaluate machine learning
based detection systems, and improve their detection rate. The
paper focuses on the alteration mechanisms that take as input
one or several air traffic recordings and a list of alteration
directives in order to simulate the presence of FDIAs in air
traffic surveillance communications.
The paper is organized as follows. Section II briefly provides
a basis for common concepts and current practices regarding
air traffic surveillance as well as the key aspects to test such
systems, especially regarding test scenarios based on FDIAs.
Afterwards, Sect. III introduces the proposed approach to
perform FDIAs on ADS-B messages and describes the au-
tomated process supporting the method. Section IV details the
various algorithms used to apply alteration directives on ADS-
B messages and explains how this generation is automated.
Section V demonstrates the ability of the proposed approach
to generate test data to assess the detection capabilities of a
machine learning technique from the literature [8]. Finally,
Sect. VI recaps the major contributions of the paper and
suggests directions for future work.
II. BACKGROU ND A ND RESEARCH OBJECTIVE
A. ADS-B Protocol
Communication via ADS-B consists of aircraft using a
Global Navigation Satellite System (GNSS) to determine their
position and broadcast it periodically without solicitation (a.k.a
beacons or squitters), along with other information obtained
from on-board systems such as altitude, ground speed, air-
craft identity, heading, etc. Ground stations pick up on the
squitters, process them and send the information out to the
ATC system. ADS-B is therefore a cooperative (aircraft need
a transponder) and dependent (on aircraft data) surveillance
technology.It means for instance that ground stations with
antennas positioned at the right angle and direction can receive
position information. Aircraft can now receive squitters from
other aircraft, which notably improves cockpit situational
awareness as well as collision avoidance. For instance, the
second generation of the Traffic Alert and Collision Avoidance
System (TCAS-II) is based on ADS-B data.
Its introduction also provides controllers with improved
situational awareness of aircraft positions in En-Route and
TMA (Terminal Control Area) airspaces, and especially in
NRAs (Non Radar Areas). It theoretically gives the possibility
of applying much smaller separation minima than what is
presently used with current procedures (Procedural Separa-
tion) [1].
ADS-B has the advantage of being a much cheaper technol-
ogy as it has minimal infrastructure requirements. For instance,
an ADS-B receiver can easily be bought online for a few
hundreds euros4. ADS-B has a high accuracy and update rate,
with a small latency. The major drawback of the technology
lies in its lack of encryption and authentication, which is
discussed in the following section.
B. False Data Injection Attacks
Extensive research can be found in the literature discussing
the cyber security of surveillance communications [17], [22],
[23], [25]. The progressive shift from independent and non-
cooperative technologies (PSR) to dependent and cooperative
technologies (ADS-B) has created a strong reliance on external
entities (aircraft, GNSS) to estimate aircraft state. This reliance
has brought alarming cyber security issues.
FDIAs were initially introduced in the domain of wireless
sensor networks [11]. A wireless sensor network is composed
of a set of nodes (i.e. sensors) that send data reports to one
or several ground stations. Ground stations process the reports
to reach a consensus about the current state of the monitored
system. A typical scenario consists of an attacker who first
penetrates the sensor network, usually by compromising one
or several nodes, and thereafter injects false data reports to be
delivered to the base stations. This can lead to the production
of false alarms, the waste of valuable network resources, or
even physical damage. Active research regarding FDIAs has
been conducted in the power sector, mainly against smart grid
state estimators [10]. It shows that these attacks may lead
to power blackouts but can also disrupt electricity markets,
despite several integrity checks.
FDIAs also exist in the domain of air traffic surveillance:
because surveillance relies on the information provided by
aircraft’s transponders to ground stations, aircraft transponders
are equivalent to nodes from a wireless network and ground
stations are equivalent to base stations (but there is no real
effort in the ATC domain to penetrate the sensor network since
all communications are unauthenticated and in clear text).
Still, performing FDIAs on surveillance communications is no
simple task: it requires a deep understanding of the system,
its protocol(s) and its logic, to covertly alter (by injecting
falsified squitters and deleting genuine ones) the consensus
reached by the ground station regarding the air situation
picture. These attacks are much more complex to achieve than
e.g., jamming, because the logic of the communication flow
must be preserved and the falsified data must go unnoticed.
4https://flywithscout.com
Considering the attacker has the necessary equipment, he can
perform three malicious basic operations [13]:
(i) Message injection which consists of emitting non-
legitimate but well-formed ADS-B messages.
(ii) Message deletion which consists of physically deleting
targeted legitimate messages using destructive or con-
structive interference (message deletion may not be mis-
taken for jamming as jamming blocks all communications
while message deletion drops selected messages only).
(iii) Message modification which consists of modifying
targeted legitimate messages using overshadowing, bit-
flipping or combinations of message deletion or injection.
The above three techniques allow for the execution of several
attack scenarios that can be categorized as follows [17]:
Ghost Aircraft Injection. The goal is to create a non-
existing aircraft by broadcasting fake ADS-B messages
on the communication channel.
Ghost Aircraft Flooding. This attack is similar to the
first one but consists of injecting multiple aircraft simul-
taneously to saturate the air situation picture and generate
a denial of service of the controller’s surveillance system.
Virtual Trajectory Modification. Using either message
modification or a combination of message injection and
deletion, this attack aims to modify the aircraft perceived
trajectory.
False Alarm Attack. Based on the same techniques as
the previous attack, the goal is to modify the messages
of an aircraft in order to indicate a fake alarm. A typical
example would be modifying the squawk code to 7500,
indicating the aircraft has been hijacked.
Aircraft Disappearance. Deleting all messages emitted
by an aircraft can lead to the failure of collision avoidance
systems and ground sensors confusion. It could also force
the aircraft under attack to land for safety check.
Aircraft Spoofing. This attack consists of spoofing the
ICAO number of an aircraft through message deletion
and injection. This could allow an enemy aircraft to pass
for a friendly one and reduce causes for alarm.
One can sense the potential for disaster if one of these
attack scenarios was to be executed successfully. It is of
the utmost importance that none of the scenarios represent
a real threat to such a critical infrastructure with human lives
on the line. However, because of the inherent properties of
the ADS-B protocol, current solutions for securing ADS-B
communications are only partial or involve an unbearable
cost [22]. Therefore, ATC systems must become more robust
against FDIAs, i.e. being capable of automatically detecting
any tempering with the surveillance communication flow.
C. FDIA detection using Machine Learning
Machine Learning techniques have significantly contributed
to improving the detection of anomalies in many domains.
There are few of many applications of irregularity disclosure
using Machine Learning techniques, e.g., detecting abnormal
cells or markers on medical imagery [16], [18], detecting
intruders on a network using logging information [24], or
detecting traffic inconsistencies in bus trajectory data [9].
Regarding anomaly detection in ADS-B data, several experi-
ments can be found in the literature. Using signal discrepancies
through different receiver sensors [12] shows the ease of access
to physical data through personal antennas. It can be noted that
platforms, such as Opensky-Network [19], helped the training
of models using the logical aspects of ADS-B [8], [20].
However, a major drawback of using Machine Learning
techniques for anomaly detection is the lack of pre-existing
altered data, whether to use it for training or testing. While
contributions exist using unsupervised models on unbalanced
dataset with good detection scores [5], [15], supervised learn-
ing will often yield underperforming results. Hence, there is
a need of harmonizing dataset to explore new models and
improve existing ones. Alteration mechanisms, as proposed in
this paper, would enable such goals on ADS-B data.
D. Research Objective and Questions
It is critical to make sure that FDIA detection systems are
properly and thoroughly tested. Such a testing campaign needs
large sets of test data in the form of air traffic recordings,
where ideally half of the recordings present an anomaly, i.e.
an FDIA that should be detected. The creation of FDIA test
scenarios in the ATC domain can be very complex. This
requires at the same time altering or creating false data (e.g.,
creating ghost aircraft) while ensuring the consistency of all
data. It is also necessary to ensure the widest possible coverage
w.r.t. the taxonomy of attacks previously given. The creation of
a set of algorithms capable of generating FDIA test scenarios
thus aims to considerably increase the feasibility of in-depth
testing, especially regaring the efficiency and effectiveness of
FDIA detection systems. Based on these observations, we have
defined the following research objective:
Create a set of alteration algorithms to automate the
production of synthetic FDIA scenarios for the testing of
supervised learning-based detection models.
