Search Results (203)

Due to VDES’s higher data transmission speed and complex communication protocols, vulnerabilities within its data link infrastructure are more pronounced. To ensure the reliability of VDES data transmission, this manuscript proposes a credibility monitoring approach based on the combined detection method of radio interference detection and spoofing source identification and localization, focusing on key data link vulnerabilities outlined in the IALA G1181 VDES VDL Integrity Guide. Automated monitoring is achieved through VDES data link monitoring software (VDES(AIS 2.0)), which is based on a three-tier architecture and a Client/Server (C/S) model. The software validates monitoring techniques and software against various interference scenarios. Visualization of monitoring results, alarm notifications, and relevant data through the front-end interface enhances understanding of VDES data link credibility. This framework supports effective surveillance and detection of vulnerabilities, such as radio interference and spoofing sources. Full article

Advancements in wireless communication and automation have revolutionized mobility systems, notably through autonomous vehicles and unmanned aerial vehicles (UAVs). UAV spatial coordinates, determined via Global Positioning System (GPS) signals, are susceptible to cyberattacks due to unencrypted and unauthenticated transmissions with GPS spoofing being a significant threat. To mitigate these vulnerabilities, intrusion detection systems (IDSs) for UAVs have been developed and enhanced using machine learning (ML) algorithms. However, Adversarial Machine Learning (AML) has introduced new risks by exploiting ML models. This study presents a UAV-IDS employing AML methodology to enhance the detection and classification of GPS spoofing attacks. The key contribution is the development of an AML detection model that significantly improves UAV system robustness and security. Our findings indicate that the model achieves a detection accuracy of 98%, demonstrating its effectiveness in managing large-scale datasets and complex tasks. This study emphasizes the importance of physical layer security for enhancing IDSs in UAVs by introducing a novel detection model centered on an adversarial training defense method and advanced deep learning techniques. Full article

Self-Supervised Representation Learning (SSRL) has become a potent strategy for addressing the growing threat of Global Positioning System (GPS) spoofing to small Unmanned Aerial Vehicles (UAVs) by capturing more abstract and high-level contributing features. This study focuses on enhancing attack detection capabilities by incorporating SSRL techniques. An innovative hybrid architecture integrates Long Short-Term Memory (LSTM) and Gated Recurrent Unit (GRU) models to detect attacks on small UAVs alongside two additional architectures, LSTM-Recurrent Neural Network (RNN) and Deep Neural Network (DNN), for detecting GPS spoofing attacks. The proposed model leverages SSRL, autonomously extracting meaningful features without the need for many labelled instances. Key configurations include LSTM-GRU, with 64 neurons in the input and concatenate layers and 32 neurons in the second layer. Ablation analysis explores various parameter settings, with the model achieving an impressive 99.9% accuracy after 10 epoch iterations, effectively countering GPS spoofing attacks. To further enhance this approach, transfer learning techniques are also incorporated, which help to improve the adaptability and generalisation of the SSRL model. By saving and applying pre-trained weights to a new dataset, we leverage prior knowledge to improve performance. This integration of SSRL and transfer learning yields a validation accuracy of 79.0%, demonstrating enhanced generalisation to new data and reduced training time. The combined approach underscores the robustness and efficiency of GPS spoofing detection in UAVs. Full article

The use of Unmanned Aerial Vehicles (UAVs) or drones has increased lately. This phenomenon is due to UAVs’ wide range of applications in fields such as agriculture, delivery, security and surveillance, and construction. In this context, the security and the continuity of UAV operations becomes a crucial issue. Spoofing, jamming, hijacking, and Denial of Service (DoS) attacks are just a few categories of attacks that threaten drones. The present paper is focused on the security of UAVs against DoS attacks. It illustrates the pros and cons of existing methods and resulting challenges. From here, we develop a novel method to detect DoS attacks in UAV environments. DoS attacks themselves have many sub-categories and can be executed using many techniques. Consequently, there is a need for robust protection and mitigation systems to shield UAVs from DoS attacks. One promising security solution is intrusion detection systems (IDSs). IDs paired with machine learning (ML) techniques provide the ability to greatly reduce the risk, as attacks can be detected before they happen. ML plays an important part in improving the performance of IDSs. The many existing ML models that detect DoS attacks on UAVs each carry their own strengths and limitations. Full article

