Detection of false AIS messages for the improvement of maritime situational awareness

International audienceThe Automatic Identification System (AIS) was initially designed for safety and security of navigation purposes. However it was progressively also used for other objectives, such as surveillance, and thus led to the discovery of behaviors such as the falsification of the AIS messages by people that have been carrying out illegal activities and will to keep their activities up in an hidden way. In addition, the messages contain erroneous data and undergo spoofing attacks. The paper introduces the quality dimensions of data that shall be used in a quality assessment of AIS messages, in order to point out the dubious ones. The principles of a methodological approach for the detection of such data errors and falsifications are introduced

Data Quality Assessment for Maritime Situation Awareness

International audienceThe Automatic Identification System (AIS) initially designed to ensure maritime security through continuous position reports has been progressively used for many extended objectives. In particular it supports a global monitoring of the maritime domain for various purposes like safety and security but also traffic management, logistics or protection of strategic areas, etc. In this monitoring, data errors, misuse, irregular behaviours at sea, malfeasance mechanisms and bad navigation practices have inevitably emerged either by inattentiveness or voluntary actions in order to circumvent, alter or exploit such a system in the interests of offenders. This paper introduces the AIS system and presents vulnerabilities and data quality assessment for decision making in maritime situational awareness cases. The principles of a novel methodological approach for modelling, analysing and detecting these data errors and falsification are introduced

Formalisation of a data analysis environment based on anomaly detection for risk assessment : Application to Maritime Domain Awareness

Il existe différents systèmes de localisation de navires en mer qui favorisent une aide à la navigation et une sécurisation du trafic maritime. Ces systèmes sont également utilisés en tant qu’outils de surveillance et d’aide à la décision par les centres de surveillance basés à terre. Le Système d’Identification Automatique (AIS) déployé par l’Organisation Maritime Internationale, bien qu’étant le système de localisation de navires le plus utilisé de nos jours, est faiblement sécurisé. Cette vulnérabilité est illustrée par des cas réels et détectés tels que des usurpations d’identité ou des disparitions volontaires de navires qui sont sources de risques pour les navires, les infrastructures offshores et côtières et l’environnement.Nous proposons dans cette thèse une démarche méthodologique d’analyse et d’évaluation des messages AIS fondée sur les dimensions de la qualité de la donnée, dont l’intégrité considérée comme la plus importante de ces dimensions. Du fait de la structure complexe de l’AIS, une liste d'indicateurs a été établie, afin d’évaluer l'intégrité de la donnée, sa conformité avec les spécifications techniques du système et la cohérence des champs des messages entre eux et au sein d’un seul ou plusieurs messages. Notre démarche repose également sur l’usage d’informations additionnelles telles que des données géographiques ou des registres de navires afin d’évaluer la véracité et l’authenticité d’un message AIS et de son expéditeur.Enfin, une évaluation des risques associés est proposée, permettant une meilleurecompréhension de la situation maritime ainsi que l’établissement de liens de causalité entre les vulnérabilités du système et les risques relevant de la sécurité et sûreté de la navigation maritime.At sea, various systems enable vessels to be aware of their environment and on the coast, those systems, such as radar, provide a picture of the maritime traffic to the coastal states. One of those systems, the Automatic Identification System (AIS) is used for security purposes (anti-collision) and as a tool for on-shore bodies as a control and surveillance and decision-support tool.An assessment of AIS based on data quality dimensions is proposed, in which integrity is highlighted as the most important of data quality dimensions. As the structure of AIS data is complex, a list of integrity items have been established, their purpose being to assess the consistency of the data within the data fields with the technical specifications of the system and the consistency of the data fields within themselves in a message and between the different messages. In addition, the use of additional data (such as fleet registers) provides additional information to assess the truthfulness and the genuineness of an AIS message and its sender.The system is weekly secured and bad quality data have been demonstrated, such as errors in the messages, data falsification or data spoofing, exemplified in concrete cases such as identity theft or vessel voluntary disappearances. In addition to message assessment, a set of threats have been identified, and an assessment of the associated risks is proposed, allowing a better comprehension of the maritime situation and the establishment of links between the vulnerabilities caused by the weaknesses of the system and the maritime risks related to the safety and security of maritime navigation

