电子电气工程与控制

基于深度学习的ADS-B异常数据检测模型

  • 丁建立 ,
  • 邹云开 ,
  • 王静 ,
  • 王怀超
展开
  • 1. 中国民航大学 计算机学院, 天津 300300;
    2. 中国民航大学 中欧航空工程师学院, 天津 300300

收稿日期: 2019-06-14

  修回日期: 2019-08-11

  网络出版日期: 2019-08-29

基金资助

国家自然科学基金民航联合基金(U1833114);民航安全能力项目(AADSA0018)

ADS-B anomaly data detection model based on deep learning

  • DING Jianli ,
  • ZOU Yunkai ,
  • WANG Jing ,
  • WANG Huaichao
Expand
  • 1. College of Computer Science and Technology, Civil Aviation University of China, Tianjin 300300, China;
    2. Sino-European Institute of Aviation Engineering, Civil Aviation University of China, Tianjin 300300, China

Received date: 2019-06-14

  Revised date: 2019-08-11

  Online published: 2019-08-29

Supported by

National Natural Science Civil Aviation Joint Foundation of China (U1833114); Civil Aviation Safety Ability Program(AADSA0018)

摘要

广播式自动相关监视(ADS-B)是下一代空中交通运输系统的重要组成部分,是新航行系统中非常重要的通信和监视技术,但其协议没有提供相关的信息认证和数据加密,因此极其容易受到欺骗干扰的影响。针对ADS-B报文数据特点,采用深度学习的seq2seq模型对ADS-B报文数据进行重构,通过重构误差来检测异常,并对数据进行特征扩展,使模型能更好的捕捉数据的时间依赖性。实验结果表明,所采用的方法优于传统的机器学习方法,且在数据特征扩展后,模型检测效果提升。相比于现有的欺骗干扰检测方法,该方法不需要改变ADS-B系统的协议,也不需要额外的节点或传感器参与,具有一定的适应性和灵活性。

本文引用格式

丁建立 , 邹云开 , 王静 , 王怀超 . 基于深度学习的ADS-B异常数据检测模型[J]. 航空学报, 2019 , 40(12) : 323220 -323220 . DOI: 10.7527/S1000-6893.2019.23220

Abstract

Automatic Dependent Surveillance-Broadcast (ADS-B) is an important part of the next generation air transportation system. It is a critical communication and monitoring technology in the new navigation system, but its protocol does not provide relevant authentication and data encryption, so it is extremely vulnerable to various spoofing attack. Based on the data characteristics, this paper uses the deep learning seq2seq model to reconstruct the ADS-B time series, and the reconstruction error can detect the anomalous ADS-B messages. Extending the feature space of time series enables the model to better capture the time dependence to further improve the effect of anomaly detection. The experimental results show that the proposed method is superior to traditional machine learning methods and time series enrichment can improve detection results. Compared with the existing spoofing attack detection method, the proposed method does not need to change the ADS-B protocol and does not require additional participating nodes or sensors, and has certain adaptability and flexibility.