From this research objective, we have identified two
research questions expressed and developed below. We refer
to these questions in Sect. V when evaluating the approach.
RQ1 To what extent is it possible to automatically gener-
ate FDIA scenarios to cover the ADS-B attack taxonomy?
The generated scenarios shall be computed algorithmically
and must integrate protocol and specific application domain
issues to ensure its relevance and realism.
RQ2 To what extent is the approach relevant to generate
synthetic data for testing an AI model detecting abnormal-
ities in ADS-B data?
In other cyber security domains (typically in IT), huge his-
torical databases of past attacks and demonstration of vulnera-
bility exploitation are available(e.g., the National Vulnerability
Database of the NIST5). Within ATC domain, there is no
5https://nvd.nist.gov/
history of FDIAs reported to the general public. Therefore our
approach aims to generate complex FDIA scenarios that could
contribute to more efficient ML-based detection systems.
III. ALTERATION PROC ES S OVE RVI EW
The proposed approach aims to generate altered versions of
an original recording in order to feed FDIA detection systems
to abnormal situations. A recording is a set of stored messages
emitted by real aircraft using an antenna or created from
data collected by online providers (e.g., OpenSky Network6.
Figure 1 depicts the alteration process enabling to produce
an altered recording from a set of original recordings and
alteration directives. The five items of the process are detailed
below.
ALTERATION
ENGINES
RECORDINGS SET
1
ALTERATION
DIRECTIVES 24
ALTERED
RECORDING
5
3
Fig. 1: Alteration process overview
1A set of original recordings contains recordings that can
be altered or used as a specific parameter of an alteration
directive (e.g., a replay attack needs one recording to perform
the alteration, and one source recording to be injected in the
first one. The source recording is specified in the directive).
2A list of alteration directives defines the specification
of the test scenario. Indeed, the alteration process relies on
a list of alteration directives to be performed on the original
recording. An alteration directive, depending on the type of
alteration, contains several parameters such as a time window
(when the alteration takes place in the recording), a list
of targeted aircraft, a list of way-points in case of virtual
trajectory modification for instance, etc.
3The switcher iterates over the list of alteration directives.
For each one, it calls the corresponding alteration engine
based on the type of the alteration specified in the processed
directive.
4The alteration engines are used to generate altered
recordings from original ones. There is an alteration engine
for each type of alteration. The engines are build according
to the structure of the method they implement (see Sect. IV)
where all the implemented algorithms are discussed.
5An altered recording is outputted from the process. Its
closeness to the original recording depends on the number
of targeted aircraft and on the scope defined in the alteration
directives.
6https://opensky-network.org/
A generated test scenario is formalized as S= (r, D)with
ras the targeted recording picked among the set of recordings,
and Das a list of alteration directives. Regarding the format
of messages taken as input, our prototype accepts surveillance
data in the SBS format7. SBS messages contain twenty two
fields. The first ten fields contain the reception time stamp and
static properties about the emitter aircraft or the flight, e.g.,
its ICAO 24-bit address8and its aircraft ID9.
The last twelve fields contain dynamic properties of the
emitter aircraft, i.e. properties that evolve over time such as
altitude and ground speed. There are eight types of message,
depending on the types of property that are communicated.
For instance, messages of type 3 contain position information
(altitude, latitude, longitude), while messages of type 4 contain
velocity information (ground speed, vertical rate and heading).
It should be noted that, for the description of the alteration
engines, we ignore the fact that there are various types of
message, and consider that messages contain all information.
This abstraction considerably reduces the complexity of the
algorithms without loosing essential information.
IV. ALTERATION ENGINES
This section describes all the types of the alteration direc-
tives and introduces the related algorithms. Figure 2 depicts,
step by step, the workflow shared between all algorithms.
APPLY ACTION
PROCESS ACTION
PREPROCESSING
?
PREPROCESSING
Y
NORIGINAL
RECORDING
ALTERED
RECORDING
ENGINE
SPECIFIC
DATA
Fig. 2: Process of the alteration engines
The first step of the process consists of determining if
a preliminary analysis is required by the current algorithm.
Indeed, some algorithms must extract information from the
recording to use it later when producing the altered messages.
For example, regarding trajectory modification, the dedicated
engine needs to generate interpolation functions from the
latitude, longitude and altitude of the targeted aircraft. These
functions are queried to produce altered values of latitude, lon-
gitude and altitude and therefore to alter the initial trajectory
of the aircraft.
7http://woodair.net/sbs/Article/Barebones42 Socket Data.htm
8https://www.iomaircraftregistry.com/flight- operations/flight-operations/
icao-24- bit-aircraft- address-mode- s-coding/
9https://www.faa.gov/licenses certificates/aircraft certification/aircraft
registry/releasable aircraft download/
The workflow of the process is mainly based on process
action and apply action steps. The process action method
iterates over the recording, and checks if specific conditions
are verified (e.g., the message is in the scope of the alteration
and the emitter aircraft is targeted by the alteration). Each time
it occurs, the message is sent to the apply action method that
applies the supplied alteration directive to the message. Then
the resulting message is returned to the process action step
and written in the altered recording.
Each alteration engine implements a specific version of the
pre-analysis, process action and apply action methods. We
detail each of them below. Interested readers may access the
source code on GitHub 10.
A. Property Modification
Most alterations consist of changing the properties of re-
ceived surveillance messages. It allows users to be quite
precise regarding the message properties they want to modify.
It also makes it possible to perform False Alarm attacks and
Aircraft spoofing since both consists of changing the value of a
single property: squawk code and ICAO address, respectively.
Property modification is represented as an alteration direc-
tive dirprop = (s, t, P )where sis the duration of the attack
defined as a time interval relative to the recording, tis a list of
targeted aircraft, and Pis a non-empty set of property value
changes. A property value change is represented as a triplet
p= (p.i, p.v, p.o)where p.i is the property identifier (e.g.,
altitude or ground speed), p.v is a value, and ospecifies how
p.v shall be used to modify the initial value of the propoerty.
p.o can be of four types: REPLACE, OFFSET, NOISE, and
DRIFT. If p.o =REP LACE then p.v replaces the initial
value. If p.o =OF F SE T then p.v is added to the initial
value. If p.o =NOISE then a random value ranging 0 to
p.v is added to the initial value. Finally, if p.o =DRI F T
then p.v plus the sum of the previous drift is added to p.v.
The process action method for the Property modification
alteration is described in Algorithm 1. It iterates the messages
of the initial recording and, for each message, if it was sent
by a targeted aircraft within the alteration time frame (line 3)
then the message as well as the alteration directive are sent
over to the apply action method, which returns the altered
version of the message (line 4). Otherwise, the initial message
is preserved as it is (line 7). Finally, the obtained message
(altered or preserved) is added to the resulting recording
al rec (line 9) and, once all messages are processed, the
resulting recording is outputted (line 11).
The algorithm that implements the apply action method
for the Property Modification algorithm is presented in Al-
gorithm 2. It iterates over the list of property value changes
(line 2) and, for each property, it checks in line 3 if the
property value change is an offset. If it is an offset then
the resulting message is the addition of the initial value of
the property and the property value contained in the directive
(line 4). Otherwise, the message initial value is replaced by
10https://github.com/aymeric-cr/sbs- generation
the directive property value (line 6). Note that the dp variable
represents the drift progress and, as such, it is only used if
dir.p.o =DRI F T .
