Near-Real-Time IDS for the U.S. FAA’s NextGen ADS-B
| Autor: | Sikha Bagui, Samuel H. Russ, William Bradley Glisson, Dustin Mink, Jeffrey Todd McDonald, Ryan Benton, Jordan Shropshire |
|---|---|
| Jazyk: | angličtina |
| Rok vydání: | 2021 |
| Předmět: |
Technology
Spoofing attack Computer science network attack signatures Big data Real-time computing 0211 other engineering and technologies Context (language use) 02 engineering and technology Intrusion detection system Management Information Systems big data Artificial Intelligence data mining process 0202 electrical engineering electronic engineering information engineering Support Vector Machine (SVM) 021110 strategic defence & security studies business.industry 020206 networking & telecommunications Air traffic control Intrusion Detection System (IDS) Next Generation (NextGen) Air Transportation Systems Computer Science Applications Flooding (computer networking) Support vector machine Automatic Dependent Surveillance-Broadcast (ADS-B) False alarm business Information Systems |
| Zdroj: | Big Data and Cognitive Computing, Vol 5, Iss 27, p 27 (2021) Big Data and Cognitive Computing Volume 5 Issue 2 |
| ISSN: | 2504-2289 |
| Popis: | Modern-day aircraft are flying computer networks, vulnerable to ground station flooding, ghost aircraft injection or flooding, aircraft disappearance, virtual trajectory modifications or false alarm attacks, and aircraft spoofing. This work lays out a data mining process, in the context of big data, to determine flight patterns, including patterns for possible attacks, in the U.S. National Air Space (NAS). Flights outside the flight patterns are possible attacks. For this study, OpenSky was used as the data source of Automatic Dependent Surveillance-Broadcast (ADS-B) messages, NiFi was used for data management, Elasticsearch was used as the log analyzer, Kibana was used to visualize the data for feature selection, and Support Vector Machine (SVM) was used for classification. This research provides a solution for attack mitigation by packaging a machine learning algorithm, SVM, into an intrusion detection system and calculating the feasibility of processing US ADS-B messages in near real time. Results of this work show that ADS-B network attacks can be detected using network attack signatures, and volume and velocity calculations show that ADS-B messages are processable at the scale of the U.S. Next Generation (NextGen) Air Traffic Systems using commodity hardware, facilitating real time attack detection. Precision and recall close to 80% were obtained using SVM. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|