Formalisation d'un environnement d'analyse des données basé sur la détection d'anomalies pour l'évaluation de risques : Application à la connaissance de la situation maritime

At sea, various systems enable vessels to be aware of their environment and on the coast, those systems, such as radar, provide a picture of the maritime traffic to the coastal states. One of those systems, the Automatic Identification System (AIS) is used for security purposes (anti-collision) and as a tool for on-shore bodies as a control and surveillance and decision-support tool.An assessment of AIS based on data quality dimensions is proposed, in which integrity is highlighted as the most important of data quality dimensions. As the structure of AIS data is complex, a list of integrity items have been established, their purpose being to assess the consistency of the data within the data fields with the technical specifications of the system and the consistency of the data fields within themselves in a message and between the different messages. In addition, the use of additional data (such as fleet registers) provides additional information to assess the truthfulness and the genuineness of an AIS message and its sender.The system is weekly secured and bad quality data have been demonstrated, such as errors in the messages, data falsification or data spoofing, exemplified in concrete cases such as identity theft or vessel voluntary disappearances. In addition to message assessment, a set of threats have been identified, and an assessment of the associated risks is proposed, allowing a better comprehension of the maritime situation and the establishment of links between the vulnerabilities caused by the weaknesses of the system and the maritime risks related to the safety and security of maritime navigation.Il existe différents systèmes de localisation de navires en mer qui favorisent une aide à la navigation et une sécurisation du trafic maritime. Ces systèmes sont également utilisés en tant qu’outils de surveillance et d’aide à la décision par les centres de surveillance basés à terre. Le Système d’Identification Automatique (AIS) déployé par l’Organisation Maritime Internationale, bien qu’étant le système de localisation de navires le plus utilisé de nos jours, est faiblement sécurisé. Cette vulnérabilité est illustrée par des cas réels et détectés tels que des usurpations d’identité ou des disparitions volontaires de navires qui sont sources de risques pour les navires, les infrastructures offshores et côtières et l’environnement.Nous proposons dans cette thèse une démarche méthodologique d’analyse et d’évaluation des messages AIS fondée sur les dimensions de la qualité de la donnée, dont l’intégrité considérée comme la plus importante de ces dimensions. Du fait de la structure complexe de l’AIS, une liste d'indicateurs a été établie, afin d’évaluer l'intégrité de la donnée, sa conformité avec les spécifications techniques du système et la cohérence des champs des messages entre eux et au sein d’un seul ou plusieurs messages. Notre démarche repose également sur l’usage d’informations additionnelles telles que des données géographiques ou des registres de navires afin d’évaluer la véracité et l’authenticité d’un message AIS et de son expéditeur.Enfin, une évaluation des risques associés est proposée, permettant une meilleurecompréhension de la situation maritime ainsi que l’établissement de liens de causalité entre les vulnérabilités du système et les risques relevant de la sécurité et sûreté de la navigation maritime

A geometry-based fuzzy approach for long-term association of vessels to maritime routes

International audienceEither for recreational or professional reasons, ships travel across the globe generating a network of maritime traffic with routes connecting key areas such as ports, off-shore facilities or fishing areas. Monitoring vessels’ position relatively to maritime routes provides crucial information about their destination, and can help reducing the risk of collision. In this paper, we implement a fuzzy logic approach for associating vessels to maritime routes, suitable to variable surveillance contexts and very sparse data. Moreover, the framework is agnostic to the way maritime routes are provided, either reflecting patterns-of-life from statistical models extracted from real data or being hand-crafted by a user. Fuzzy membership functions enable expressing that vessels can belong more or less to route corridors, while they follow only one of the possible routes. The computation of membership scores relies on a precise distance computation involving geometrical properties of Earth, valid for very large route segments. The defuzzification step allows non-specific outputs. Several instantiations with aggregation operators of different semantics are compared on a real dataset of tracklets from the Automatic Identification System, with ground truth labels of routes. The performance is assessed in a quality space along with the three dimensions of correctness, specificity and confidence

