Graduate School and Research Center in Digital Sciences

Ghost in the Air(Traffic): On insecurity of ADS-B protocol and practical attacks on ADS-B devices

Costin, Andrei; Francillon, Aurélien

BLACKHAT 2012, July 21-26, 2012, Las Vegas, NV, USA

In this paper we investigate (in)security aspects of Automatic Dependent Surveillance-Broadcast (ADS-B) protocol. ADS-B is intended to be widely deployed in Air Traffic Management (ATM) Surveillance systems by 2020. One of the goals of ADS-B is to increase safety of air traffic. While the security of ADS-B was previously questioned, in this paper we demonstrate that attacks are both easy and practically feasible, for a moderately sophisticated attacker. Attacks range from passive attacks (eavesdropping) to active attacks (message jamming, replaying of injection). The attacks have been implemented using an Universal Software Radio Peripheral (USRP), a widely available Software-Defined Radio (SDR). for which we developed an ADS-B receiver/transmitter chain with GNURadio. We then present and analyze the results of the implemented attacks tested against both USRP-based and commercial-off-the-self (COTS) radio-enthusiast receivers. Subsequently, we discuss the risks associated with the described attacks and their implication on safety of air-traffic, as well as possible solutions on short and long terms. Finally, we argue that ADS-B, which is planned for long-term use, lacks the minimal and necessary security mechanism to ensure necessary security of the air traffic.

Document Bibtex

Title:Ghost in the Air(Traffic): On insecurity of ADS-B protocol and practical attacks on ADS-B devices
Keywords:Architecture and Design Air Traffic Control, Air Traffic Management, Automatic Dependent Surveillance-Broadcast, ADS-B, message injection, message replay, wireless security, privacy
Type:Conference
Language:English
City:Las Vegas
Country:UNITED STATES
Date:
Department:Digital Security
Eurecom ref:3788
Copyright: © EURECOM. Personal use of this material is permitted. The definitive version of this paper was published in BLACKHAT 2012, July 21-26, 2012, Las Vegas, NV, USA and is available at :
Bibtex: @inproceedings{EURECOM+3788, year = {2012}, title = {{G}host in the {A}ir({T}raffic): {O}n insecurity of {ADS}-{B} protocol and practical attacks on {ADS}-{B} devices}, author = {{C}ostin, {A}ndrei and {F}rancillon, {A}ur{\'e}lien}, booktitle = {{BLACKHAT} 2012, {J}uly 21-26, 2012, {L}as {V}egas, {NV}, {USA} }, address = {{L}as {V}egas, {UNITED} {STATES}}, month = {07}, url = {http://www.eurecom.fr/publication/3788} }
See also: