ADS-B anomaly data detection model based on VAE-SVDD

Peng Luo,Buhong Wang,Tengyao Li,Jiwei Tian
DOI: https://doi.org/10.1016/j.cose.2021.102213
2021-05-01
Abstract:<p>As a key technology of the new generation air traffic surveillance system, ADS-B (Automatic Dependent Surveillance-Broadcast) is vulnerable to cyber security challenges because it lacks data integrity and authentication mechanism. For detecting ADS-B data attacks accurately, an anomaly detection model is proposed which fully considers temporal correlations and distribution characteristics of ADS-B data. First, VAE (Variational AutoEncoder) is used to reconstruct ADS-B data so that the reconstructed values can be obtained. Then, for the sake of solving the adaptive problem of anomaly detection threshold, the difference values between the reconstructed values and the actual values are put into SVDD (Support Vector Data Description) for training, and a hypersphere classifier that can detect ADS-B anomaly data is obtained. In addition, in order to prevent overfitting and underfitting, appropriate reconstructed values are selected which can reduce FPR (False Positive Rate) and FNR (False Negative Rate) of anomaly detection. Experiments show that the VAE-SVDD model can detect ADS-B anomaly data which is generated by attacks such as random position deviation and constant position deviation. Moreover, compared with other machine learning methods, this model is not only more adaptable, but also has a lower FPR and FNR.</p>
computer science, information systems
What problem does this paper attempt to address?
The problem that this paper attempts to solve is: **How to accurately detect anomalies in ADS - B (Automatic Dependent Surveillance - Broadcast) data to address cybersecurity challenges**. Specifically, as a key technology in the new - generation air traffic monitoring system, ADS - B technology is vulnerable to various cyber - attacks (such as jamming, message injection, message tampering, etc.) due to the lack of data integrity and authentication mechanisms. To solve this problem, the paper proposes an anomaly detection model based on VAE (Variational Auto - Encoder) and SVDD (Support Vector Data Description). The following are the specific problems that the paper attempts to solve: 1. **Considering temporal correlation and distribution characteristics**: Traditional anomaly detection methods often overlook the temporal correlation and distribution characteristics of ADS - B data, resulting in poor detection performance. The paper reconstructs ADS - B data by designing a VAE model and fully considers these characteristics. 2. **Threshold adaptability problem**: The thresholds determined by manual analysis of reconstruction errors or prediction errors may not have good adaptability. The paper solves this problem by inputting the difference between the reconstructed value and the actual value into SVDD for training. 3. **Over - fitting and under - fitting problems**: During the training process, the model is prone to over - fitting or under - fitting phenomena, resulting in a high false positive rate (FPR) and false negative rate (FNR). The paper effectively reduces the impact of over - fitting and under - fitting by selecting appropriate reconstruction values (for example, the median based on cosine similarity). ### Core objective of the paper The goal of the paper is to construct a model capable of detecting ADS - B abnormal data, especially abnormal data generated by attacks such as random position deviation and constant position deviation. Experimental results show that the proposed VAE - SVDD model is not only more adaptable to different attack scenarios but also has lower FPR and FNR compared to other machine - learning methods. ### Summary The main contributions of the paper are: - Using VAE to reconstruct ADS - B data and learn distribution characteristics. - Using SVDD to solve the threshold adaptability problem. - Increasing the dimension of VAE latent variables and designing BiGRU hidden layers to fully utilize temporal correlation. - Reducing the impact of over - fitting and under - fitting by selecting appropriate reconstruction values. Ultimately, this model can effectively detect ADS - B abnormal data in multiple attack scenarios and enhance the security of the air traffic monitoring system.