Uses and Misuses of the Automatic Identification System

International audienceThe Automatic Identification System (AIS) is widely used by mariners at sea as a compulsory collision prevention device on-board. Since the inception of collaborative platforms that gather AIS messages received by a network of stations, large worldwide AIS datasets can be assembled and enable a series of analyses of the maritime traffic, including an increase of the maritime domain awareness, the assessment and prediction of trajectories, the detection of anomalies, the measurement of fishing pressure, vessel-born noise and air pollution and the global modelling of the maritime traffic. However a series of misuses of the AIS does exist, and data may lack reliability as some users broadcast errors or intentionally falsify the information sent by the device. In this respect, a methodology to assess the integrity and veracity of AIS messages has been developed, leading to the determination of maritime risks in support to maritime monitoring activities. In this paper, an exemplification is proposed, based on AIS possible integrity issues on kinematic data

A System for Alert Triggering based on AIS Data Integrity Analysis ; Decision Support and Risk Assessment for Operational Effectiveness

It has been demonstrated that the AIS initially set for security purposes, suffers from errors, falsifications and spoofing cases ([1] and [2]) A system for alert triggering based on AIS messages treatment and behavioural analysis has been set. This system is made of several modules [3], one for data storage, one for data analysis (with archived data or on-the-fly) and another one for scenario assessment leading to risk evaluation and alert triggering. We propose a method taking into consideration the complex structure of AIS messages[4], in which each message data quality and integrity is assessed with respect to AIS specifications, other messages (either sent by the same vessel or not) and some environmental data (such as fleet registers). A set of selected scenarios have been implemented (such as identity theft, whereabouts spoofing, vessel disappearance) and are assessed subsequently. Those scenarios are linked to risks of maritime navigation such as collisions, illegal trade or terrorism, the analysis of which, in conjunction with the vessel environment, leading to the assignment of levels of alert corresponding to the risks defined, suitable to be handed to relevant authorities as decision support information. References: [1] Ray C., Iphar C., Napoli A., Gallen R. and Bouju A.,DeAIS project: Detection of AIS Spoofing and Resulting Risks. In: proceedings of OCEANS 2015, 18-21 May 2015; [2] Balduzzi M., Pasta A. and Wilhoit K., A security evaluation of AIS automated identification system. In: proceedings of ACSAC 2014, 7-12 December 2014; [3] Iphar C., Napoli A. and Ray C., Integrity Assessment of a Worldwide Maritime Tracking System for a Geospatial Risk Analysis at Sea. In: proceedings of the 20th AGILE Conference, 9-12 May 2017; [4] Tunaley J.K.E., Utility of Various AIS Messages for Maritime Awareness. In: Proceedings of the 9th Advanced SAR Workshop. 15-18 October 2013

Data integrity assessment for maritime anomaly detection

In the last years, systems broadcasting mobility data underwent a rise in cyberthreats, jeopardising their normal use and putting both users and their environment at risk. In this respect, anomaly detection methods are needed to ensure an assessment of such systems. In this article, we propose a rule-based method for data integrity assessment, with rules built from the system technical specifications and by domain experts, and formalised by a logic-based framework, resulting in the triggering of situation-specific alerts. A use case is proposed on the Automatic Identification System, a worldwide localisation system for vessels, based on its poor level of security which allows errors, falsifications and spoofing scenarios. The discovery of abnormal reporting cases aims to assist marine traffic surveillance, preserve the human life at sea and mitigate hazardous behaviours against ports, off-shore structures and the environment

An expert-based method for the risk assessment of anomalous maritime transportation data

International audienc

A method for integrity assessment of information in a worldwide maritime localization system

International audienceThe Automatic Identification System (AIS) is an electronic system enabling vessels to send localization messages. Those messages are used for several uses such as fleet monitoring, traffic control or boarding prevention. The messages sent contain errors, falsifications and undergo spoofing due to the unsecured channel of transmission, and that weakens the whole system and the safety of navigation. This paper introduces the methods for the integrity assessment of messages and the discovery of anomalous data, particularly based on spatial information, which is the cornerstone of AIS messages. This will lead to the determination of non-genuine messages and the highlighting of falsifiers, with the objectives to discover the falsifications, point out the falsifiers, remove the falsified messages from the following studies and thus improve the effectiveness of the system