This document summarizes a presentation about security vulnerabilities in Automatic Dependent Surveillance-Broadcast (ADS-B), a key component of the Next Generation Air Transportation System. The presenter notes that ADS-B transmissions are unencrypted and authentication, allowing anyone to eavesdrop on air traffic or inject fake planes into air traffic control systems. Several potential threats are outlined, including ghost flights, GPS jamming, and spoofing. The presenter expresses concern that security does not seem to have been adequately addressed and calls for further research and discussion to help address these issues.
Who We Are:
A team of leading edge and mutually supporting companies specializing in Force Protection (FP) and Intelligence, Surveillance, and Reconnaissance (ISR)
Recognized experts with backgrounds in US and Foreign governments/militaries, US and Foreign commercial industries, and academia
Decades of operational experience in FP and ISR worldwide
Focused on Critical Infrastructure FP, Unmanned and Manned ISR, and Border Protection/ISR
Where Can We Support You:
Provide Services and Systems Integration
Provide Intelligence, Surveillance, and Reconnaissance (ISR)
Small Unmanned Aerial Systems (UAS)
Tactical Unmanned Aerial Systems (UAS)
Tactical Manned Aircraft
Unmanned Ground Sensors
Provide Escalation of Force
Nonlethal to Lethal
Provide Communications, Information, and Analysis
Provide As Needed Capabilities
The f 35- culture change you can believe in v2ICSA, LLC
This briefing focuses upon the strategic impact of fleet wide U.S. and allied acquisition and operation of F-35s. This "flying combat system" deployed and operated as a fleet has strategic consequences. The allies are always forward deployed; US forces can plug into the F-35 And Aegis fleets in the Pacific and provide surge and augmentation capability or the US can lead an effort to which allies can contribute. The entire power projection dynamic is altered; your power projection capability is ALWAYS forward deployed.
Presented at Pubcon Las Vegas October 21, 2013 - In this presentation the misinformation contained in digital analtyic reporting and software is explored with the solution on how to dig through the data for the truth
Who We Are:
A team of leading edge and mutually supporting companies specializing in Force Protection (FP) and Intelligence, Surveillance, and Reconnaissance (ISR)
Recognized experts with backgrounds in US and Foreign governments/militaries, US and Foreign commercial industries, and academia
Decades of operational experience in FP and ISR worldwide
Focused on Critical Infrastructure FP, Unmanned and Manned ISR, and Border Protection/ISR
Where Can We Support You:
Provide Services and Systems Integration
Provide Intelligence, Surveillance, and Reconnaissance (ISR)
Small Unmanned Aerial Systems (UAS)
Tactical Unmanned Aerial Systems (UAS)
Tactical Manned Aircraft
Unmanned Ground Sensors
Provide Escalation of Force
Nonlethal to Lethal
Provide Communications, Information, and Analysis
Provide As Needed Capabilities
The f 35- culture change you can believe in v2ICSA, LLC
This briefing focuses upon the strategic impact of fleet wide U.S. and allied acquisition and operation of F-35s. This "flying combat system" deployed and operated as a fleet has strategic consequences. The allies are always forward deployed; US forces can plug into the F-35 And Aegis fleets in the Pacific and provide surge and augmentation capability or the US can lead an effort to which allies can contribute. The entire power projection dynamic is altered; your power projection capability is ALWAYS forward deployed.
Presented at Pubcon Las Vegas October 21, 2013 - In this presentation the misinformation contained in digital analtyic reporting and software is explored with the solution on how to dig through the data for the truth
Some recent claims have been made concerning the ability to remotely hijack airplanes. This talk examines those claims.
Videos for slides are now available:
https://www.youtube.com/watch?v=dOlM1weOF8g
https://www.youtube.com/watch?v=-6IW-vJSHeU
https://www.youtube.com/watch?v=LHqnUUiowjs
Using a modern data stack to explore and visualize the impact of a global pan...Data Con LA
Data Con LA 2020
Description
Amid the recent COVID-19 pandemic, we are curious to explore and visualize its impact on global airline traffic such as flight frequencies, volume and schedules. We are also interested in utilizing non-flight-related datasets in this analysis from organizations such as the John Hopkins University Center for Systems Science. OnPrem Solution Partners has built a fully operationalized data ingestion, transformation, and analysis platform using modern tools such as Snowflake, dbt, and Streamsets Data Collector to capture and analyze flight data. Our primary data source consists of minute-by-minute flight data from flights globally. We have been collecting and storing this state data since November 2018 and now have billions of records accumulated for analysis. In addition, we load auxiliary data into Snowflake to form a comprehensive analysis and reporting platform. We have explored the following use cases:
*How the overall number of flights changes as the virus spreads?