Algorithm 1: process action Method for Property
Modification
Input: rec \list of genuine surveillance messages
dir \alteration directive
Result: al rec \list of genuine and altered messages
1dp 1
2foreach old msg rec do
3if old msg.ts dir.s old msg.icao dir.t then
4new msg applyAction(old msg, dir, dp)
5dp dp + 1
6else
7new msg old msg
8end
9al rec al rec ∪ {new msg}
10 end
11 return al rec
Algorithm 2: apply action Method for Property Mod-
ification
Input: msg \genuine surveillance message
dir \alteration directive
dp \drift progress
Result: al msg \altered message
1al msg copy(msg)
2foreach pdir.P do
3if p.o =OF F S ET then
4al msg .getP aram(p.i).value
al msg .getP aram(p.i).value +p.v
5else if p.o =RE P LACE then
6al msg .getP aram(p.i).value p.v
7else if p.o =N OI SE then
8al msg .getP aram(p.i).value
al msg .getP aram(p.i).value +rand(0, p.v)
9else if p.o =DRI F T then
10 al msg .getP aram(p.i).value
al msg .getP aram(p.i).value +p.v ×dp
11 end
12 end
13 return al msg
B. Aircraft Disappearance
The goal of this type of alteration is to hide aircraft, i.e.
delete messages of certain aircraft at a certain time. It is repre-
sented as an alteration directive dirdel = (dir.s, dir.t, dir.n)
where dir.s is the duration of the attack defined as a time
interval relative to the recording, dir.t is the targeted aircraft
and dir.n is the number of deleted consecutive messages, e.g.,
if dir.n = 0 then all messages are deleted, while if dir.n = 3,
for instance then three messages are deleted.
This is certainly the simplest form of alteration because
it solely dismisses messages originating from certain aircraft
during a certain time frame. The algorithm for this alteration
lies in the process action method, where messages are written
in the resulting altered recording only if the sending aircraft is
not targeted and the message was not sent within the specified
time frame, i.e. ¬(msg.icao dir.t msg.ts dir.s).
C. Virtual Trajectory Modification
Altering the trajectory of aircraft is a much more complex
problem than simply modifying property values at a certain
time. This should be done realistically, i.e. with regards to
aircraft physical characteristics, because it would be easily
detected otherwise. Dynamic properties of aircraft can be
formalized as continuous functions of property values related
to time, which mimic real-life aircraft physical behaviour as
closely as possible. A good candidate to address this issue is
interpolation function since it “fills the gap” between each pair
of consecutive values.
We opted for the Akima interpolation [2] since local inter-
polation technique is not subjected to Runge’s phenomenon,
i.e. a problem of oscillation at the edges of an interval that
occurs over a set of equally spaced interpolation points [7]
(as opposed to global interpolation). Another benefit of this
technique is a faster computation of approximation functions
because it only uses the neighbouring points for calculation.
Moreover, because the volume of recordings can be substantial
(a 30min recording from one sensor may contain around
150000 squitters), a fast interpolation method directly con-
tributes to improve the scalability of the approach. It should
be noted that interpolation is a form of approximation and, as
such, there is a certain share of uncertainty in the calculated
property values, i.e. interpolation divergence. Since this level
of uncertainty would not be acceptable to gain sufficient
confidence regarding the efficiency of FDIA detection of
critical systems, it appears to be a good fit to demonstrate the
capabilities of our approach to rely on a third party “aircraft
simulation module” to generate realistic aircraft trajectories.
Virtual Trajectory Modification is given by an alteration
directive dirvtm = (dir.s, dir.t, dir.Ω) with dir.a nonempty
set of way-points defined by ω= (Ω.lat, .lon, .alt, .ts),
i.e. 3D coordinates and time passage.
The algorithm for trajectory modification is two-fold. First,
as a pre-analysis step, it must populate interpolation functions
that account for the whole aircraft trajectory, including the
part of the trajectory that should be removed and replaced
by the supplied way-points. Second, during the process action
step, it iterates the recording and, for each targeted message, it
replaces the property values with the one obtained by querying
the interpolation functions. Note that this implementation does
not create additional messages, it only edits existing messages.
Therefore, if the altered trajectory is longer that the initial one
(i.e. more distance is traveled) then the aircraft ground speed
must be augmented accordingly since travel time dir.t is not
adjustable (as it is bound to the messages). This can lead to
erroneous situations where aircraft fly at an impossible speed
(either too high or too low) to travel the altered distance within
the fixed time dir.t.
Population of the interpolation function, as part of the
pre-analysis step, is presented in Algorithm 3. We consider
a data structure called Traj that contains three interpolation
Algorithm 3: Pre-analysis Method for Trajectory Cre-
ation
Input: recording \list of genuine surveillance
messages
dir \alteration directive
Result: trajs \list of aircraft trajectories
1updated zeros(dir.t.size)
2foreach msg recording do
3if msg.icao dir.t then
4if ¬(msg.ts dir.s)then
5trajs(msg.icao)
6.addP os(msg.lat, msg .lon, msg.alt, msg.ts)
7else if updated(msg.icao)=0then
8foreach ωdir.do
9trajs(msg.icao)
10 .addP os(ω.lat, ω .lon, ω.alt, ω.ts)
11 end
12 updated(msg.icao)1
13 end
14
15 end
16 end
17 return trajs
functions (for latitude, longitude and altitude) and an identifier
(an ICAO). The algorithm iterates over the recording and, for
each message emitted by targeted aircraft, if it was not sent
within dir.s, the received position is added to a Traj instance
associated to dir.t (lines 4–6). Internally, each value is added
to their corresponding interpolation functions. When the first
message (of a certain ICAO) sent within dir.s is iterated (line
7), the algorithm iterates dir.and adds each way-point ωto
the Traj instance (lines 9–10). Finally, the trajectory is marked
as altered (line 12) and all subsequent messages within dir.s
are ignored. In other words, all positions of a given trajectory
are added to a Traj instance, except the positions that are
within the alteration time window dir.s which are replaced
by way-points supplied in dir.ω. The result is a list of Traj
instances, one for each targeted aircraft.
Once all targeted aircraft are associated with a Traj instance,
the process action method performs the alteration. It iterates
the recording and, for each message from targeted aircraft
sent within dir.s, it calls the apply action method. The latter
replaces property values of the supplied message according to
dir as follows:
For latitude, longitude and altitude properties, the initial
values are replaced with interpolated values using the Traj
instance.
For ground speed, track and vertical rate properties, new
values are computed based on the interpolated position
values. To compute ground speed of a certain message m,
for instance, the algorithm first computes the horizontal
distance (i.e. ignoring altitude) between two near points
of the trajectory, the first one scheduled 5 seconds before
mand another one 5 seconds after m. The obtained
distance, divided by the time it spent to travel it (i.e.
10 seconds), gives the ground speed.
D. Ghost Aircraft Creation
Within this kind of attack, the attacker creates a fake
track from scratch, implying that fake messages is created
and inserted into the target recording. Ghost Aircraft Cre-
ation is represented as an alteration directive dirgac =
(dir.s, dir.t, dir.P, dir.Ω) where dir.is a nonempty set
of way-points. Its implementation relies on the trajectory
modification engine. First, a pre-analysis method is called to
create Traj instances (the interpolation functions use the way-
points of dir.) to be sent to the process action method, as
shown in Algorithm 4. Since ADS-B messages are sent every
400 to 600ms, the process action method generates messages
randomly, by increasing their time of sending accordingly (line
6), from dir.s.start (line 1) to the end of the alteration time
window dir.s.end (line 2). To populate each message, the
method calls the apply action method of the Virtual Trajectory
modification engine, using the list of Traj instances.
Algorithm 4: apply action Method for Ghost Aircraft
Creation
Input: rec \list of genuine surveillance messages
dir \alteration directive
Result: al rec \resulting recording
1mts dir.s.start
2while mts <=dir.s.end do
3msg newM sg(dir.P )
4msg.ts mts
5msg applyAction(msg)
6mts mts +rand(0.4,0.6)
7end
8return al rec
E. Ghost Aircraft Flooding
The initial definition of this attack consists of suddenly
creating a lot of ghost aircraft, thus supposedly saturating the
Recognized Aircraft Picture (RAP – i.e. what the controller
sees). However, it is today quite straightforward for detection
systems to recover from this type denial of service. We propose
instead to slightly modify the definition of the attack, to be vir-
tual trajectory modification flooding. The goal is to suddenly
generate many different trajectories for a targeted aircraft, as
if the aircraft was being split in multiple pieces, saturating the
detection systems with many conflicting messages.
Aircraft flooding is represented as an alteration directive
dirgaf = (dir.s, dir.t, dir.z, dir.k, dir.α, dir.v, dir.d)where:
dir.s is a time window, where dir.s.end is necessarily
the end of the recording;
dir.z is the number of fake trajectories to create;
dir.k is the maximum offset value in terms of distance
between the fake trajectories and the original trajectory;
dir.α is a probability distribution ranging 0.1–1 defining
the divergence from dir.k of each fake trajectory;
dir.v is the speed of divergence, i.e. how fast the fake
trajectories are offset from the original trajectory; it is
expressed as a duration giving the time for the fake tra-
jectory to reach the divergence bound dir.k ×dir.alpha;
dir.d is the direction of divergence of a given fake
trajectory; it is a probability distribution that takes its
value in a horizontal 90deg cone originating from the
aircraft nose and centered on the aircraft track line.
In this way, each fake trajectory is thus created by slowly
drifting horizontally from the original trajectory toward di-
rection dir.d, up to dir.k ×dir, at speed dir.v. Once the
maximum offset has been reached, then the trajectory mimics
the original while preserving its horizontal position offset.
Algorithm 5: Trajectory Creation Algorithm for Flooding
Input: initraj \original Traj instance (up to dir.s.start)
dir \alteration directive
Result: trajs \set of rogue trajectories
1for i1to dir.z do
2αisample(dir.α);ts dir.s.start
3disample(dir.d);trajiinitraj
4while ts dir.s.end do
5pCoef min((ts dir.s.start)/dir.v),1)
6step pCoef αidir.k
7lat f ulltraj.interp(”lat, ts) + step+
8cos(fake ac.d)
9lon f ulltraj.interp(”lon, ts) + step+
10 sin(fake ac.d)
11 traji.addP os(lat, lon,
12 fulltraj.interp(”alt, ts), msg.ts)
13 ts ts +dir.
14 end
15 trajs trajs ∪ {traji}
16 end
17 return trajs
A fake trajectory is represented as a Traj instance, built
during the pre-analysis phase, and shown in Algorithm 5. We
first assume that a Traj instance initraj has been created, con-
taining all positions of the targeted aircraft (i.e. one position
per message) up until dir.s.start. Then, for each fake trajec-
tory, the method samples dirto determine the divergence
magnitude of the trajectory (line 2) and creates the trajectory
by duplicating initraj (line 3). Next, it creates at regular
intervals the way-points that draw the fake trajectory, starting
from dir.s.start until the end of the recording. At each
interval ts, the algorithm computes the divergence progression
percentage pCoef (line 5) by dividing the time distance, from
the beginning of the alteration to the current interval, by the
specified duration of dir.v. Then the euclidean distance from
the initial position step is computed by multiplying pCoef
to the sampled value of αand the maximum offset dir.k
(line 6). Finally, the current latitude and longitude values are
obtained using step, trigonometric functions sin and cos, and
the sampled direction of divergence dir.ki(lines 7–8). The
algorithm returns all fake trajectories trajs.
The last step is to convert the fake trajectories into ADS-
B messages to be injected to the initial recording. For each
message sent by the targeted aircraft within dir.s and for
each fake trajectory, the message is duplicated and its dynamic
properties are replaced by values obtained from sampling the
interpolation functions of the corresponding Traj instance.
F. Replay
Although this type of attack is not part of the given taxon-
omy, we get from recent discussions with experts that Replay
attacks represent a very serious threat as it abstracts itself from
realism issues. A typical example of such an attack would be
terrorists who collected ADS-B messages of a regular flight
on a certain day, then, a few days later, hop on a plane, hijack
it and physically interact with the ADS-B transponders to send
out the messages they previously recorded. This could allow
terrorists to change course of flight without being noticed
immediately. In this scenario, there is no need to compute
realistic altered values to dupe detection mechanisms, since the
fake ADS-B messages that are emitted come from a genuine
source. Therefore, replay attacks can certainly bypass FDIA
detection systems that rely on realism analysis.
Replay is represented as an alteration directive dirreplay =
(dir.s, dir.t, dir.r)where dir.r is a source recording from
which to extract the targeted aircraft in dir.t.
The first step is to extract messages from the source record-
ing. This is done as a first pre-analysis phase by iterating the
recording messages and checking whether the emitting aircraft
is present in dir.t and if the current message was sent within
the directive time frame. If it is the case, the message is then
marked to be replayed. The list of all the messages that were
marked is eventually returned.
The second step is about adjusting the timestamp of the
extracted messages so that they can be correctly inserted in
the target recording. For each message msg to be replayed,
the algorithm assigns a new time stamp that relates to the
target recording, as follows:
msg.ts f irst ts +msg.ts f irst rep ts +of fset
where first ts is the time stamp of the first message of the
target recording, first reo ts is the time stamp of the first
message extracted for replay, and off set is a value in second
expressing where, in the target recording, the previously
extracted messages should be inserted.
The last step is the merging between the target recording
and the list of extracted messages, as perform by the
process action method detailed in Algorithm 6. The method
iterates over the target recording messages (lines 3–11). If the
timestamp of the first of the extracted messages cur is smaller
than the timestamp of the current message rp,rp is put in
the resulting recording al rec (line 5) while being removed
from the list of extracted messages (line 6). Otherwise, cur
is added to the resulting recording. If the target recording has
been iterated and the list of extracted messages is not empty,
the remaining messages are appended to al rec (lines 12–14).
In conclusion of this part, looking back at the RQ1 research
question defined in Section II-D (To what extent is it possible
to automate the generation of FDIA scenarios that cover
Algorithm 6: process action Method for Replay attack
Input: reps \list of messages picked up for replay
rec \source recording
Result: al rec \resulting recording
1cur rec.f irst
2rp reps.f irst
3while cur 6=do
4while reps 6=∅ ∧ cur.ts > rp.ts do
5al rec al rec ∪ {rp}
6reps reps − {rp}
7rp reps.next
8end
9al rec al rec ∪ {cur}
10 cur rec.next
11 end
12 while reps 6=do
13 al rec al rec ∪ {rp}
14 reps reps − {rp}
15 end
16 return al rec
the taxonomy of attack?), we believe this question can
be answered positively. We indeed were able to provide a
dedicated algorithm for each type of attack from the taxonomy.
Moreover, we covered a new type of attack, Replay, and we
improved the definition of an existing attack, Ghost Aircraft
Flooding that becomes Trajectory Modification Flooding, an
FDIA much more complicated to detect.
V. EX PE RI ME NTATION
Since ATC constitutes one of the most critical infrastruc-
tures on the planet, it is not possible to demonstrate the use of
FDI-T in real situation by feeding falsified data to a deployed
FDIA detection system and report results in a public manner.
Therefore, we opted instead to confront our tool to a
Machine Learning-based detection approach [8] taken from
the literature. First, we elaborate on the constituents of the
model and their characteristics. Then we present the dataset
that were used to train and test the model, and especially how
the proposed approach can allow to generate the anomalies
presented in [8] as well as a more complex anomaly of our
own making. Finally we discuss the experimentation results
and propose an answer to the second research question.
A. The model
The authors of [8] propose a Machine Learning method to
discriminate malicious messages from regular ones. They use
an LSTM-based encoder-decoder, a deep learning architecture.
The model is decomposed in two different sub-models:
1The encoder learns to create a representation of its input.
In this experimentation, it is based on LSTM cells that have
been proven relevant in time series analysis. It cannot learn
alone as it has no way to check if its output are correct by
itself. That is the reason why it is always coupled with a
decoder for its training.
2The decoder takes the encoder output, namely the vec-
torized representation of the original data, and decode it to fit
the expected output. In the case of Habler et. al’s model, the
output is actually the input. That is why this kind of encoder-
decoder is called an auto-encoder. The decoder will have a
similar architecture, if not identical, to the one used in the
encoder.
In this experiment, several complete and isolated flights
(from take off to landing) are considered and sliced in windows
of 15 messages with a stride of 1. Once the model has been
trained with normal data, based on the reconstruction score, an
anomaly threshold is set. If trained properly, the model should
meet trouble to encode malicious data, as they differ from
regular ones, so that the given threshold should be exceeded,
revealing a detected anomaly.
B. Dataset
To train the model and test it, we used several flights
collected from the OpenSky database [19]. Data concern all
European flights and include as many flights morphologies
as possible, e.g., Madrid-Moscow that use different routes
depending on the weather due to its long journey.
After training the model on legitimate data, we created
with our approach alteration scenarios based on the anomalies
defined in Habler et. al’s paper used to validate their approach.
For each anomaly, we present below the corresponding alter-
ation scenario and its associated directives using the notation
given in Sect. III, completed with the following notation:
Rorigin : a recording containing one flight from one
European city to another.
Rsource: a recording containing one flight from one
European city to another, where Rsource 6=Rorigin
a1: the aircraft contained into Rorigin .
a2: the aircraft contained into Rsource.
tn: a duration in seconds that cannot exceed the duration
of Rorigin , i.e. tn< tn+1.
Random noise (RND) – anomalies are generated by adding
random noise to messages. To do so, values from original mes-
sages are multiplied by a random number between zero and
two. RND requires a scenario using a Property Modification.
We thus formalize the scenario SRN D as following:
SRND = (Ror igin,{dir1})
dir1instance of dirprop
dir1.s = [t0, t1]
dir1.t ={a1}
dir1.P ={p1}
p1= (ALT IT U DE , 2, N OIS E)
Different Route (Route) – anomalies consists to replace a
whole segment of the initial ADS-B messages with a different
route taken from OpenSky. Route requires a scenario that
combines a Replay and an Aircraft Disappearance directive.
We thus formalize the scenario SRoute as following:
SRoute = (Rorigin ,{dir2, dir3})
dir2instance of dirreplay
dir2.s = [t0, t1]
dir2.t ={a2}
dir2.r =Rsource
dir3instance of dirdel
dir3.s = [t0, t1]
dir3.t ={a1}
dir3.n = 1
Gradual Drift (DRIFT) – anomalies consist to simulate
an altitude drift. The altitude messages on the attacked time
window are all raised/lower by an increasing/decreasing mul-
tiple of n feet. So if the first message is lowered by a hundred
feet, the second will be lowered by two hundreds, etc. DRIFT
requires a scenario using a Property Modification. It is possible
to formalize the scenario SDRI F T as following:
SDRIF T = (Rorigin ,{dir4})
dir4instance of dirprop
dir4.s = [t0, t1]
dir4.t ={a1}
dir4.P ={p2}
p2= (ALT IT U DE , 25, DRI F T )
Velocity Drift (VEL) – anomalies consist of a gradual drift
applied to the velocity feature in knot. VEL requires a scenario
using a Property Modification. We thus formalize the scenario
SV EL as following:
SV EL = (Rorigin ,{dir5})
dir5instance of dirprop
dir5.s = [t0, t1]
dir5.t ={a1}
dir5.P ={p3}
p3= (SP E ED, 1.0, D RIF T )
Message blocking (BLK) – only the first message out
of every five consecutive messages is preserved to simulate
a denial-of-service attack or a network delay mode. BLK
requires a scenario using an Aircraft Disappearance directive.
We thus formalize the scenario SBLK as following:
SBLK = (Rorigin ,{dir6})
dir6instance of dirdel
dir6.s = [t0, t1]
dir6.t ={a1}
dir6.n = 4
It must be noted that it was possible to generate all the
anomalies presented in the publication associated to the de-
tection model. In addition, we also experimented an anomaly
that was not part of the model’s validation data set. It consists
of a trajectory modification (TRJ) of a hundred kilometers
throughout a long period of flight time (about 60%).
C. Results
Out of the five addressed anomalies, we obtained similar
results to Habler et al’s on four of them. Figure 3 depicts
the drift down anomaly on a flight from Moscow to Madrid.
We can clearly see the pike between the message 180 and
250 going above the anomaly threshold, defined in a similar
fashion as the reference experimentation. Similar results can be
observed on the 3 other anomalies. However, we do not obtain
a comparable pike on the BLK anomaly, thus not triggering
any anomaly flag. One assumption is about the difference
between our data and the ones used in the original experiment.
Fig. 3: Drift Down Anomaly
Score of FDIA.
Fig. 4: Evolution of anomaly
score for TRJ.
For instance, results can differ depending on the time gap
between messages. If this gap is bigger, deleting 4 messages
out of 5 means that the aircraft goes dark for a longer period
of time, easing the detection. Overall, the false data injections
recreated by FDI-T is also detected as handcrafted ones.
As for the results presented in Figure 4 concerning the
anomaly TRJ generated on a flight between Oslo and Paris,
we find that the anomaly score goes way below the detection
threshold set for the other five anomalies. It results to an
unnoticed attack. However, we can also observe that the use of
FDI-T to modify trajectories has the side effect of smoothing
the curve, making it detectable for a human eye. A workaround
is to add some noise to generate more realistic data.
We show with TRJ that our tool is capable to create
alterations that would be too cumbersome to create by hand
as we are close to 5000 messages modified from the original
flight. In addition, these crafted attacks are smart enough
to be not detected by a model taken from the litterature,
which exposes its limits on real contexts. So, we can now
provide an answer to the research question RQ2 (To what
extent is the approach relevant to generate synthetic data
for AI Testing?). Not only it was possible to generate the
anomalies that were used to evaluate Habler et. al.’s model,
but the presented approach made it possible to generate a
more complex anomaly that was not picked up by the model.
Moreover, it is suitable for providing synthetic test data for
ML based detection systems.
VI. CONCLUSION
This paper describes a novel test data generation approach
to be part of an existing FDIA testing framework dedicated to
ATC systems, called FDI-T. More precisely, the contribution
concerns the various generation algorithms, referred to as
alteration engines. The paper shows the relevance of these
algorithms, making it possible to successfully design and
experiment all classes of scenarios of the ADS-B attack tax-
onomy. Moreover, it was possible to reproduce and extend the
FDIA test data of a detection model from the literature. Among
future work, we have started to experiment our approach in
the context of maritime surveillance, which is based on a
communication protocol (AIS), similar to the ADS-B protocol.
VII. ACKN OWLEDGEMENT
This work is part of an ongoing research initiative toward
the generation of FDIA test scenarios partially carried out in
partnership with the french company Kereval. This work is
partially supported by a UBFC-ISITE-BFC Grant.
REFERENCES
[1] EUROCAE Working Group 51. Safety, performance and interoperability
requirements document for ads-b/nra application. Technical report, The
European Organisation for Civil Aviation Equipment, 2005.
[2] Hiroshi Akima. A new method of interpolation and smooth curve fitting
based on local procedures. 17:589–602, 1970.
[3] A. Barreto, M. Hieb, and E. Yano. Developing a complex simulation
environment for evaluating cyber attacks. In Interservice/Industry
Training, Simulation, and Education Conf. (I/ITSEC), volume 12248,
pages 1–9, 2012.
[4] P. Brooker. Sesar and nextgen: investing in new paradigms. The Journal
of Navigation, 61(2):195–208, 2008.
[5] Nazly Rocio Santos Buitrago, Loek Tonnaer, Vlado Menkovski, and
Dimitrios Mavroeidis. Anomaly detection for imbalanced datasets with
deep generative models.
[6] A. Cretin, B. Legeard, F. Peureux, and A. Vernotte. Increasing the
resilience of ATC systems against false data injection attacks using
DSL-based testing. In Proc. of the 8th Int. Conf. on Research in Air
Transportation (ICRAT’18), Doctoral Symp., pages 1–4, Spain, 2018.
[7] J F Epperson. On the runge example. The American Mathematical
Monthly, 94(4):329–341, 1987.
[8] E Habler and A Shabtai. Using lstm encoder-decoder algorithm for
detecting anomalous ads-b messages. Computers & Security, 78:155–
173, 2018.
[9] X. Kong, X. Song, F. Xia, H. Guo, J. Wang, and A. Tolba. Lotad: long-
term traffic anomaly detection based on crowdsourced bus trajectory
data. World Wide Web, 21(3):825–847, May 2018.
[10] Yao Liu, Peng Ning, and Michael K Reiter. False data injection attacks
against state estimation in electric power grids. ACM Transactions on
Information and System Security (TISSEC), 14(1):13, 2011.
[11] M. Ma. Resilience against false data injection attack in wireless sensor
networks. In Handbook of Research on Wireless Security, pages 628–
635. IGI Global, 2008.
[12] P. Malhotra, A. Ramakrishnan, G? Anand, L. Vig, P. Agarwal, and
G. Shroff. Lstm-based encoder-decoder for multi-sensor anomaly
detection. arXiv preprint arXiv:1607.00148, 2016.
[13] M. Riahi Manesh and N. Kaabouch. Analysis of vulnerabilities,
attacks, countermeasures and overall risk of the automatic dependent
surveillance-broadcast (ADS-B) system. Int. Journal of Critical Infras-
tructure Protection, 19:16 – 31, 2017.
[14] I. Martinovic and M. Strohmeier. Security of ads- b: State of the art
and beyond. DCS, 2013.
[15] T. Maruthi Padmaja, Narendra Dhulipalla, Raju S. Bapi, and P. Radha
Krishna. Unbalanced data classification using extreme outlier elimina-
tion and sampling techniques for fraud detection. pages 511–516. IEEE.
[16] H. R. Roth, L. Lu, J. Liu, J. Yao, A. Seff, K. Cherry, L. Kim, and R. M.
Summers. Improving computer-aided detection using convolutional
neural networks and random view aggregation. IEEE Transactions on
Medical Imaging, 35(5):1170–1181, May 2016.
[17] M. Sch¨
afer, V. Lenders, and I. Martinovic. Experimental analysis of
attacks on next generation air traffic communication. In Int. Conf. on
Applied Cryptography and Network Security, pages 253–271. Springer,
2013.
[18] Thomas Schlegl, Philipp Seeb¨
ock, Sebastian M. Waldstein, Ursula
Schmidt-Erfurth, and Georg Langs. Unsupervised anomaly detection
with generative adversarial networks to guide marker discovery, 2017.
[19] M. Sch¨
afer, M. Strohmeier, V. Lenders, I. Martinovic, and M. Wilhelm.
Bringing Up OpenSky: A Large-scale ADS-B Sensor Network for
Research. In Proc. of the 13th Int. Sym. on Information Processing
in Sensor Networks, IPSN ’14, pages 83–94, Germany, 2014.
[20] Z. Shi, M. Xu, Q. Pan, B. Yan, and H. Zhang. Lstm-based flight
trajectory prediction. In 2018 Int. Joint Conf. on Neural Networks
(IJCNN), pages 1–8, July 2018.
[21] A Smith, R Cassell, T Breen, R Hulstrom, and C Evers. Methods to
provide system-wide ADS-B back-up, validation and security. In 25th
Digital Avionics Systems Conf., pages 1–7. IEEE, 2006.
[22] M. Strohmeier, M. Sch¨
afer, R. Pinheiro, V. Lenders, and I. Martinovic.
On perception and reality in wireless air traffic communications security.
IEEE Transactions on Intelligent Transportation Systems, 18(6):1338–
1357, 2017.
[23] K. D Wesson, T. E Humphreys, and B. L Evans. Can cryptography
secure next generation air traffic surveillance? IEEE Security and
Privacy Magazine, 2014.
[24] Chuanlong Yin, Yuefei Zhu, Jinlong Fei, and Xinzheng He. A deep
learning approach for intrusion detection using recurrent neural net-
works. IEEE Access, 5:21954–21961, 2017.
[25] R. Zhang, G. Liu, J. Liu, and J P Nees. Analysis of message attacks in
aviation datalink communication. IEEE Access, 2017.
... All these efforts in the domain of anomaly detection in both domains results in a need to have proper access to both training and testing data for deep learning models. The present article builds upon a previous paper by the same authors [16], coupled with the use of a domain-specific language allowing a better control over anomalies as well as labeling and massification. In addition, we present a more general problem formulation including the VTS domain and the approach of data generation for AI training and testing compared to the solely ATC testing perspective defined in previous works. ...
... This component takes as its input a set of original sub-recordings, a set of alteration directives and a correspondence matrix that defines which alteration scenario should be applied on which given sub-recording. It then produces altered sub-recordings in the system input format (regarding the ATC domain, this component is thoroughly described in [16]). 4 Execution engine. ...
... Using this architecture, the training dataset, along with the testing dataset including the original anomalies given by Habler et al. in [5], has been recreated automatically, avoiding the cumbersome task of modifying all the messages by hand For the sake of completeness, we added a trajectory alteration which modifies the latitude and the longitude of a flight, an anomaly that Habler et al. could not have obtained by hand. This eventually highlighted the shortcomings of the authors' validation methodology since their model could not detect the altered trajectory [16]. ...
Article
Full-text available
Major transportation surveillance protocols have not been specified with cyber security in mind and therefore provide no encryption nor identification. These issues expose air and sea transport to false data injection attacks (FDIAs), in which an attacker modifies, blocks or emits fake surveillance messages to dupe controllers and surveillance systems. There has been growing interest in conducting research on machine learning-based anomaly detection systems that address these new threats. However, significant amounts of data are needed to achieve meaningful results with this type of model. Raw, genuine data can be obtained from existing databases but need to be preprocessed before being fed to a model. Acquiring anomalous data is another challenge: such data is much too scarce for both the Automatic Dependent Surveillance–Broadcast (ADS-B) and the Automatic Identification System (AIS). Crafting anomalous data by hand, which has been the sole method applied to date, is hardly suitable for broad detection model testing. This paper proposes an approach built upon existing libraries and ideas that offers ML researchers the necessary tools to facilitate the access and processing of genuine data as well as to automatically generate synthetic anomalous surveillance data to constitute broad, elaborated test datasets. We demonstrate the usability of the approach by discussing work in progress that includes the reproduction of related work, creation of relevant datasets and design of advanced anomaly detection models for both domains of application.
... ATC controllers). This module is described in a precise way in [14], toward which we refer interested readers. 5 Execution Engine. ...
... The present paper focuses on the scenario design module of the FDI-T framework by proposing a novel design approach that relies on a DSL. Note that the details of the FDI-T framework regarding other activities (i.e., data acquisition, radar sensors network simulation, test execution) are out of the scope of this paper, as they have been presented previously [13,14]. ...
... RQ2 To what extent the use of a DSL can facilitate the creation of FDIA's test scenarios and reduce design effort? The alteration engine of the FDI-T framework 11 is able to process automatically a list of alteration directives (in an XML file) and apply the corresponding changes on a recording supplied as input [14]. For simple and straightforward alteration scenarios, it would be possible to create alteration directives manually. ...
Article
Full-text available
The ADS-B—automatic dependent surveillance-broadcast—technology requires aircraft to broadcast their position and velocity periodically. As compared to legacy radar technologies, coupled with alarming cyber security issues (the ADS-B protocol provides no encryption nor identification), the reliance on aircraft to communicate this surveillance information exposes air transport to new cyber security threats, and especially to FDIAs—false data injection attacks—where an attacker modifies, blocks, or emits fake ADS-B messages to dupe controllers and surveillance systems. This paper is part of an ongoing research initiative toward the generation of FDIA test scenarios and focuses on supporting the test design activity, i.e., supporting ATC experts to meticulously craft test cases in order to assess the resilience of surveillance systems against FDIAs. To achieve this goal, we propose a complete and powerful domain-specific language (DSL), close to natural language, that provides a large expressiveness to support ATC business experts in creating FDIA’s test scenarios. We demonstrate the design capabilities of this approach and its productivity gain with respect to manually creating the FDIAs test scenarios.
