DETECTING ADS-B REPLAY CYBERATTACKS IN THE NATIONAL AIRSPACE SYSTEM

Abstract

This paper investigates the cybersecurity risks in the National Airspace System (NAS) with the introduction of Automated Dependent Surveillance Broadcast (ADS-B) equipment, which has been required for regulated airspace since 2020 and will be essential part of the Next Generation (NextGen) Air Transportation System (ATS) infrastructure. It details the national security implications of the cybersecurity vulnerabilities in the ADS-B avionic system and reviews proposed mitigations. One of the possible attacks on ADS-B is the replay attack and the authors propose and test a method to detect such an attack using cosine similarity. To validate the approach, the authors developed a computer-based ADSB system using an RTL-Software Defined Radio (SDR) receiver to capture over 14 million live ADS-B transmissions from a region northwest of the Dulles International Airport. These readings were organized into a relational database for analysis. A data-driven detection algorithm was implemented with parallelism through shared memory and a live feed of ADS-B traffic interspersed with previously recorded message-sets as replay attacks. The system successfully detected various replay attack scenarios. Suggested mitigation measures for countering replay attacks are presented.