The Automatic Dependent Surveillance-Broadcast (ADS-B) system is a key
component of the Next Generation Air Transportation System (NextGen) that
manages the increasingly congested airspace. It provides accurate aircraft
localization and efficient air traffic management and also improves the safety
of billions of current and future passengers. While the benefits of ADS-B are
well known, the lack of basic security measures like encryption and
authentication introduces various exploitable security vulnerabilities. One
practical threat is the ADS-B spoofing attack that targets the ADS-B ground
station, in which the ground-based or aircraft-based attacker manipulates the
International Civil Aviation Organization (ICAO) address (a unique identifier
for each aircraft) in the ADS-B messages to fake the appearance of non-existent
aircraft or masquerade as a trusted aircraft. As a result, this attack can
confuse the pilots or the air traffic control personnel and cause dangerous
maneuvers. In this paper, we introduce SODA - a two-stage Deep Neural Network
(DNN)-based spoofing detector for ADS-B that consists of a message classifier
and an aircraft classifier. It allows a ground station to examine each incoming
message based on the PHY-layer features (e.g., IQ samples and phases) and flag
suspicious messages. Our experimental results show that SODA detects
ground-based spoofing attacks with a probability of 99.34%, while having a very
small false alarm rate (i.e., 0.43%). It outperforms other machine learning
techniques such as XGBoost, Logistic Regression, and Support Vector Machine. It
further identifies individual aircraft with an average F-score of 96.68% and an
accuracy of 96.66%, with a significant improvement over the state-of-the-art
detector.Comment: Accepted to IEEE CNS 201