This paper explores the application of sliding mode control (SMC) as a robust security enhancement strategy for unmanned aerial vehicle (UAV) systems. The study proposes integrating advanced SMC techniques with security protocols to develop a dual-purpose system that improves UAV control and fortifies against adversarial actions. The strategy includes dynamic reconfiguration capabilities within the SMC framework, allowing adaptive responses to threats by adjusting control laws and operational parameters. This is complemented by anomaly detection algorithms that monitor deviations in control signals and system states, providing early warnings of potential cyber-intrusions or physical tampering. Additionally, fault-tolerant SMC mechanisms are designed to maintain control and system stability even when parts of the UAV are compromised. The methodology involves simulation and real-world testing to validate the effectiveness of the SMC-based security enhancements. Simulations assess how the UAV handles attack scenarios, such as GPS spoofing and control signal jamming, with SMC adapting in real-time to mitigate these threats. Field tests further confirm the system’s capability to operate under varied conditions, proving the feasibility of SMC for enhancing UAV security. This integration of sliding mode control into UAV security protocols leverages control theory for security purposes, offering a significant advancement in the robust, adaptive control of UAVs in hostile environments. Full article

The increasing reliance of Vehicular Ad-hoc Networks (VANETs) on the BeiDou Navigation Satellite System (BDS) for precise positioning and timing information has raised significant concerns regarding their vulnerability to spoofing attacks. This research proposes a novel approach to mitigate BeiDou spoofing attacks in VANETs by leveraging a hybrid machine learning model that combines XGBoost and Random Forest with a Kalman Filter for real-time anomaly detection in BeiDou signals. It also introduces a geospatial message authentication mechanism to enhance vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communication security. The research investigates low-cost and accessible countermeasures against spoofing attacks using COTS receivers and open-source SDRs. Spoofing attack scenarios are implemented in both software and hardware domains using an open-source BeiDou signal simulator to examine the effects of different spoofing attacks on victim receivers and identify detection methods for each type, focusing on pre-correlation techniques with power-related metrics and signal quality monitoring using correlator values. The emulation results demonstrate the effectiveness of the proposed approach in detecting and mitigating BeiDou spoofing attacks in VANETs, ensuring the integrity and reliability of safety-critical information. This research contributes to the development of robust security mechanisms for VANETs and has practical implications for enhancing the resilience of transportation systems against spoofing threats. Future research will focus on extending the proposed approach to other GNSS constellations and exploring the integration of additional security measures to further strengthen VANET security. Full article

In autonomous driving, Frequency-Modulated Continuous-Wave (FMCW) radar has gained widespread acceptance for target detection due to its resilience and dependability under diverse weather and illumination circumstances. Although deep learning radar target identification models have seen fast improvement, there is a lack of research on their susceptibility to adversarial attacks. Various spoofing attack techniques have been suggested to target radar sensors by deliberately sending certain signals through specialized devices. In this paper, we proposed a new adversarial deep learning network for spoofing attacks in radar target detection (RTD). Multi-level adversarial attack prevention using deep learning is designed for the coherence pulse deep feature map from DAALnet and Range-Doppler (RD) map from TDDLnet. After the discrimination of the attack, optimization of hybrid deep learning (OHDL) integrated with enhanced PSO is used to predict the range and velocity of the target. Simulations are performed to evaluate the sensitivity of AOHDL for different radar environment configurations. RMSE of AOHDL is almost the same as OHDL without attack conditions and it outperforms the earlier RTD implementations. Full article

The Automatic Identification System (AIS) utilizes base stations to manage vessel traffic and disseminate waterway information. These stations broadcast maritime safety data to vessels within their service radius using VHF signals. However, the emergence of “spoofing base stations” poses a significant threat to maritime safety. These impostors mimic legitimate AIS base stations by appropriating their Maritime Mobile Service Identity (MMSI) information, interacting with vessels, potentially leading to erroneous decisions, or guiding vessels into hazardous areas. Therefore, ensuring the credibility of AIS base stations is critical for safe vessel navigation. It is essential to distinguish between genuine AIS base stations and “spoofing base stations” to achieve this goal. One criterion for identifying AIS spoofing involves detecting signals beyond the expected service radius of AIS base stations. This paper proposes a method to monitor the credibility of AIS base stations through a service radius detection pattern. Furthermore, the method analyzes the impact of hydrological and meteorological factors on AIS signal propagation in complex sea surface environments. By integrating empirical data, it accurately describes the mathematical relationship and calculates the service radius of AIS base station signals. Analyzing vessel position coordinates, decoding base station position messages, and computing distances between vessels and AIS base stations allows for matching with the AIS base station’s designated service radius and propagation distance. This approach enables precise identification of AIS spoofing base stations, thereby facilitating robust monitoring of AIS base station credibility. The research outcomes provide a foundational framework for developing high-credibility AIS base station services within integrated maritime navigation and information systems. Full article

Behavioral malware detection is based on attributing malicious actions to processes. Malicious processes may try to hide by changing the behavior of other benign processes to achieve their goals. We showcase how Component Object Model (COM) and Windows Management Instrumentation (WMI) can be used to create such spoofing attacks. We discuss the internals of COM and WMI and Asynchronous Local Procedure Call (ALPC). We present multiple functional monitoring techniques to identify the spoofing and discuss the strong and weak points of each technique. We create a robust process monitoring system that can correctly identify the source of malicious actions spoofed via COM, WMI and ALPC with a low performance impact. Finally, we discuss how malicious actors use COM, WMI and ALPC by examining real-world malware detected by our monitoring system. Full article

Compared to conventional spoofing, emerging spoofing attacks pose a heightened threat to security applications within the global navigation satellite system (GNSS) due to their subtly designed signal structures. In response, a novel spoofing detection method entitled aggregated correlation residue likelihood analysis (A-CoRLiAn) is proposed in this study. Requiring only the addition of a pair of supplementary correlators, A-CoRLiAn harnesses correlation residues to formulate a likelihood metric, subsequently aggregating weighted decisions from all tracked satellites to ascertain the presence of spoofing. Evaluated under six diverse spoofing scenarios (including emerging challenges) in the Texas Spoofing Test Battery (TEXBAT) via Monte Carlo simulations, A-CoRLiAn yields a detection rate of 99.71%, demonstrating sensitivity, robustness, autonomy, and a lightweight architecture conducive to real-time implementation against spoofing threats. Full article

GNSS spoofing has become a significant security vulnerability threatening remote sensing systems. Hardware fingerprint-based GNSS receiver identification is one of the solutions to address this security issue. However, existing research has not provided a solution for distinguishing GNSS receivers of the same specification. This paper first theoretically proves that the CSACs (Chip-Scale Atomic Clocks) used in GNSS receivers have unique hardware noise and then proposes a fingerprinting scheme based on this hardware noise. Experiments based on the neural network method demonstrate that this fingerprint achieved an identification accuracy of 94.60% for commercial GNSS receivers of the same specification and performed excellently in anomaly detection, confirming the robustness of the fingerprinting method. This method shows a new real-time GNSS security monitoring method based on CSACs and can be easily used with any commercial GNSS receivers. Full article