... In the field of public health, a very relevant issue in terms of the damage caused by medical misconceptions is represented by the spread of fake information in the health domain, so much so that approaches using Description Logics (DLs) to explain inconsistencies have been developed to address the topic [7]. The phenomenon of fake data in publicly available AI training datasets is disturbing several sectors, from healthcare to autonomous vehicles [8]- [10]. Authors have identified the importance of data preserving with Blockchain to mitigate the risk of model poisoning with fake data introduction. ...
... This approach permits to guarantee the trustiness of the developed logic, that can be accessible and verifiable by any hospital, pharmaceutical or insurance company that requires a secure and trusted environment to validate the proper treatment recommendation are scrupulously followed. In fact, as only R(c, U, H) R(f, H, H)) (1,10) trusted actors can update information in the Blockchain, the risk of fake input AI data is drastically reduced. ...
Conference Paper
Full-text available
Every year the healthcare sector suffers from incorrect therapies and an increasing number of patients analysis, which causes congestion in the hospitals and, potentially, worsening of patient’s clinical conditions. Extending the concept of the Decision Support System already investigated by the authors, this work advances the state of the art of Reinforcement Learning (RL) via Markov Decision Process formulation, considering an agent acting in his environment motivated by the achievement of the maximum individual objective by appropriate incentives. Transparency, security and privacy of the model are guaranteed by the adoption of Blockchain to enhance the perception of safety around medical operators improving access to hospital services. Experiments focused on the Smart Contract execution time and resources usage have proved the goodness of the proposed model considering both private and public Blockchain configurations.
... The types of alteration to apply are specified through the definition of alteration scenarios, of which the design is textual-based via a Domain Specific Language (DSL). Once designed, the scenarios are automatically applied on source recordings of air traffic surveillance communications, thanks to a dedicated alteration engine ( Cretin et al., 2020 ). Alteration scenarios have various parameters, such as a time window, list of targeted aircraft, triggering conditions, and others parameters related to the alteration's type. ...
Article
The Automatic Dependent Surveillance-Broadcast protocol is one of the latest compulsory advances in air surveillance. While it supports the tracking of the ever-growing number of aircraft in the air, it also introduces cybersecurity issues that must be mitigated e.g., false data injection attacks where an attacker emits fake surveillance information. The recent data sources and tools available to obtain flight tracking records allow the researchers to create datasets and develop Machine Learning models capable of detecting such anomalies in En-Route trajectories. In this context, we propose a novel multivariate anomaly detection model called Contextual Auto-Encoder (CAE). It uses the baseline of a regular LSTM-based auto-encoder but with several decoders, each getting data of a specific flight phase (e.g. climbing, cruising or descending) during its training. To illustrate the CAE’s efficiency, an evaluation dataset was created using real-life anomalies as well as realistically crafted trajectory modifications, with which the CAE as well as three anomaly detection models from the literature were evaluated. Results show that the CAE achieves better results in both accuracy and speed of detection. The dataset, the models implementations and the evaluation results are available in an online repository, thereby enabling replicability and facilitating future experiments.
... The types of alteration to apply are specified through the definition of alteration scenarios, of which the design is textual-based via a Domain Specific Language (DSL). Once designed, the scenarios are automatically applied on source recordings of air traffic surveillance communications, thanks to a dedicated alteration engine (Cretin et al., 2020). Alteration scenarios have various parameters, such as a time window, list of targeted aircraft, triggering conditions, and others parameters related to the alteration's type. ...
Preprint
Full-text available
The Automatic Dependent Surveillance Broadcast protocol is one of the latest compulsory advances in air surveillance. While it supports the tracking of the ever-growing number of aircraft in the air, it also introduces cybersecurity issues that must be mitigated e.g., false data injection attacks where an attacker emits fake surveillance information. The recent data sources and tools available to obtain flight tracking records allow the researchers to create datasets and develop Machine Learning models capable of detecting such anomalies in En-Route trajectories. In this context, we propose a novel multivariate anomaly detection model called Discriminatory Auto-Encoder (DAE). It uses the baseline of a regular LSTM-based auto-encoder but with several decoders, each getting data of a specific flight phase (e.g. climbing, cruising or descending) during its training.To illustrate the DAE's efficiency, an evaluation dataset was created using real-life anomalies as well as realistically crafted ones, with which the DAE as well as three anomaly detection models from the literature were evaluated. Results show that the DAE achieves better results in both accuracy and speed of detection. The dataset, the models implementations and the evaluation results are available in an online repository, thereby enabling replicability and facilitating future experiments.
Article
Triazole compounds have garnered significant interest due to their wide range of pharmacological activities and ease of synthesis. Click chemistry is a synthetic method frequently used in triazole synthesis. In this study 1H-1,2,3-triazole was synthesized by the Banert cascade reaction using click chemistry. A dozen novel substituted 1H-1,2,3-triazole derivatives were synthesized using an efficient synthetic method under mild conditions. The inhibitory effects of these compounds on the activity of acetyl cholinesterase (AChE), human carbonic anhydrase (hCA) I and II, and aldose reductase (ALR2) were evaluated. The 1H-1,2,3-triazole compounds were determined to be highly potent inhibitors of AChE, hCA I and II, and ALR2 (Ki’s of 717.78 ± 3.40 to 122.57 ± 15.27 nM, 28.38 ± 7.78 to 132.04 ± 59.09 nM, 33.92 ± 1.91 to 138.13 ± 9.55 nM, and 0.095 ± 0.016 to 3.85 ± 0.82 μM for AChE, hCA I, hCA II, and ALR2, respectively). Additionally, in silico molecular docking studies were performed to validate the experimental results. Compounds 51 and 58 with the best activities with AChE, hCA I, hCA II and ALR2 were studied by molecular docking. These compounds showed similar or better interactions with reference drugs. Therefore, they can be used as lead compounds for further research.
Thesis
Full-text available
Faced with the constant increase in the number of aircraft circulating in global airspace, the field of ATC (Air Traffic Control) adapts and offers solutions by developing more precise and less expensive surveillance technologies, sometimes to the detriment of cybersecurity issues. The ADS-B protocol (Automatic Dependent Surveillance - Broadcast) perfectly illustrates this point: its objective is to reduce surveillance costs by relying on aircraft to determine their position via the GPS system and to communicate it to the control towers. ADS-B technology thus complements a range of existing technologies (primary or secondary radar) by offering a new way of controlling air traffic. While technologies prior to ADS-B were non-cooperative and required "to watch the sky", the new protocol is cooperative and requires "to listen to the sky." Controllers, who relied on their observations, now trust what planes broadcast by ADS-B messages. In addition to the security issues brought by this new paradigm, the ADS-B protocol has been identified as particularly vulnerable to FDIA (False Data Injection Attack). Due to its lack of encryption and authentication, it allows anyone to issue false surveillance information. FDIA-type attacks therefore aim to alter the overall estimate of the traffic state by combinations of basic operations (add, delete, modify) on ADS-B messages. Faced with these threats, solutions are proposed to strengthen security around ADS-B technology: anomaly detection, data fusion, behavioral analysis, etc. These solutions are based on data logic and should ideally be confronted directly with the FDIA in order to assess their detection effectiveness. However, the validation of these solutions comes up against a recurring problem in anomaly detection systems: the absence of test data showing anomalies. To meet this need, this thesis proposes a tool chain for the design and generation of anomaly scenarios for airspace control systems. This tool chain takes the form of a testing framework called (False Data Injection Testing). The design of the test cases is based on a set of Domain Specific Languages (DSL). The generation of test data is done by applying changes to an ADS-B communications extract. Finally, it should be noted that this tool chain has also been adapted to maritime surveillance, which is based on the AIS protocol, the operation and safety characteristics of which are similar to the ADS-B protocol. This porting was carried out in order to demonstrate the genericity of the global approach detailed in this thesis.
Conference Paper
Full-text available
Within aircraft communication, due to the unau-thentication and unencryption of the Automatic Dependent Surveillance-Broadcast (ADS-B) protocol, eavesdropping and broadcasting fake ADS-B messages is straightforward. As a consequence, attackers can perform False Data Injection Attacks (FDIA) on the ADS-B system, such as ghost aircraft injection or flooding, leading to unexpected but potentially devastating consequences. To increase the resilience of Air Traffic Control (ATC) systems against such attacks, this paper presents a framework under development that aims to generate FDIA-based test scenarios, which can be used as test cases to evaluate and improve the robustness of ATC systems. This test generation framework uses a Domain Specific Language (DSL) to specify FDIA-based test strategies in order to falsify legitimate ADS-B recordings. Such generated altered ADS-B recordings are finally executed on ATC systems to evaluate its resilience against FDIA. The paper details this process and introduces early results and future work.
Article
Full-text available
The U.S. Federal Aviation Administration has mandated the use of the Automatic Dependent Surveillance-Broadcast (ADS-B) system by January 2020 as a key component of the NextGen Project, which is intended to upgrade the air traffic control infrastructure and operations. The ADS-B system seeks to replace legacy approaches such as primary and secondary radars by employing global satellite navigation systems to generate precise air pictures for air traffic management. The security of ADS-B is a major concern because the system broadcasts detailed information about aircraft, their positions, velocities and other data over unencrypted data links, making it easy to launch eavesdropping, jamming and message modification attacks on aircraft in flight. This paper discusses ADS-B vulnerabilities and attacks that leverage the ADS-B protocol stack. The paper also presents the security requirements, state-of-the-art attack detection techniques and countermeasures, along with an overall risk analysis of the ADS-B system.
Article
Full-text available
In aviation communication system, VHF data-link message is used to transmit flight status, airport control instructions as well as other sensitive information. Radio-transmitted information can be intercepted or tampered with, leading to the disclosure of private data, illegal control and hijacking. This paper analyzed three attack routes of monitoring, entity camouflage, and man-in-the-middle attack. Man-inthe- middle attack was also able to work in next generation aviation communication networks (ATN). Two viable experiments were designed to test data-link message attacks including information leakage and the entity camouflage attack. These experiments may also be used as penetration tests of secure of aviation communication system.
Article
Full-text available
As the development of crowdsourcing technique, acquiring amounts of data in urban cities becomes possible and reliable, which makes it possible to mine useful and significant information from data. Traffic anomaly detection is to find the traffic patterns which are not expected and it can be used to explore traffic problems accurately and efficiently. In this paper, we propose LoTAD to explore anomalous regions with long-term poor traffic situations. Specifically, we process crowdsourced bus data into TS-segments (Temporal and Spatial segments) to model the traffic condition. Later, we explore anomalous TS-segments in each bus line by calculating their AI (Anomaly Index). Then, we combine anomalous TS-segments detected in different lines to mine anomalous regions. The information of anomalous regions provides suggestions for future traffic planning. We conduct experiments with real crowdsourced bus trajectory datasets of October in 2014 and March in 2015 in Hangzhou. We analyze the varieties of the results and explain how they are consistent with the real urban traffic planning or social events happened between the time interval of the two datasets. At last we do a contrast experiment with the most ten congested roads in Hangzhou, which verifies the effectiveness of LoTAD.
Conference Paper
Full-text available
Obtaining models that capture imaging markers relevant for disease progression and treatment monitoring is challenging. Models are typically based on large amounts of data with annotated examples of known markers aiming at automating detection. High annotation effort and the limitation to a vocabulary of known markers limit the power of such approaches. Here, we perform unsupervised learning to identify anomalies in imaging data as candidates for markers. We propose AnoGAN, a deep convolutional generative adversarial network to learn a manifold of normal anatomical variability, accompanying a novel anomaly scoring scheme based on the mapping from image space to a latent space. Applied to new data, the model labels anomalies, and scores image patches indicating their fit into the learned distribution. Results on optical coherence tomography images of the retina demonstrate that the approach correctly identifies anomalous images, such as images containing retinal fluid or hyperreflective foci.
Thesis
Full-text available
A multitude of wireless technologies are used by air traffic communication systems during different flight phases. From a conceptual perspective, all of them are insecure as security was never part of their design and the evolution of wireless security in aviation did not keep up with the state of the art. Recent contributions from academic and hacking communities have exploited this inherent vulnerability and demonstrated attacks on some of these technologies. However, these inputs revealed that a large discrepancy between the security perspective and the point of view of the aviation community exists. In this thesis, we aim to bridge this gap and combine wireless security knowledge with the perspective of aviation professionals to improve the safety of air traffic communication networks. To achieve this, we develop a comprehensive new threat model and analyse potential vulnerabilities, attacks, and countermeasures. Since not all of the required aviation knowledge is codified in academic publications, we examine the relevant aviation standards and also survey 242 international aviation experts. Besides extracting their domain knowledge, we analyse the awareness of the aviation community concerning the security of their wireless systems and collect expert opinions on the potential impact of concrete attack scenarios using insecure technologies. Based on our analysis, we propose countermeasures to secure air traffic communication that work transparently alongside existing technologies. We discuss, implement, and evaluate three different approaches based on physical and data link layer information obtained from live aircraft. We show that our countermeasures are able to defend against the injection of false data into air traffic control systems and can significantly and immediately improve the security of air traffic communication networks under the existing real-world constraints. Finally, we analyse the privacy consequences of open air traffic control protocols. We examine sensitive aircraft movements to detect large-scale events in the real world and illustrate the futility of current attempts to maintain privacy for aircraft owners.
Article
Although the ADS-B system is going to play a major role in the safe navigation of airplanes and air traffic control (ATC) management, it is also well known for its lack of security mechanisms. Previous research has proposed various methods for improving the security of the ADS-B system and mitigating associated risks. However, these solutions typically require the use of additional participating nodes (or sensors) (e.g., to verify the location of the airplane by analyzing the physical signal) or modification of the current protocol architecture (e.g., adding encryption or authentication mechanisms.) Due to the regulation process regarding avionic systems and the fact that the ADS-B system is already deployed in most airplanes, applying such modifications to the current protocol at this stage is impractical. In this paper we propose an alternative security solution for detecting anomalous ADS-B messages aimed at the detection of spoofed or manipulated ADS- B messages sent by an attacker or compromised airplane. The proposed approach utilizes an LSTM encoder-decoder algorithm for modeling flight routes by analyzing sequences of legitimate ADS-B messages. Using these models, aircraft can autonomously evaluate received ADS-B messages and identify deviations from the legitimate flight path (i.e., anomalies). We examined our approach on six different flight route datasets to which we injected different types of anomalies. Using our approach we were able to detect all of the injected attacks with an average false alarm rate of 4.3% for all of datasets.
Article
Intrusion detection plays an important role in ensuring information security, and the key technology is to accurately identify various attacks in the network. In our study, we explore how to model an intrusion detection system based on deep learning, and we propose a deep learning approach for intrusion detection using recurrent neural networks (RNN-IDS). Moreover, we study the performance of the model in binary classification and multiclass classification, and the number of neurons and different learning rate impacts on the performance of the proposed model. We compare it with those of J48, Artificial Neural Network, Random Forest, Support Vector Machine and other machine learning methods proposed by previous researchers on the benchmark dataset. The experimental results show that RNN-IDS is very suitable for modelling a classification model with high accuracy and that its performance is superior to that of traditional machine learning classification methods in both binary and multiclass classification. The RNN-IDS model improves the accuracy of the intrusion detection and provides a new research method for intrusion detection.
Chapter
One of the severe security threats in wireless sensor network is false data injection attack, that is, the compromised sensors forge the events that do not occur. To defend against false data injection attack, six en-route filtering schemes in a homogeneous sensor network are described. Furthermore, one sink filtering scheme in a heterogeneous sensor network is also presented. We find that deploying heterogeneous nodes in a sensor network is an attractive approach because of its potential to increase network lifetime, reliability, and resiliency.