Detection of False Data Injection Attacks on the ADS-B protocol in the civil and military air traffic control – DApIA

The DApIA project aims at developing capabilities to detect False Data Injection Attacks (FDIA) using Machine Learning components on air surveillance data from the ADS-B protocol. The objective of FDIA attacks is to corrupt the semantics of the surveillance data while preserving the correct syntax and the logical consistency of the messages. The attacker's goal is to corrupt the overall state of the system under control via subtle and intelligent falsification (deletion, modification or addition) of the data logic. Many critical infrastructure control systems are vulnerable to FDIA attacks, but this need is heightened in the context of air surveillance, both civilian and military, by the increasing use of the ADS-B protocol. This aircraft messaging protocol is unencrypted and FDIA attacks are achievable with accessible means, especially in the context of state threats. The consequences of this type of attack can be disruptions to air surveillance, even to the point of blocking traffic.

DApIA is a maturation project that builds on the results of the ASTRID project GeLeaD - Generate, Learn and Detect - finalized in February 2022. GeLeaD has developed a tool chain at TRL 4 that combines the acquisition of ADS-B air surveillance data, the generation of alterations on these data to simulate attacks, and anomaly detection models. These detection models use supervised and unsupervised deep learning algorithms, which have been adapted to obtain efficient detection results on the experiments performed. Based on these results, the DApIA project aims at maturing to TRL 6 and extending the obtained results in three main ways: (1) taking into account any ADS-B track, for any flying object, and in particular taking into account low-altitude traffic such as drones and helicopters; (2) strengthening the performance and coverage of attack scenarios of the detection ML (Machine Learning) models both at the supervised and unsupervised levels and their implementation in real time to allow their integration in air traffic control environments; (3) the modularization of the detection chain, to facilitate its adaptation in the different contexts of civil and military use and its evolutivity according to the evolution of the threat.

As a result, the ASTRID Maturation DApIA project will provide detection capabilities for false data injection attacks adapted to the contexts of low altitude traffic and high altitude air traffic. It will provide a set of components ranging from data acquisition from real or simulated sources, preparation for supervised and unsupervised learning, and wide-field detection of alterations in surveillance data.