Nowadays, aircraft safety is based on different systems and four of them share the same data-link protocol: Secondary Surveillance Radar, Automatic Dependent Surveillance System, Traffic Collision Avoidance System, and Traffic Information System use the Mode S protocol to send and receive information. This protocol does not provide any kind of authentication, making some of these applications vulnerable to cyberattacks. In this paper, an intrusion detection mechanism based on transmitter Radio Frequency (RF) fingerprinting is proposed to distinguish between legitimate messages and fake ones. The proposed transmitter signature is described and an intrusion detection algorithm is developed and evaluated in case of different intrusion configurations, also with the use of real recorded data. The results show that it is possible to detect the presence of fake messages with a high probability of detection and very low probability of false alarm.
This is an open access article distributed under the Creative Commons Attribution License
which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited