A Robust and Practical Solution to ADS-B Security Against Denial-of-Service Attacks

Automatic dependent surveillance-broadcast (ADS-B) has been widely deployed on aircraft to facilitate aviation information exchange and improve air traffic safety. However, its broadcast nature and lack of security considerations like encryption and authentication have caused the counterfeit of ADS-B messages to be straightforward. Flooding forged messages to legitimate aircraft, denial-of-service (DoS) attacks threaten flight security severely. In this paper, we propose a practical security solution against DoS attacks on ADS-B based on high-precision timestamp and position information. The solution achieves high feasibility and reliability by accommodating measurement errors of physical quantities. Besides, it preserves ADS-B frame size and ensures efficient computation in frame generation and verification. Comprehensive security analyses demonstrate robust filtrations of the proposed solution on malicious messages from DoS adversaries with different capabilities. Further simulations on real-world aviation data exhibit significant defensive performance realized by the DoS-immune ADS-B security solution. Whether adversaries can only intercept ciphertext, or they have opportunities to acquire decrypted messages, all DoS attacks on ADS-B are successfully thwarted by the solution. Even for adversaries with victim aircraft location estimation capacity, the solution resists all DoS attacks transmitting less than 50 forged messages per second.