Lightweight Location Verification in Air Traffic Surveillance Networks

Strohmeier, Martin; Lenders, Vincent; Martinovic, Ivan

doi:10.1145/2732198.2732202

Cited by 42 publications

(23 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…There are two types of countermeasures: non-cryptographic and cryptographic solutions. Non-cryptographic methods include multilateration [13], [21], distance bounding [21], Kalman filtering [21], data fusion [21] and the lightweight location verification proposed by Strohmeier et al [22]. In terms of cryptographic solutions, some efforts have been made to provide the integrity and authenticity of ADS-B messages in the literature [2], [3], [8], [12], [18], [19].…”

Section: Related Workmentioning

confidence: 99%

A New ADS-B Authentication Framework Based on Efficient Hierarchical Identity-Based Signature with Batch Verification

Yang

Tan

Baek

et al. 2017

IEEE Trans. Serv. Comput.

View full text Add to dashboard Cite

Automatic Dependent Surveillance-Broadcast (ADS-B) has become a crucial part of next generation air traffic surveillance technology and will be mandatorily deployed for most of the airspaces worldwide by 2020. Each aircraft equipped with an ADS-B device keeps broadcasting plaintext messages to other aircraft and the ground station controllers once or twice per second. The lack of security measures in ADS-B systems makes it susceptible to different attacks. Among the various security issues, we investigate the integrity and authenticity of ADS-B messages. We propose a new framework for providing ADS-B with authentication based on three-level hierarchical identity-based signature (HIBS) with batch verification. Previous signature-based ADS-B authentication protocols focus on how to generate signatures efficiently, while our schemes can also significantly reduce the verification cost, which is critical to ADS-B systems, since at any time an ADS-B receiver may receive lots of signatures. We design two concrete schemes. The basic scheme supports partial batch verification and the extended scheme provides full batch verification. We give a formal security proof for the extended scheme. Experiment results show that our schemes with batch verification are tremendously more efficient in batch verifying n signatures than verifying n signatures independently. For example, the running time of verifying 100 signatures is 502ms and 484ms for the basic scheme and the extended scheme respectively, while the time is 2500ms if verifying the signatures independently.

show abstract

Section: Related Workmentioning

confidence: 99%

A New ADS-B Authentication Framework Based on Efficient Hierarchical Identity-Based Signature with Batch Verification

Yang

Tan

Baek

et al. 2017

IEEE Trans. Serv. Comput.

View full text Add to dashboard Cite

show abstract

“…One comment noted that German regulations for controllers state that they should not consider outages or wrong labels as a possibility in their work but always rely on the systems (the implication being that otherwise the workload could not be handled), illustrating technology's importance. ADS-B / TIS-B / FIS-B [6], [8], [10], [13], [51], [87] -X [50], [83], [84], [88]- [93] [50]- [52], [56], [58], [86], [ ACARS [10], [13], [62], [115], [116] X X [24], [62], [63], [116 VOR / NDB / DME [27], [80], [81] -X - [27], [80], [81]…”

Section: Assessment Of Concrete Scenariosmentioning

confidence: 99%

“…Typical representatives of this type of research are separate intrusion detection mechanisms based on cyber-physical defenses such as improved localization protocols (e.g., [57]). Also in this category, we can find works on statistical analysis [58], machine learning [36], physical-layer security [102]- [104], or data fusion with backup technologies [100]. The characteristic shared by these approaches is the fact that they can be deployed within a small time window.…”

Section: Directions In Aviation Security Researchmentioning

confidence: 99%

On Perception and Reality in Wireless Air Traffic Communication Security

Strohmeier

Schäfer

Pinheiro

et al. 2016

IEEE Trans. Intell. Transport. Syst.

Self Cite

View full text Add to dashboard Cite

More than a dozen wireless technologies are used by air traffic communication systems during different flight phases. From a conceptual perspective, all of them are insecure as security was never part of their design. Recent contributions from academic and hacking communities have exploited this inherent vulnerability to demonstrate attacks on some of these technologies. However, not all of these contributions have resonated widely within aviation circles. At the same time, the security community lacks certain aviation domain knowledge, preventing aviation authorities from giving credence to their findings.In this survey, we aim to reconcile the view of the security community and the perspective of aviation professionals concerning the safety of air traffic communication technologies. To achieve this, we first provide a systematization of the applications of wireless technologies upon which civil aviation relies. Based on these applications, we comprehensively analyze vulnerabilities and existing attacks. We further survey the existing research on countermeasures and categorize it into approaches that are applicable in the short term and research of secure new technologies deployable in the long term.Since not all of the required aviation knowledge is codified in academic publications, we additionally examine existing aviation standards and survey 242 international aviation experts. Besides their domain knowledge, we also analyze the awareness of members of the aviation community concerning the security of wireless systems and collect their expert opinions on the potential impact of concrete attack scenarios using these technologies.

show abstract

“…3.1 for more details) does not allow for the inclusion of reliable cryptography solutions, many contributions focused on providing security services through additional system-level approaches. To provide an example in this direction, the authors in [5] propose a two-stage location verification scheme. During an offline stage it creates a fingerprint of a particular aircraft, leveraging both Time Difference of Arrival (TDoA) values and deviations from nominal behavior.…”

Section: Related Workmentioning

confidence: 99%

SOS - Securing Open Skies

Sciancalepore¹,

Pietro²

2018

Security, Privacy, and Anonymity in Computation, Communication, and Storage

View full text Add to dashboard Cite

Automatic Dependent Surveillance -Broadcast (ADS-B) is the next generation communication technology selected for allowing commercial and military aircraft to deliver flight information to both ground base stations and other airplanes. Today, it is already on-board of 80% of commercial aircraft, and it will become mandatory by the 2020 in the US and the EU. ADS-B has been designed without any security consideration -messages are delivered wirelessly in clear text and they are not authenticated. In this paper we propose Securing Open Skies (SOS), a lightweight and standard-compliant framework for securing ADS-B technology wireless communications. SOS leverages the well-known µTESLA protocol, and includes some modifications necessary to deal with the severe bandwidth constraints of the ADS-B communication technology. In addition, SOS is resilient against message injection attacks, by recurring to majority voting techniques applied on central community servers. Overall, SOS emerges as a lightweight security solution, with a limited bandwidth overhead, that does not require any modification to the hardware already deployed. Further, SOS is standard compliant and able to reject active adversaries aiming at disrupting the correct functioning of the communication system. Finally, comparisons against state-of-the-art solutions do show the superior quality and viability of our solution.

show abstract

Lightweight Location Verification in Air Traffic Surveillance Networks

Cited by 42 publications

References 25 publications

A New ADS-B Authentication Framework Based on Efficient Hierarchical Identity-Based Signature with Batch Verification

A New ADS-B Authentication Framework Based on Efficient Hierarchical Identity-Based Signature with Batch Verification

On Perception and Reality in Wireless Air Traffic Communication Security

SOS - Securing Open Skies

Contact Info

Product

Resources

About