Andrei Costin, Hannu Turtiainen, Syed Khandkher and Timo Hamalainen (Faculty of Information Technology, University of Jyvaskyla, Finland)

Presenter: Andrei Costin

Aviation, maritime, and aerospace traffic control, radar, communication, and software technologies received increasing attention in the research literature over the past decade, as software-defined radios have enabled practical wireless attacks on communication links previously thought to be unreachable by unskilled or low-budget attackers. Moreover, recently it became apparent that both offensive and defensive cybersecurity has become a strategically differentiating factor for such technologies on the war fields (e.g., Ukraine), affecting both civilian and military missions regardless of their involvement. However, attacks and countermeasures are usually studied in simulated settings, thus introducing the lack of realism or non-systematic and highly customized practical setups, thus introducing high costs, overheads, and less reproducibility. Our ``Unified Cybersecurity Testing Lab'' seeks to close this gap by building a laboratory that can provide a systematic, affordable, highly-flexible, and extensible setup.

In this paper, we introduce and motivate our ``Unified Cybersecurity Testing Lab for Satellite, Aerospace, Avionics, Maritime, Drone (SAAMD)'' technologies and communications, as well as some peer-reviewed results and evaluation of the targeted threat vectors. We show via referenced peer-reviewed works that the current modules of the lab were successfully used to realistically attack and analyze air-traffic control, radar, communication, and software technologies such as ADS-B, AIS, ACARS, EFB, EPIRB and COSPAS-SARSAT. We are currently developing and integrating support for additional technologies (e.g., CCSDS, FLARM), and we plan future extensions on our own as well as in collaboration with research and industry. Our ``Unified Cybersecurity Testing Lab'' is open for use, experimentation, and collaboration with other researchers, contributors and interested parties.

View More Papers

QUICforge: Client-side Request Forgery in QUIC

Yuri Gbur (Technische Universität Berlin), Florian Tschorsch (Technische Universität Berlin)

Read More

Exploiting Transport Protocol Vulnerabilities in SAE J1939 Networks

Rik Chatterjee, Subhojeet Mukherjee, Jeremy Daily (Colorado State University)

Read More

WIP: Augmenting Vehicle Safety With Passive BLE

Noah T. Curran (University of Michigan), Kang G. Shin (University of Michigan), William Hass (Lear Corporation), Lars Wolleschensky (Lear Corporation),...

Read More

StealthyIMU: Stealing Permission-protected Private Information From Smartphone Voice Assistant...

Ke Sun (University of California San Diego), Chunyu Xia (University of California San Diego), Songlin Xu (University of California San...

Read More