AdaptIDS: Adaptive Intrusion Detection for Mission-Critical Aerospace Vehicles

Aerospace and defense industries are particularly vulnerable to cyber threats given their sensitive nature, significantly extending the consequences of security breaches to the national level. Aerospace vehicles are augmented by cooperative control, intelligent, connected, and autonomous systems. The risk against such systems is further amplified due to commonly relying on the MIL-STD-1553 communication bus developed with a high focus on reliability and fault tolerance, albeit with security as a second priority. MIL-STD-1553 (a.k.a., STANAG 3838 by NATO) is a standard that describes a serial data communication bus primarily used in aerospace vehicles for military and civilian applications, including avionics, aircraft, and spacecraft data handling. In the absence of core security measures such as authentication, authorization, and encryption, the bus connecting sensitive functions, including autopilot, GPS, fuel valve switches, and other avionics equipment, is easily vulnerable to a wide range of attacks. This paper proposes, AdaptIDS, a novel adaptive intrusion detection system as a security analytics framework for the MIL-STD-1553 communication bus. AdaptIDS mainly adopts data science principles and leverages advanced deep learning techniques (i.e., the stacking ensemble) to boost its generalization capabilities for detecting unseen patterns of attacks in the dynamic changing environment of aerospace vehicles. Extensive experiments are conducted using two datasets generated from an open-source simulation system, reflecting dynamic real-life scenarios. The evaluation results demonstrate that our solution outperforms existing solutions with high detection effectiveness of 0.99 F1-measure and computational time efficiency.

[1]  Mohammad Zulkernine,et al.  A Review and Analysis of Attack Vectors on MIL-STD-1553 Communication Bus , 2022, IEEE Transactions on Aerospace and Electronic Systems.

[2]  A. Shabtai,et al.  AnoMili: Spoofing Prevention and Explainable Anomaly Detection for the 1553 Military Avionic Bus , 2022, ArXiv.

[3]  Daojing He,et al.  Design of Attack and Defense Framework for 1553B-based Integrated Electronic Systems , 2021, IEEE Network.

[4]  Huy Kang Kim,et al.  Self-Supervised Anomaly Detection for In-Vehicle Network Using Noised Pseudo Normal Data , 2021, IEEE Transactions on Vehicular Technology.

[5]  S. P. Romano,et al.  Exploiting the MIL-STD-1553 avionic data bus with an active cyber device , 2021, Comput. Secur..

[6]  D. Josyula,et al.  Anomaly Detection on MIL-STD-1553 Dataset using Machine Learning Algorithms , 2020, 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom).

[7]  Etobi Damian Tita,et al.  Tactical Remodeling of Unrecoverable Packets in MIL-STD-1553 Network-bus for Industrial-IoBT , 2020, 2020 International Conference on Information and Communication Technology Convergence (ICTC).

[8]  Kaiqi Xiong,et al.  A Survey on Security Attacks and Defense Techniques for Connected and Autonomous Vehicles , 2020, Comput. Secur..

[9]  Danilo Caivano,et al.  Intrusion Detection for in-Vehicle Communication Networks: An Unsupervised Kohonen SOM Approach , 2020, Future Internet.

[10]  Daojing He,et al.  A Lightweight and Intelligent Intrusion Detection System for Integrated Electronic Systems , 2020, IEEE Network.

[11]  Sibin Mohan,et al.  Securing Vehicle-to-Everything (V2X) Communication Platforms , 2020, IEEE Transactions on Intelligent Vehicles.

[12]  Vincent Roberge,et al.  MAIDENS: MIL-STD-1553 Anomaly-Based Intrusion Detection System Using Time-Based Histogram Comparison , 2020, IEEE Transactions on Aerospace and Electronic Systems.

[13]  Gedare Bloom,et al.  SAIDuCANT: Specification-Based Automotive Intrusion Detection Using Controller Area Network (CAN) Timing , 2020, IEEE Transactions on Vehicular Technology.

[14]  Yuval Elovici,et al.  Datasets of RT spoofing attacks on MIL-STD-1553 communication traffic , 2019, Data in brief.

[15]  Mohsen Guizani,et al.  Security Analysis of a Space-Based Wireless Network , 2019, IEEE Network.

[16]  Yuval Elovici,et al.  On the Security of MIL-STD-1553 Communication Bus , 2018, ISSA/CSITS@ESORICS.

[17]  Chris Wiegand,et al.  F-35 Air Vehicle Technology Overview , 2018, 2018 Aviation Technology, Integration, and Operations Conference.

[18]  Yuval Elovici,et al.  Protecting Military Avionics Platforms from Attacks on MIL-STD-1553 Communication Bus , 2017, ArXiv.

[19]  Tim Leinmüller,et al.  Survey on Misbehavior Detection in Cooperative Intelligent Transportation Systems , 2016, IEEE Communications Surveys & Tutorials.

[20]  Gregory Ditzler,et al.  Learning in Nonstationary Environments: A Survey , 2015, IEEE Computational Intelligence Magazine.

[21]  David Umphress,et al.  Cyber threat impact assessment and analysis for space vehicle architectures , 2014, Defense + Security Symposium.

[22]  J. Jose,et al.  Design of Manchester II bi-phase encoder for MIL-STD-1553 protocol , 2013, 2013 International Mutli-Conference on Automation, Computing, Communication, Control and Compressed Sensing (iMac4s).

[23]  C. Riley,et al.  Aircraft systems cyber security , 2011, 2012 Integrated Communications, Navigation and Surveillance Conference.

[24]  Matthew John Squair,et al.  Safety, software architecture and MIL-STD-1760 , 2007 .

[25]  J. K. Murdock,et al.  Open systems avionics network to replace MIL-STD-1553 , 2000, 19th DASC. 19th Digital Avionics Systems Conference. Proceedings (Cat. No.00CH37126).

[26]  Jiyoung Woo,et al.  In-vehicle network intrusion detection using deep convolutional neural network , 2020, Veh. Commun..

[27]  Yuval Elovici,et al.  Security and Safety Interplay of Intelligent Software Systems , 2018, Lecture Notes in Computer Science.