Cybersecurity Attacks on Software Logic and Error Handling Within ADS-B Implementations: Systematic Testing of Resilience and Countermeasures

Khandker, Syed; Turtiainen, Hannu; Costin, Andrei; Hämäläinen, Timo D.

doi:10.1109/taes.2021.3139559

Cited by 20 publications

(35 citation statements)

References 31 publications

(36 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, implementing a proper defense strategy requires more systematic research and development, which is beyond the core focus of this paper. Nonetheless, in a similar service in aviation (ADS-B), we showed a received signal strength (RSS) and distance relationship model [8] that reached up to 90% accuracy in the best case. This strategy can easily be transferred to AIS, as the concept is protocol agnostic.…”

Section: Defence Against Ais Attacksmentioning

confidence: 86%

“…However, these types of portable receivers remain untested against cyberattacks, as shown in current literature. Lack of extensive study of AIS exploitation, insufficient study on the impact of cyberattacks on modern AIS setups, and our previous security experience on a similar aviation service (Automatic Dependent Surveillance-Broadcast (ADS-B) [7], [8]) have motivated us to conduct this study. Our aim is to enhance the early discovery of new vulnerabilities in AIS to effectively address AIS attacks in the nearest future.…”

mentioning

confidence: 99%

See 1 more Smart Citation

Cybersecurity Attacks on Software Logic and Error Handling Within AIS Implementations: A Systematic Testing of Resilience

Khandker¹,

Turtiainen²,

Costin³

et al. 2022

IEEE Access

Self Cite

View full text Add to dashboard Cite

To increase situational awareness of maritime vessels and other entities and to enable their exchange of various information, the International Maritime Organization mandated the use of the Automatic Identification System (AIS) in 2004. The AIS is a self-reporting system that uses the VHF radio link. However, any radio-based self-reporting system is prone to forgery, especially in situations where authentication of the message is not designed into the architecture. As AIS was designed in the 1990s when cyberattacks were in their infancy, it does not implement authentication or encryption; thus, it can be seen as fundamentally vulnerable against modern-day cyberattacks. This paper demonstrates and evaluates the impact of multiple cyberattacks on AIS via remote radio frequency (RF) links. Overall, we implemented and tested a total of 11 different tests/attacks on 18 AIS setups, using a controlled environment. The tested configurations were derived from heterogeneous platforms such as Windows, Android, generic receivers, and commercial transponders. The results showed that approximately 89% of the setups were affected by Denial-of-Service (DoS) attacks at the AIS protocol level. Besides implementing some existing attack ideas (e.g., spoofing, DoS, and flooding), we showed some novel attack concepts in the AIS context such as a coordinated attack, overwhelming alerts, and logical vulnerabilities, all of which have the potential to cause software/system crashes in the worst-case scenarios. Moreover, an implementation/specification flaw related to the AIS preamble was identified during the experiments, which may affect the interoperability of different AIS devices. The error-handling system in AIS was also investigated. Unlike the aviation sector's Automatic Dependent Surveillance-Broadcast (ADS-B), the maritime sector's AIS does not effectively support any error correction method, which may contribute to RF pollution and less effective use of the overall system. The consistency of our results for a comprehensive range of hardware-software configurations indicated the reliability of our approach, test system, and evaluation results.

show abstract

Section: Defence Against Ais Attacksmentioning

confidence: 86%

mentioning

confidence: 99%

Cybersecurity Attacks on Software Logic and Error Handling Within AIS Implementations: A Systematic Testing of Resilience

Khandker¹,

Turtiainen²,

Costin³

et al. 2022

IEEE Access

Self Cite

View full text Add to dashboard Cite

show abstract

“…Secondly, the methodology for POA signal generation was made specifically for this study as student work, which promotes its release as a part of this master's thesis. Thirdly, the signal generation methodologies for the ADS-B and AIS protocols were developed by Khandker et al (2021Khandker et al ( , 2022, and are retained as proprietary intellectual property of the University of Jyväskylä researchers. Because these protocols are used in aircraft and vessel tracking, attacks against them carries comparatively far-reaching consequences.…”

Section: Signal Transmittance Chain Developmentmentioning

confidence: 99%

“…Any informed individual or group can implement these protocols for compatible transceivers. Previous research has demonstrated that spoofing and other advanced attacks are possible for ACARS [20], [21], [22], [23], [24], ADS-B [25], [26], [27], [28], and AIS [29], [30].…”

Section: B Mission-critical Wireless Protocolsmentioning

confidence: 99%

See 1 more Smart Citation

On Apache Log4j2 Exploitation in Aeronautical, Maritime, and Aerospace Communication

Juvonen¹,

Costin²,

Turtiainen³

et al. 2022

IEEE Access

Self Cite

View full text Add to dashboard Cite

In this master's thesis on cyber security accessible methodology for over-the-air experiments using ACARS, ADS-B, and AIS telecommunication protocols is proposed, using software-defined radios, and utilising open-source and freeware software. The protocols are used as attack vectors for exploitation of Apache Log4j2 Java-library's vulnerabilities. Methods for studying CVE-2021-44228 "log4shell" remote code execution and related vulnerabilities using intentionally vulnerable software are presented. The telecommunication protocols' capabilities in transmitting CVE-2021-44228 and related cyberattack strings are evaluated by studying protocol specifications to identify probable attack vectors. Practical scenarios, in which mission critical and safety-of-life information systems could be exploitable, are experimentally demonstrated. All three studied protocols are found to be susceptible for wireless log4shell-cyberattacks, when identified preconditions are met. Moreover, novel findings concerning a high-severity Log4j2 denial of service vulnerability are presented.

show abstract

Physical layer protection for ADS-B against spoofing and jamming

Rudys

Aleksandravicius

Aleksiejunas

et al. 2022

International Journal of Critical Infrastructure Protection

View full text Add to dashboard Cite

Cybersecurity Attacks on Software Logic and Error Handling Within ADS-B Implementations: Systematic Testing of Resilience and Countermeasures

Cited by 20 publications

References 31 publications

Cybersecurity Attacks on Software Logic and Error Handling Within AIS Implementations: A Systematic Testing of Resilience

Cybersecurity Attacks on Software Logic and Error Handling Within AIS Implementations: A Systematic Testing of Resilience

On Apache Log4j2 Exploitation in Aeronautical, Maritime, and Aerospace Communication

Physical layer protection for ADS-B against spoofing and jamming

Contact Info

Product

Resources

About