Bluetooth Low Energy (BLE) is a prominent short-range wireless communication protocol widely extended for communications and sensor systems in consumer electronics and industrial applications, ranging from manufacturing to retail and healthcare. The BLE protocol provides four generic access profile (GAP) roles when it is used in its low-energy version, i.e., ver. 4 and beyond. GAP roles control connections and allow BLE devices to interoperate each other. They are defined by the Bluetooth special interest group (SIG) and are primarily oriented to connect peripherals wirelessly to smartphones, laptops, and desktops. Consequently, the existing GAP roles have characteristics that do not fit well with vehicular communications in cooperative intelligent transport systems (C-ITS), where low-latency communications in high-density environments with stringent security demands are required. This work addresses this gap by developing two new GAP roles, defined at the application layer to meet the specific requirements of vehicular communications, and by providing a service application programming interface (API) for developers of vehicle-to-everything (V2X) applications. We have named this new approach ITS-BLE. These GAP roles are intended to facilitate BLE-based solutions for real-world scenarios on roads, such as detecting road traffic signs or exchanging information at toll booths. We have developed a prototype able to work indistinctly as a unidirectional or bidirectional communication device, depending on the use case. To solve security risks in the exchange of personal data, BLE data packets, here called packet data units (PDU), are encrypted or signed to guarantee either privacy when sharing sensitive data or authenticity when avoiding spoofing, respectively. Measurements taken and their later evaluation demonstrated the feasibility of a V2X BLE network consisting of picocells with a radius of about 200 m. Full article

The Face Anti-Spoofing (FAS) methods plays a very important role in ensuring the security of face recognition systems. The existing FAS methods perform well in short-distance scenarios, e.g., phone unlocking, face payment, etc. However, it is still challenging to improve the generalization of FAS in long-distance scenarios (e.g., surveillance) due to the varying image quality. In order to address the lack of low-quality images in real scenarios, we build a Low-Quality Face Anti-Spoofing Dataset (LQFA-D) by using Hikvision’s surveillance cameras. In order to deploy the model on an edge device with limited computation, we propose a lightweight FAS network based on MobileFaceNet, in which the Coordinate Attention (CA) attention model is introduced to capture the important spatial information. Then, we propose a multi-scale FAS framework for low-quality images to explore multi-scale features, which includes three multi-scale models. The experimental results of the LQFA-D show that the Average Classification Error Rate (ACER) and detection time of the proposed method are 1.39% and 45 ms per image for the low-quality images, respectively. It demonstrates the effectiveness of the proposed method in this paper. Full article

Increased interest in the development and integration of navigation and positioning services into a wide range of receivers makes them susceptible to a variety of security attacks such as Global Navigation Satellite Systems (GNSS) jamming and spoofing attacks. The availability of low-cost devices including software-defined radios (SDRs) provides a wide accessibility of affordable platforms that can be used to perform these attacks. Early detection of jamming and spoofing interferences is essential for mitigation and avoidance of service degradation. For these reasons, the development of efficient detection methods has become an important research topic and a number of effective methods has been reported in the literature. This survey offers the reader a comprehensive and systematic review of methods for detection of GNSS jamming and spoofing interferences. The categorization and classification of selected methods according to specific parameters and features is provided with a focus on recent advances in the field. Although many different detection methods have been reported, significant research efforts toward developing new and more efficient methods remain ongoing. These efforts are driven by the rapid development and increased number of attacks that pose high-security risks. The presented review of GNSS jamming and spoofing detection methods may be used for the selection of the most appropriate solution for specific purposes and constraints and also to provide a reference for future research. Full article

Recently, methods to detect DoS and spoofing attacks on In-Vehicle Networks via the CAN protocol have been studied using deep learning models, such as CNN, RNN, and LSTM. These studies have produced significant results in the field of In-Vehicle Network attack detection using deep learning models. However, these studies have typically addressed studies on single-model intrusion detection verification in drone networks. This study developed an ensemble model that can detect multiple types of intrusion simultaneously. In preprocessing, the patterns within the payload using the measure of Feature Importance are distinguished from the attack and normal data. As a result, this improved the accuracy of the ensemble model. Through the experiment, both the accuracy score and the F1-score were verified for practical utility through 97% detection performance measurement. Full article