*How do the number of flights change for a specific region as the number of positive tests/deaths change?
*How does the number of flights to/from countries with the highest number of cases (hot zones) change?
Speaker
Yasha Mouradi, OnPrem Solution Partners, Data & Analytics Manager
iPad pilot proficiency check: How to fly like a pro with your iPadSporty's Pilot Shop
The iPad is practically required equipment for many pilots and there's no question it has improved safety and reduced the costs associated with flying. iPad Proficiency Check will include a series of insightful recommendations, strategies and other tips that pilots of all experience levels should know when flying with the iPad.
Topics include hidden software features, iPad "gotchas", flying with ADS-B weather, iPad connected panel, ForeFlight tips, airport operations and runway safety, battery management, mounting and much more.
An APM webinar, held on 27 October 2020, presented by Tim Whitaker, Andy Huggett and Peter Brown
https://www.apm.org.uk/news/drones-in-project-management-webinar/
https://youtu.be/cZNVyG5aOrk
ADS-B: A pilot's guide to understanding the system and avionicsSporty's Pilot Shop
Join Sporty's John Zimmerman for a detailed look at Automatic Dependent Surveillance - Broadcast, the technology that's changing how pilots fly. From the basics of the system to portable ADS-B receivers to panel-mount ADS-B transmitters, you'll learn what ADS-B really means and how to fly with it.
Presented at the 2016 EAA AirVenture Oshkosh.
This is a report on ‘drones-an introduction&design’.In this
report I tried to give an introduction about drones or unmanned
aerial vehicles (UAVs) and some preliminary design parameters.
Introduction portion consists of drone history, technology, uses,
and the current generation of drones. Design portion includes
parameters like aerodynamics, payload, endurance, speed and
range, navigation systems and communications.
Context Driven Delivery of Aeronautical InformationWen Zhu
Presentation at Air Transportation Information Exchange Conference
Today, mission planners and pilots must access and process an overwhelming volume of information (e.g. NOTAMs, special activity airspace data, airport data and weather), of which only a small portion of that information is relevant to the mission. In this presentation, we will demonstrate a Semantic Decision Support Tool (SDST) that pulls together information from disparate sources and delivers context-specific information to an end user (e.g. a pilot or an air traffic controller) based on, among other things, flight mission, phase of flight, and type of aircraft.
Добро пожаловать в очередной выпуск ежемесячного сборника материалов, который является вашим универсальным ресурсом для получения информации о самых последних разработках, аналитических материалах и лучших практиках в постоянно развивающейся области безопасности. В этом выпуске мы подготовили разнообразную подборку статей, новостей и результатов исследований, рассчитанных как на профессионалов, так и на обычных любителей. Цель нашего дайджеста - сделать наш контент интересным и доступным. Приятного чтения
(https://boosty.to/chronicles_security + ссылки на источник внутри документа)
Добро пожаловать в очередной выпуск ежемесячного сборника материалов, который является вашим универсальным ресурсом для получения информации о самых последних разработках, аналитических материалах и лучших практиках в постоянно развивающейся области безопасности. В этом выпуске мы подготовили разнообразную подборку статей, новостей и результатов исследований, рассчитанных как на профессионалов, так и на обычных любителей. Цель нашего дайджеста - сделать наш контент интересным и доступным. Приятного чтения
(https://boosty.to/chronicles_security + ссылки на источник внутри документа)
More Related Content
Similar to Render man. hacker + airplanes = no good can come of this
Some recent claims have been made concerning the ability to remotely hijack airplanes. This talk examines those claims.
Videos for slides are now available:
https://www.youtube.com/watch?v=dOlM1weOF8g
https://www.youtube.com/watch?v=-6IW-vJSHeU
https://www.youtube.com/watch?v=LHqnUUiowjs
Using a modern data stack to explore and visualize the impact of a global pan...Data Con LA
Data Con LA 2020
Description
Amid the recent COVID-19 pandemic, we are curious to explore and visualize its impact on global airline traffic such as flight frequencies, volume and schedules. We are also interested in utilizing non-flight-related datasets in this analysis from organizations such as the John Hopkins University Center for Systems Science. OnPrem Solution Partners has built a fully operationalized data ingestion, transformation, and analysis platform using modern tools such as Snowflake, dbt, and Streamsets Data Collector to capture and analyze flight data. Our primary data source consists of minute-by-minute flight data from flights globally. We have been collecting and storing this state data since November 2018 and now have billions of records accumulated for analysis. In addition, we load auxiliary data into Snowflake to form a comprehensive analysis and reporting platform. We have explored the following use cases:
*How the overall number of flights changes as the virus spreads?
