Navigation Data Anomaly Analysis and Detection

Several disruptive attacks against companies in the maritime industry have led experts to consider the increased risk imposed by cyber threats as a major obstacle to undergoing digitization. The industry is heading toward increased automation and connectivity, leading to reduced human involvement in the different navigational functions and increased reliance on sensor data and software for more autonomous modes of operations. To meet the objectives of increased automation under the threat of cyber attacks, the different software modules that are expected to be involved in different navigational functions need to be prepared to detect such attacks utilizing suitable detection techniques. Therefore, we propose a systematic approach for analyzing the navigational NMEA messages carrying the data of the different sensors, their possible anomalies, malicious causes of such anomalies as well as the appropriate detection algorithms. The proposed approach is evaluated through two use cases, traditional Integrated Navigation System (INS) and Autonomous Passenger Ship (APS). The results reflect the utility of specification and frequency-based detection in detecting the identified anomalies with high confidence. Also, the analysis is found to facilitate the communication of threats through indicating the possible impact of the identified anomalies against the navigational operations. Moreover, we have developed a testing environment that facilitates conducting the analysis. The environment includes a developed tool, NMEA−Manipulator that enables the invocation of the identified anomalies through a group of cyber attacks on sensor data. Our work paves the way for future work in the analysis of NMEA anomalies toward the development of an NMEA intrusion detection system.

[1]  S. Katsikas,et al.  Assessing Cyber Risk in Cyber-Physical Systems Using the ATT&CK Framework , 2022, ACM Trans. Priv. Secur..

[2]  Jean-Christophe Cexus,et al.  Navigation anomaly detection: An added value for Maritime Cyber Situational Awareness , 2021, 2021 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA).

[3]  Michail Tsikerdekis,et al.  Marine Network Protocols and Security Risks , 2021, Journal of Cybersecurity and Privacy.

[4]  Vasileios Gkioulos,et al.  Communication architecture for autonomous passenger ship , 2021, Proceedings of the Institution of Mechanical Engineers, Part O: Journal of Risk and Reliability.

[5]  Sherman Lo,et al.  Detection of GNSS Spoofing using NMEA Messages , 2020, 2020 European Navigation Conference (ENC).

[6]  Takeshi Takahashi,et al.  Toward Automated Smart Ships: Designing Effective Cyber Risk Management , 2020, 2020 International Conferences on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData) and IEEE Congress on Cybermatics (Cybermatics).

[7]  Rutu Parekh,et al.  Realtime Wireless Embedded Electronics for Soldier Security , 2020, 2020 IEEE International Conference on Electronics, Computing and Communication Technologies (CONECCT).

[8]  Aldo Napoli,et al.  Data integrity assessment for maritime anomaly detection , 2020, Expert Syst. Appl..

[9]  K. Aishwarya,et al.  A Novel Technique for Vehicle Theft Detection System Using MQTT on IoT , 2020 .

[10]  Abu Talib Bin Othman,et al.  Intrusion detection system for automotive Controller Area Network (CAN) bus system: a review , 2019, EURASIP J. Wirel. Commun. Netw..

[11]  Ki-Taek Seong,et al.  Implementation of voyage data recording device using a digital forensics-based hash algorithm , 2019 .

[12]  Alen Jugović,et al.  A Study on Cyber Security Threats in a Shipboard Integrated Navigational System , 2019, Journal of Marine Science and Engineering.

[13]  Yvon Kermarrec,et al.  Cyber attacks real time detection: towards a Cyber Situational Awareness for naval systems , 2019, 2019 International Conference on Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA).

[14]  George Loukas,et al.  A taxonomy and survey of cyber-physical intrusion detection approaches for vehicles , 2019, Ad Hoc Networks.

[15]  Georgios Kavallieratos,et al.  Cyber-Attacks Against the Autonomous Ship , 2018, CyberICPS/SECPRE@ESORICS.

[16]  Jan Erik Vinnem,et al.  Risk from cyberattacks on autonomous ships , 2018, Safety and Reliability – Safe Societies in a Changing World.

[17]  Jan Erik Vinnem,et al.  Safety and Reliability – Safe Societies in a Changing World , 2018 .

[18]  Yordan Sivkov,et al.  Transformation of NMEA ship network from sensor-based to information-based model , 2018, 2018 20th International Symposium on Electrical Apparatus and Technologies (SIELA).

[19]  Alessandro Cantelli-Forti,et al.  Forensic Analysis of Industrial Critical Systems: The Costa Concordia's Voyage Data Recorder Case , 2018, 2018 IEEE International Conference on Smart Computing (SMARTCOMP).

[20]  Mass Soldal Lund,et al.  Enhancing Navigator Competence by Demonstrating Maritime Cyber Security , 2018, Journal of Navigation.

[21]  Frank Teuteberg,et al.  Digitization in maritime logistics—What is there and what is missing? , 2017 .

[22]  Sridhar Adepu,et al.  A Six-Step Model for Safety and Security Analysis of Cyber-Physical Systems , 2016, CRITIS.

[23]  Ankit Kumar Singh,et al.  Design of Universal Module for Personal Security , 2016 .

[24]  João José Costa Gondim,et al.  Extraction and Analysis of Volatile Memory in Android Systems: An Approach Focused on Trajectory Reconstruction Based on NMEA 0183 Standard , 2016, 2016 11th International Conference on Availability, Reliability and Security (ARES).

[25]  Srećko Krile,et al.  NMEA Communication Standard for Shipboard Data Architecture , 2013 .

[26]  Thomas Porathe,et al.  Communication architecture for an unmanned merchant ship , 2013, 2013 MTS/IEEE OCEANS - Bergen.

[27]  Michele Fiorini,et al.  Maritime awareness through data sharing in VTS systems , 2012, 2012 12th International Conference on ITS Telecommunications.

[28]  David Loshin,et al.  The Practitioner's Guide to Data Quality Improvement , 2010 .

[29]  G. Maciá-Fernández,et al.  Anomaly-based network intrusion detection: Techniques, systems and challenges , 2009, Comput. Secur..

[30]  Karl N. Levitt,et al.  A specification-based intrusion detection system for AODV , 2003, SASN '03.

[31]  Christopher Krügel,et al.  Using Decision Trees to Improve Signature-Based Intrusion Detection , 2003, RAID.

[32]  Lee A. Luft,et al.  NMEA 2000 A Digital Interface for the 21 st Century , 2002 .

[33]  Ahmed Amro Cyber-Physical Tracking of IoT devices: A maritime use case , 2021 .

[34]  Jan Bauer,et al.  BRAT: A BRidge Attack Tool for Cyber Security Assessments of Maritime Systems , 2021 .

[35]  V. Gkioulos,et al.  Communication and Cybersecurity Testbed for Autonomous Passenger Ship , 2021, CyberICPS/SECPRE/ADIoT/SPOSE/CPS4CIP/CDT&SECOMANE@ESORICS.

[36]  Daniel Blauwkamp Toward a Deep Learning Approach to Behavior-based AIS Traffic Anomaly Detection , 2019 .

[37]  Adam G. Pennington,et al.  MITRE ATT&CK ® : Design and Philosophy , 2018 .

[38]  Angela Orebaugh,et al.  Wireshark & Ethereal Network Protocol Analyzer Toolkit , 2007 .

[39]  Warship,et al.  The Royal Institution of Naval Architects , 1960, Nature.