Positioning Error Prediction and Training Data Evaluation in RF Fingerprinting Method
Radio Frequency (RF) fingerprinting-based localization has become a research interest due to its minimum hardware requirement and satisfiable positioning accuracy. However, despite the significant attention this topic has gained, most of the research focused on the calculation of position estimates. In this paper, we propose a simple and novel method that can be used as an indicator of fingerprinting positioning error. The method is based on cluster radius evaluation of multiple fingerprinting data during the test phase, which can be used by a Location Based Service (LBS) provider to predict the user position estimation accuracy. This method can be used effectively in real-time to predict t…
On the (In)Security of 1090ES and UAT978 Mobile Cockpit Information Systems : An Attacker Perspective on the Availability of ADS-B Safety- and Mission-Critical Systems
Automatic dependent surveillance-broadcast (ADS-B) is a key air surveillance technology and a critical component of next-generation air transportation systems. It significantly simplifies aircraft surveillance technology and improves airborne traffic situational awareness. Many types of mobile cockpit information systems (MCISs) are based on ADS-B technology. MCIS gives pilots the flight and traffic-related information they need. MCIS has two parts: an ADS-B transceiver and an electronic flight bag (EFB) application. The ADS-B transceivers transmit and receive the ADS-B radio signals while the EFB applications hosted on mobile phones display the data. Because they are cheap, lightweight, an…
Improving RF Fingerprinting Methods by Means of D2D Communication Protocol
Radio Frequency (RF) fingerprinting is widely applied for indoor positioning due to the existing Wi-Fi infrastructure present in most indoor spaces (home, work, leisure, among others) and the widespread usage of smartphones everywhere. It corresponds to a simple idea, the signal signature in a location tends to be stable over the time. Therefore, with the signals received from multiple APs, a unique fingerprint can be created. However, the Wi-Fi signal is affected by many factors which degrade the positioning error range to around a few meters. This paper introduces a collaborative method based on device-to-device (D2D) communication to improve the positioning accuracy using only fingerprin…
Analysis of Received Signal Strength Quantization in Fingerprinting Localization
In recent times, Received Signal Strength (RSS)-based Wi-Fi fingerprinting localization has become one of the most promising techniques for indoor localization. The primary aim of RSS is to check the quality of the signal to determine the coverage and the quality of service. Therefore, fine-resolution RSS is needed, which is generally expressed by 1-dBm granularity. However, we found that, for fingerprinting localization, fine-granular RSS is unnecessary. A coarse-granular RSS can yield the same positioning accuracy. In this paper, we propose quantization for only the effective portion of the signal strength for fingerprinting localization. We found that, if a quantized RSS fingerprint can …
Cybersecurity Attacks on Software Logic and Error Handling Within ADS-B Implementations: Systematic Testing of Resilience and Countermeasures
Automatic Dependent Surveillance-Broadcast (ADS-B) is a cornerstone of the next-generation digital sky and is now mandated in several countries. However, there have been many reports of serious security vulnerabilities in the ADS-B architecture. In this paper, we demonstrate and evaluate the impact of multiple cyberattacks on ADS-B via remote radio frequency links that affected various network, processing, and display subsystems used within the ADS-B ecosystem. Overall we implemented and tested 12 cyberattacks on ADS-B in a controlled environment, out of which 5 attacks were presented or implemented for the first time. For all these attacks, we developed a unique testbed that consisted of 1…
Cybersecurity Attacks on Software Logic and Error Handling Within AIS Implementations: A Systematic Testing of Resilience
To increase situational awareness of maritime vessels and other entities and to enable their exchange of various information, the International Maritime Organization mandated the use of the Automatic Identification System (AIS) in 2004. The AIS is a self-reporting system that uses the VHF radio link. However, any radio-based self-reporting system is prone to forgery, especially in situations where authentication of the message is not designed into the architecture. As AIS was designed in the 1990s when cyberattacks were in their infancy, it does not implement authentication or encryption; thus, it can be seen as fundamentally vulnerable against modern-day cyberattacks. This paper demonstrat…
GDL90fuzz: Fuzzing - GDL-90 Data Interface Specification Within Aviation Software and Avionics Devices–A Cybersecurity Pentesting Perspective
As the core part of next-generation air transportation systems, the Automatic Dependent Surveillance-Broadcast (ADS-B) is becoming very popular. However, many (if not most) ADS-B devices and implementations support and rely on Garmin’s GDL-90 protocol for data exchange and encapsulation. In this paper, we research GDL-90 protocol fuzzing options and demonstrate practical Denial-of-Service (DoS) attacks on popular Electronic Flight Bag (EFB) software operating on mobile devices. For this purpose, we specifically configured our own avionics pentesting platform. and targeted the popular Garmin’s GDL-90 protocol as the industry-leading devices operate on it. We captured legitimate traffic from …