*How do the number of flights change for a specific region as the number of positive tests/deaths change?
*How does the number of flights to/from countries with the highest number of cases (hot zones) change?
Speaker
Yasha Mouradi, OnPrem Solution Partners, Data & Analytics Manager
iPad pilot proficiency check: How to fly like a pro with your iPadSporty's Pilot Shop
The iPad is practically required equipment for many pilots and there's no question it has improved safety and reduced the costs associated with flying. iPad Proficiency Check will include a series of insightful recommendations, strategies and other tips that pilots of all experience levels should know when flying with the iPad.
Topics include hidden software features, iPad "gotchas", flying with ADS-B weather, iPad connected panel, ForeFlight tips, airport operations and runway safety, battery management, mounting and much more.
An APM webinar, held on 27 October 2020, presented by Tim Whitaker, Andy Huggett and Peter Brown
https://www.apm.org.uk/news/drones-in-project-management-webinar/
https://youtu.be/cZNVyG5aOrk
ADS-B: A pilot's guide to understanding the system and avionicsSporty's Pilot Shop
Join Sporty's John Zimmerman for a detailed look at Automatic Dependent Surveillance - Broadcast, the technology that's changing how pilots fly. From the basics of the system to portable ADS-B receivers to panel-mount ADS-B transmitters, you'll learn what ADS-B really means and how to fly with it.
Presented at the 2016 EAA AirVenture Oshkosh.
This is a report on ‘drones-an introduction&design’.In this
report I tried to give an introduction about drones or unmanned
aerial vehicles (UAVs) and some preliminary design parameters.
Introduction portion consists of drone history, technology, uses,
and the current generation of drones. Design portion includes
parameters like aerodynamics, payload, endurance, speed and
range, navigation systems and communications.
Context Driven Delivery of Aeronautical InformationWen Zhu
Presentation at Air Transportation Information Exchange Conference
Today, mission planners and pilots must access and process an overwhelming volume of information (e.g. NOTAMs, special activity airspace data, airport data and weather), of which only a small portion of that information is relevant to the mission. In this presentation, we will demonstrate a Semantic Decision Support Tool (SDST) that pulls together information from disparate sources and delivers context-specific information to an end user (e.g. a pilot or an air traffic controller) based on, among other things, flight mission, phase of flight, and type of aircraft.
Similar to Render man. hacker + airplanes = no good can come of this (20)
Добро пожаловать в очередной выпуск ежемесячного сборника материалов, который является вашим универсальным ресурсом для получения информации о самых последних разработках, аналитических материалах и лучших практиках в постоянно развивающейся области безопасности. В этом выпуске мы подготовили разнообразную подборку статей, новостей и результатов исследований, рассчитанных как на профессионалов, так и на обычных любителей. Цель нашего дайджеста - сделать наш контент интересным и доступным. Приятного чтения
(https://boosty.to/chronicles_security + ссылки на источник внутри документа)
Добро пожаловать в очередной выпуск ежемесячного сборника материалов, который является вашим универсальным ресурсом для получения информации о самых последних разработках, аналитических материалах и лучших практиках в постоянно развивающейся области безопасности. В этом выпуске мы подготовили разнообразную подборку статей, новостей и результатов исследований, рассчитанных как на профессионалов, так и на обычных любителей. Цель нашего дайджеста - сделать наш контент интересным и доступным. Приятного чтения
(https://boosty.to/chronicles_security + ссылки на источник внутри документа)
Добро пожаловать в очередной выпуск ежемесячного сборника материалов, который является вашим универсальным ресурсом для получения информации о самых последних разработках, аналитических материалах и лучших практиках в постоянно развивающейся области безопасности. В этом выпуске мы подготовили разнообразную подборку статей, новостей и результатов исследований, рассчитанных как на профессионалов, так и на обычных любителей. Цель нашего дайджеста - сделать наш контент интересным и доступным. Приятного чтения
(https://boosty.to/irony_security + ссылки на источник внутри документа)
Добро пожаловать в очередной выпуск ежемесячного сборника материалов, который является вашим универсальным ресурсом для получения информации о самых последних разработках, аналитических материалах и лучших практиках в постоянно развивающейся области безопасности. В этом выпуске мы подготовили разнообразную подборку статей, новостей и результатов исследований, рассчитанных как на профессионалов, так и на обычных любителей. Цель нашего дайджеста - сделать наш контент интересным и доступным. Приятного чтения
(https://boosty.to/irony_security + ссылки на источник внутри документа)
Welcome to the next edition of our Monthly Digest, your one-stop resource for staying informed on the most recent developments, insights, and best practices in the ever-evolving field of security. In this issue, we have curated a diverse collection of articles, news, and research findings tailored to both professionals and casual enthusiasts. Our digest aims to make our content is both engaging and accessible. Happy reading
