Abstract:<p>As a key technology of the new generation air traffic surveillance system, ADS-B (Automatic Dependent Surveillance-Broadcast) is vulnerable to cyber security challenges because it lacks data integrity and authentication mechanism. For detecting ADS-B data attacks accurately, an anomaly detection model is proposed which fully considers temporal correlations and distribution characteristics of ADS-B data. First, VAE (Variational AutoEncoder) is used to reconstruct ADS-B data so that the reconstructed values can be obtained. Then, for the sake of solving the adaptive problem of anomaly detection threshold, the difference values between the reconstructed values and the actual values are put into SVDD (Support Vector Data Description) for training, and a hypersphere classifier that can detect ADS-B anomaly data is obtained. In addition, in order to prevent overfitting and underfitting, appropriate reconstructed values are selected which can reduce FPR (False Positive Rate) and FNR (False Negative Rate) of anomaly detection. Experiments show that the VAE-SVDD model can detect ADS-B anomaly data which is generated by attacks such as random position deviation and constant position deviation. Moreover, compared with other machine learning methods, this model is not only more adaptable, but also has a lower FPR and FNR.</p>

What problem does this paper attempt to address?

The problem that this paper attempts to solve is: **How to accurately detect anomalies in ADS - B (Automatic Dependent Surveillance - Broadcast) data to address cybersecurity challenges**. Specifically, as a key technology in the new - generation air traffic monitoring system, ADS - B technology is vulnerable to various cyber - attacks (such as jamming, message injection, message tampering, etc.) due to the lack of data integrity and authentication mechanisms. To solve this problem, the paper proposes an anomaly detection model based on VAE (Variational Auto - Encoder) and SVDD (Support Vector Data Description). The following are the specific problems that the paper attempts to solve: 1. **Considering temporal correlation and distribution characteristics**: Traditional anomaly detection methods often overlook the temporal correlation and distribution characteristics of ADS - B data, resulting in poor detection performance. The paper reconstructs ADS - B data by designing a VAE model and fully considers these characteristics. 2. **Threshold adaptability problem**: The thresholds determined by manual analysis of reconstruction errors or prediction errors may not have good adaptability. The paper solves this problem by inputting the difference between the reconstructed value and the actual value into SVDD for training. 3. **Over - fitting and under - fitting problems**: During the training process, the model is prone to over - fitting or under - fitting phenomena, resulting in a high false positive rate (FPR) and false negative rate (FNR). The paper effectively reduces the impact of over - fitting and under - fitting by selecting appropriate reconstruction values (for example, the median based on cosine similarity). ### Core objective of the paper The goal of the paper is to construct a model capable of detecting ADS - B abnormal data, especially abnormal data generated by attacks such as random position deviation and constant position deviation. Experimental results show that the proposed VAE - SVDD model is not only more adaptable to different attack scenarios but also has lower FPR and FNR compared to other machine - learning methods. ### Summary The main contributions of the paper are: - Using VAE to reconstruct ADS - B data and learn distribution characteristics. - Using SVDD to solve the threshold adaptability problem. - Increasing the dimension of VAE latent variables and designing BiGRU hidden layers to fully utilize temporal correlation. - Reducing the impact of over - fitting and under - fitting by selecting appropriate reconstruction values. Ultimately, this model can effectively detect ADS - B abnormal data in multiple attack scenarios and enhance the security of the air traffic monitoring system.

ADS-B anomaly data detection model based on VAE-SVDD

TTSAD:TCN-Transformer-SVDD Model for Anomaly Detection in Air Traffic ADS-B Data

Robust and Unsupervised KPI Anomaly Detection Based on Highly Sensitive Conditional Variational Auto-Encoders.

VizADS-B: Analyzing Sequences of ADS-B Images Using Explainable Convolutional LSTM Encoder-Decoder to Detect Cyber Attacks

Auto-AD: Autonomous Hyperspectral Anomaly Detection Network Based on Fully Convolutional Autoencoder

GAN-LSTM-Based ADS-B Attack Detection in the Context of Air Traffic Control

Adversarial Attacks against Deep-Learning-Based Automatic Dependent Surveillance-Broadcast Unsupervised Anomaly Detection Models in the Context of Air Traffic Management

Using LSTM encoder-decoder algorithm for detecting anomalous ADS-B messages

Analyzing Sequences of Airspace States to Detect Anomalous Traffic Conditions

A CVAE-Based Anomaly Detection Algorithm for Cyber Physical Attacks for Water Distribution Systems

VAE-based Deep SVDD for anomaly detection

Multivariate time series anomaly detection with variational autoencoder and spatial–temporal graph network

Segmentation-Based Adversarial Denoising Auto-Encoder for Anomaly Detection in Multivariate Time Series Data

Unsupervised Anomaly Detection in Flight Data Using Convolutional Variational Auto-Encoder

Self-adversarial variational autoencoder with spectral residual for time series anomaly detection

Anomaly Data Detection for ADS- B Based on Zero-bias Inception Network

DAE : Discriminatory Auto-Encoder for multivariate time-series anomaly detection in air transportation

FE-VAD: High-Low Frequency Enhanced Weakly Supervised Video Anomaly Detection

Aircraft trajectory prediction and aviation safety in ADS-B failure conditions based on neural network

Detecting ADS-B Spoofing Attacks Using Deep Neural Networks

Automatic Dependent Surveillance-Broadcast Deceptive Jamming Detection Method Based on Track Data