Intrusion Detection For The Controller Pilot Data Link Communication : Detecting CPDLC attacks using machine learning / Intrångsdetektering för CPDLC

Westergren, Adam, Skoglund, Alexander

January 2022

Controller Pilot Data Link Communications (CPDLC) is a system for text-based communication between air traffic control and flight crew. It currently lacks protection against many common types of attacks, making the system vulnerable to attackers. This can have severe consequences for the safety and reliability of air travel. One such attack is alteration attacks. This thesis focuses on detecting alteration attacks with the use of machine learning. It also goes over how CPDLC messages are structured and how to prepare a dataset of CPDLC messages before applying machine learning models. Using Datawig for data imputation made it possible to prepare the dataset by filling in missing values, which could be used for machine learning. With the prepared dataset, two deep learning models, RNN and LSTM, were trained on the dataset to identify genuine and fabricated messages. The dataset consists of a combination of real and altered CPDLC messages. It was found that both models could be used, with high accuracy, to identify real and fake CPDLC messages from the dataset. The implication of this means it is possible to build and train models to detect and differentiate altered messages from genuine messages, which could be further built upon to develop a system for both detecting and preventing alteration attacks.

CPDLC

Air Communication

Security

Alteration Attacks

Machine Learning

Other Computer and Information Science

Annan data- och informationsvetenskap

Detecting ADS-B spoofing attacks : using collected and simulated data / Insamling och simulering av ADS-B meddelanden för detektion av attacker

Wahlgren, Alex, Thorn, Joakim

January 2021

In a time where general technology is progressing at a rapid rate, this thesis aims to present possible advancements to security in regard to air traffic communication. By highlighting how data can be extracted using simple hardware and open-source software the transparency and lack of authentication is showcased. The research is specifically narrowed down to discovering vulnerabilities of the ADS-B protocol in order to apply countermeasures. Through fetching live aircraft data with OpenSky-Network and through fetching simulated ADS-B attack data with OpenScope, this thesis develops a data set with both authentic and malicious ADS-B messages. The data set was cleaned in order to remove outliers and other improper data. A machine learning model was later trained with the data set in order to detect malicious ADS-B messages. With the use of Support Vector Machine (SVM), it was possible to produce a model that can detect four different types of aviation communications attacks as well as allow authentic messages to pass through the IDS. The finished model was able to detect incoming ADS-B attacks with an overall accuracy of 83.10%.

ADS-B

ATC

Spoofing

Air Communication

OpenSky

OpenScope

Security

SVM

Machine Learning

Other Computer and Information Science

Annan data- och informationsvetenskap