(https://boosty.to/overkill_security + check original source urls inside)
Welcome to the next edition of our Monthly Digest, your one-stop resource for staying informed on the most recent developments, insights, and best practices in the ever-evolving field of security. In this issue, we have curated a diverse collection of articles, news, and research findings tailored to both professionals and casual enthusiasts. Our digest aims to make our content is both engaging and accessible. Happy reading
(https://boosty.to/overkill_security + check original source urls inside)
Welcome to the next edition of our Monthly Digest, your one-stop resource for staying informed on the most recent developments, insights, and best practices in the ever-evolving field of security. In this issue, we have curated a diverse collection of articles, news, and research findings tailored to both professionals and casual enthusiasts. Our digest aims to make our content is both engaging and accessible. Happy reading
(https://boosty.to/snarky_security + check original source urls inside)
Welcome to the next edition of our Monthly Digest, your one-stop resource for staying informed on the most recent developments, insights, and best practices in the ever-evolving field of security. In this issue, we have curated a diverse collection of articles, news, and research findings tailored to both professionals and casual enthusiasts. Our digest aims to make our content is both engaging and accessible. Happy reading
(https://boosty.to/snarky_security + check original source urls inside)
The stuxnet computer worm. harbinger of an emerging warfare capability
Render man. hacker + airplanes = no good can come of this
1. Hackers +
Airplanes
No Good Can Come Of This
Confidence 2012
Brad “RenderMan” Haines, CISSP
www.renderlab.net
render@renderlab.net
Twitter: @IhackedWhat
+
=
4. Who Am I?
Consultant – Wireless, Physical,
General Security, CISSP
Author – 7 Deadliest Wireless
Attacks, Kismet Hacking, RFID
Security
Trainer – Wireless and Physical
security
5. Who Am I?
Consultant – Wireless, Physical,
General Security, CISSP
Author – 7 Deadliest Wireless
Attacks, Kismet Hacking, RFID
Security
Trainer – Wireless and Physical
security
Hacker – Renderlab.net
Hacker Group Member – Church of
Wifi, NMRC
Frequent Speaker World Wide, 4th
time at CONfidence
7. Ass Covering
● For the love of Spongebob, do not actually try
any of the ideas in this talk!!!
● We are talking about commercial airliners and
peoples lives here; serious stuff
● Use this information to make air travel safer
● Think about how this happened and make sure
future systems are built secure from the start
● Hackers need to be included in more areas
than we are now
8. Ass Covering
● I Want To Be Wrong!; If I am wrong about something,
call me on it, publicly!
● I am not a pilot, ATC operator, or in any way associated
with the airline industry or aviation beyond flying cattle
class a lot
● I may have some details or acronyms wrong, I
apologize, feel free to correct me
● This research is ongoing and too important to keep
hidden until completion
● I want to prove to myself this is safe, so far I've failed
9. Current Air Traffic Control
● Has not changed much since
1970's
● Primary radar provides range
and bearing, no elevation
● Transponder system (SSR)
queries the plane, plane
responds with a 4-digit
identifier + elevation
● ID number attached to flight
on radar scope, great deal of
manual communication and
work required
10. Current Air Traffic Control
● Transponder ID used to communicate situations
i.e. emergencies, hijacking, etc
● Transponder provides a higher power return
than primary radar reflection, longer range
● Only interrogated every 6-12 seconds, low
resolution of altitude
● Pilots get no benefit (traffic, etc)
● Requires large separation of planes (~80miles)
which limits traffic throughput in busy areas
11. Current Air Traffic Control
● IVR flights are way point
based, not optimal or direct
path
● Air travel is increasing,
capacity is limited
● Weather and other events
(i.e. Volcano's) can cause
havoc around the world
● Something needed to
change
12. Nextgen Air Traffic Control
● Late 90's FAA initiative to revamp the ATC
system in the US, and via ICAO, the world
● Do more with less
● Modernize the ATC system over approximately
20 years
● Save costs on ATC equipment, save fuel, save
time, increase capacity
● ADS-B is the key feature and the focus of this
talk
13. ADS-B
● Automatic Dependant Surveillance Broadcast
● Planes use GPS to determine their position, broadcast over
1090Mhz to ATC receivers at 1Hz
● Contains Aircraft ID, altitude, position lat/lon, bearing, speed
● Particularly useful over radar 'dead zones', i.e. mountainous
regions, Oceans, Hudsons Bay, Gulf of Mexico
● Certainty of location allows for flights to be closer (5 miles)
● ADS-B Out and ADS-B In
15. ADS-B In
● ADS-B IN: Optional equipment can be installed in
aircraft to listen to ADS-B out from planes and ATC
● Allows planes to be aware of each other without ATC
intervention (TIS-B)
● Also allows for real time weather data (FIS-B)
● Situational awareness increases dramatically, allows
more flights operate simultaneously
● Also works for ground equipment and taxiing aircraft
● Expensive!! $5-10K for ADS-B out, $20K for ADS-B In
● Not a lot of used market yet (problem for researchers)
16.
