Abstract:Communication-based train control (CBTC) technologies are widely applied in order to improve the efficiency and safety of urban rail transit systems. With the increase of informatization and automation through utilization of communication, computer and control technologies, amounts of potential security vulnerabilities are introduced into CBTC systems, where malicious attacks could be implemented. Some attacks, such as data tampering attacks cannot be efficiently detected by traditional intrusion detection systems (IDS), which can affect the safety operation of CBTC systems, e.g., rear-end collisions. Based on the operation principles and information exchange characteristics of CBTC systems, the paper firstly proposes a model to measure the effects of data tampering attacked on trains, and an intrusion detection method is developed based on the running status of the train through Kalman filter and χ 2 detector. The method improves the χ 2 detector to detect data tampering attacks and continuously output alarms during the attack. The improved method has higher accuracy and a lower false negative rate.

An Intrusion Detection Method of Data Tampering Attack in Communication-Based Train Control System.