参考文献

[1] SCHÄFER M, LENDERS V, MARTINOVIC I. Experimental analysis of attacks on next generation air traffic communication[C]//International Conference on Applied Cryptography and Network Security. Berlin:Heidelberg, 2013:253-271.
[2] YANG H, HUANG R, WANG X, et al. EBAA:An efficient broadcast authentication scheme for ADS-B communication based on IBS-MR[J]. Chinese Journal of Aeronautics, 2014, 27(3):688-696.
[3] BAEK J, HABLEEL E, BYON Y J, et al. How to protect ADS-B:Confidentiality framework and efficient realization based on staged identity-based encryption[J]. IEEE Transactions on Intelligent Transportation Systems, 2016, 18(3):690-700.
[4] STROHMEIER M, MARTINOVIC I. On passive data link layer fingerprinting of aircraft transponders[C]//Proceedings of the First ACM Workshop on Cyber-Physical Systems-Security and/or PrivaCy. New York:ACM, 2015:1-9.
[5] JOHNSON J, NEUFELDT H, BEYER J. Wide area multilateration and ADS-B proves resilient in Afghanistan[C]//2012 Integrated Communications, Navigation and Surveillance Conference. Piscataway, NJ:IEEE Press, 2012:A6-1-A6-8.
[6] 颜可壹, 吕泽均, 时宏伟,等. 基于TDOA/TSOA的ADS-B系统防欺骗技术[J]. 计算机应用研究, 2015, 32(8):2272-2275. YAN K Y, LV Z J, SHI H W, et al. ADS-B system anti cheat technology based on TDOA/TSOA[J]. Application research of Computers, 2015, 32(8):2272-2275(in Chinese).
[7] KAUNE R, STEFFES C, RAU S, et al. Wide area multilateration using ADS-B transponder signals[C]//2012 15th International Conference on Information Fusion. Piscataway, NJ:IEEE Press, 2012:727-734.
[8] KACEM T, WIJESEKERA D, COSTA P, et al. An ADS-B intrusion detection system[C]//2016 IEEE Trustcom/BigDataSE/ISPA. Piscataway, NJ:IEEE Press, 2016:544-551.
[9] STROHMEIER M, MARTINOVIC I, LENDERS V. A k-NN-based localization approach for crowdsourced air traffic communication networks[J]. IEEE Transactions on Aerospace and Electronic Systems, 2018, 54(3):1519-1529.
[10] 侯明正, 冯子亮, 潘卫军, 等. 一种检测ADS-B虚假目标的方法.中国:CN102323567A[P].2012. HOU M Z, FENG Z L, PAN W J, et al. A method for detecting ADS-B false targets. China:CN102323567A[P]. 2012(in Chinese)
[11] 陈蕾, 吴仁彪, 卢丹. 利用多普勒效应的ADS3B欺骗式干扰检测方法[J]. 信号处理, 2018, 34(6):722-728. CHEN L, WU R B, LU D. ADS-B spoofing detection method using doppler effect[J]. Journal of Signal Processing, 2018, 34(6):722-728(in Chinese).
[12] WANG W, CHEN G, WU R, et al. A low-complexity spoofing detection and suppression approach for ADS-B[C]//2015 Integrated Communication, Navigation and Surveillance Conference. Piscataway, NJ:IEEE Press, 2015:K2-1-K2-8.
[13] AHMAD S, LAVIN A, PURDY S, et al. Unsupervised real-time anomaly detection for streaming data[J]. Neurocomputing, 2017, 262:134-147.
[14] TERZI D S, TERZI R, SAGIROGLU S. Big data analytics for network anomaly detection from netflow data[C]//2017 International Conference on Computer Science and Engineering. Piscataway, NJ:IEEE Press, 2017:592-597.
[15] XU H, CHEN W, ZHAO N, et al. Unsupervised anomaly detection via variational auto-encoder for seasonal kpis in web applications[C]//Proceedings of the 2018 World Wide Web Conference, 2018:187-196.
[16] LAPTEV N, AMIZADEH S, FLINT I. Generic and scalable framework for automated time-series anomaly detection[C]//Proceedings of the 21th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. New York:ACM, 2015:1939-1947.
[17] LIU D, ZHAO Y, XU H, et al. Opprentice:Towards practical and automatic anomaly detection through machine learning[C]//Proceedings of the 2015 Internet Measurement Conference. New York:ACM, 2015:211-224.
[18] GÖRNITZ N, KLOFT M, RIECK K, et al. Toward supervised anomaly detection[J]. Journal of Artificial Intelligence Research, 2013, 46:235-262.
[19] PENG H K, MARCULESCU R. Multi-scale compositionality:Identifying the compositional structures of social dynamics using deep learning[J]. PloS one, 2015, 10(4):e0118309.
[20] JAVAID A, NIYAZ Q, SUN W, et al. A deep learning approach for network intrusion detection system[C]//Proceedings of the 9th EAI International Conference on Bio-inspired Information and Communications Technologies, 2016:21-26.
[21] CHO K, VAN MERRIËNBOER B, GULCEHRE C, et al. Learning phrase representations using RNN encoder-decoder for statistical machine translation[J]. arXiv preprint arXiv:1406.1078, 2014.
[22] STROHMEIER M, LENDERS V, MARTINOVIC I. On the security of the automatic dependent surveillance-broadcast protocol[J]. IEEE Communications Surveys & Tutorials, 2014, 17(2):1066-1087.
[23] MANESH M R, KAABOUCH N. Analysis of vulnerabilities, attacks, countermeasures and overall risk of the Automatic Dependent Surveillance-Broadcast (ADS-B) system[J]. International Journal of Critical Infrastructure Protection, 2017, 19:16-31.
[24] CHAN-TIN E, HEORHIADI V, HOPPER N, et al. The frog-boiling attack:Limitations of secure network coordinate systems[J]. ACM Transactions on Information and System Security, 2011, 14(3):27.
[25] DONG W, YUAN T, YANG K, et al. Autoencoder regularized network for driving style representation learning[EB/OL]. (2017-01-05)[2019-06-14].https://arxiv.org/abs/1701.01272.
[26] KIEU T, YANG B, JENSEN C S. Outlier detection for multidimensional time series using deep neural networks[C]//2018 19th IEEE International Conference on Mobile Data Management. Piscataway, NJ:IEEE Press, 2018:125-134.
[27] HOCHREITER S, SCHMIDHUBER J. Long short-term memory[J]. Neural computation, 1997, 9(8):1735-1780.
[28] GRAVES A, SCHMIDHUBER J. Framewise phoneme classification with bidirectional LSTM and other neural network architectures[J]. Neural Networks, 2005, 18(5-6):602-610.
文章导航

/