17. Planefinder AR
● I got interested purely by accident
● Bought in October 2010
● Overlays flight information through
camera
● GPS location + Direction + web
lookup of flights
● This is cool, how does it work?
● Huge world opened up of aircraft
enthusiasts
18. Planefinder.net
● Planefinder.net
● Aggregates data from all over the world
● User provided ground stations and data
● Generates near real time (~10 min delay)
Google Map of air traffic
● Supports queries for Airlines, cities, tail
numbers, flight numbers, etc
20. Scary Stuff
● The hacker side of my brain took over
● Started to investigate how this worked and what
measures may be in use to mitigate threats
● Could not immediately find answers (trust us!)
● Previous experience shows no answer usually
means hadn't thought of it, or have thought of it,
but too late, lets hide the answer
● Started digging deeper and found I'm not the
only one
21. And Now The Scary Part
● ADS-B is unencrypted and unauthenticated
● Anyone can listen to 1090Mhz and decode the
transmissions from aircraft in real time
● Simple Pulse Per Second modulated
● No data level authentication of data from aircraft, just
simple checksums
● Some correlation of primary radar sighting to
received data (More on that later)
● I am running a ground station at home, monitoring all
traffic in and out of Edmonton
22. Others
● Others have begun to look and to question
● Righter Kunkel, Defcon 18
● Balint Seeber, spench.net – SDR research
● USAF Major Donald L. McCallie – Graduate
research project
● Nick Foster – SDR and radio enthusiast
● No one has come up with solid security
answers in several years
23. Why This Matters
● Largely a N. America problem but being utilized
all over the world, adopted wider yearly
● UPS equipped all of their fleet
● ADS-B equipped planes are in the air over your
head right now
● The inevitable direction of ATC for the next
couple decades
● I fly a lot and want to get home from here safely
● A multitude of threat vectors to look at
24. ADS-B Out Threat #1
● Eavesdropping: Easily capture cleartext data of air traffic
● Data mining potential; Corporate jets, known passenger
flights (celebs), general traffic patterns
● Combine with other stations and have your own, cheap ATC
view of a country or continent
● FAA Block Aircraft Registration Request (BARR) – Block
aircraft from FAA provided flight data feed
● We are watching the raw data. Correlate hidden flights to
raw data, sell to TMZ or worse
25. ADS-B Out Threat #2
● Injection: Inject 'ghost' flights into ATC systems
● Documents that discuss fusing ADS-B with primary
radar, also discusses discontinuing primary radar
● Introduce one or many 'ghosts' into ATC
● Introduce slight variations in real flights
● Generally cause confusion at inopportune moments
(weather, major travel hubs, Olympics)
● Create regular false flights, train the system
(smugglers)
26. ADS-B Out Threat #3
● Jamming: Outright Jam ATC reception of ADS-
B signals
● Could be detected and DF'd quickly, but are
facilities available for that?
● Proper target location and timing could cause
mass chaos (London Olympics?)
● Co-ordinated jamming across many travel
hubs? Accidental or intentional?
● Simple frequency congestion already a problem
27. ADS-B In Threat #1
● Injection: Inject data into aircraft ADS-B In
displays
● Inject confusing, impossible, scary types of
traffic to illicit a response
● Introduce conflicting data between ATC and
cockpit displays
● Autopilot systems using ADS-B In data for
collision avoidance?
● No ATC involvement, no radar fusion
28. ADS-B In Threat #2
● GPS Jamming: Block planes ability to use GPS
● North Korea currently jamming GPS along
border
● UK tests found widespread use along highways
● Newark airport caused grief daily by truck
mounted jammer
● ~$20-30 on Dealextreme.com
● Easily tucked into baggage on a timer
29. ADS-B In Threat #3
● GPS Spoofing: Introduce manipulated signal to
generate false lat/lon reading
● Aircraft location no longer reliable
● Best case, fall back to traditional navigation
● Worst case, remote steering of aircraft
● Very difficult to do outside of lab
● Iran may have used this technique to capture US
drone
● May get easier with time
30. ADS-B Unknown Threats
● Some threats are total unknowns. The ATC system is
huge and hard to parse from public docs
● What about injecting data for a flight on the west coast,
into a ground station on the east coast?
● Has anyone fuzzed a 747 or control tower? Buffer
overflow at 36,000 feet?
● Look into Chris Roberts of One World Labs work on
embedded control systems on planes, ships, cars, etc.
Mix in ADS-B.....Scary stuff.
● Verification of ADS-B chip level code. Could be used
as a control channel?
31. ADS-B Threat Mitigations?
● You hope that the engineers, FAA, DHS, everyone
else looked at these threats
● FAA submitted ADS-B to NIST for Security
Certification, but.....
● “ the FAA specifically assessed the vulnerability risk
of ADS–B broadcast messages being used to target
air carrier aircraft. This assessment contains
Sensitive Security Information that is controlled
under 49 CFR parts 1 and 1520, and its content is
otherwise protected from public disclosure”
32. ADS-B Threat Mitigation
● It gets worse: “While the agency cannot
comment on the data in this study, it can
confirm, for the purpose of responding to the
comments in this rulemaking proceeding, that
using ADS–B data does not subject an aircraft
to any increased risk compared to the risk that
is experienced today” - Docket No. FAA–2007–29305;
Amdt. No.91–314
● What threats are those? Why not threats of
tomorrow?
33. ADS-B Threats
● Basically “Trust Us”
● Second time I ran across this excuse, last time was
RFID passports (look how that turned out)
● I dont know about you, but I never trust anyone who
says 'Trust Me”
● Not trying to spew FUD, but to raise awareness and
pressure to disclose more information about existing
threat mitigation technology
● Hackers looking at ATC will get a response
● Also want disclosure of procedures for 'weird crap'
34. ADS-B Threat
● A common response will be 'It's too expensive
for the common man”
● ~$20 USB TV tuner can be made into a
software defined radio and used to receive
ADS-B
● Helping Dragorn get cheap receivers working
on Kismet and ADS-B support (wardriving for
aircraft!)
35. ADS-B Threats
● Got word while in the air coming here!
● Nick Foster has implemented ADS-B Out on Gnu
Radio
● “A synthetic report generated and decoded by the
Gnuradio ADS-B receiver: (-1 0.0000000000)
Type 17 subtype 05 (position report) from abcdef
at (37.123444, -122.123439) (48.84 @ 154) at
30000ft”
● Other ADS-B protocols coming soon
● Honeymoon is over, exploit #1 is here
37. ADS-B Threats
● Plan is to release the software
● Need to run past the EFF first to make sure we
don't get shot
● We have the capability to generate arbitrary
packets, anyone else could do this
● We at least looking to access a safe target,
rather than something 'live'
● The next guys might not be so nice
38. Future
● ADS-B will be mandatory by 2020
● Already in use in N. America, Europe, China,
Australia
● Even if not in use at airports, equipped planes are
flying overhead
● Still time to develop countermeasures (don't turn
off primary radar!)
● If you have access to a 747 or similar and/or an air
traffic control tower that I can hack away at, please
let me know
39. Suggested Reading
● https://federalregister.gov/a/2010-19809 - FAA
Rulemaking on ADS-B
● http://www.hsdl.org/?abstract&did=697737 -
USAF graduate research project on ADS-B
Vulnerabilities
● http://www.radartutorial.eu - Good overview of
radar tech and ADS-B format
●
http://www.oig.dot.gov/sites/dot/files/ADS-B_Oct%202010.pdf - OIG
report on other risks to ADS-B
40. Conclusion
● This is pretty scary to consider
● We should all be working on solving problems
like this, I cant do it all
● Significant investment has been made already
● If anyone has a 747 or an airport I can borrow,
talk to me afterwards
● I want to hear your comments and your ideas
on further threats and research. Lets work on
this together!