RODAD: Resilience Oriented Decentralized Anomaly Detection for Urban Air Mobility Networks

Abstract

Urban air mobility (UAM) helps ease traffic congestion and offers cleaner, faster, and safer transportation, especially for densely populated areas. Recent events have shown that modern unmanned aerial vehicles (UAVs) are vulnerable to attacks through buggy or malicious devices, which raise concerns regarding performance, security, and privacy on UAM networks. Existing Air Traffic Service (ATS) providers mainly rely on a centralized system (e.g., Information Display System) for data aggregation, sharing, and security policy enforcement; and it incurs critical issues related to a bottleneck of data analysis, provenance, and consistency in terms of less efficiency with large computational resources, and high false positive with low flexibility. In this paper, we develop a Resilience Oriented Decentralized Anomaly Detection (RODAD) framework to maximize UAM capability to secure data access among aircraft and ATS service providers based on microservices technologies in an edge-fog-cloud computing paradigm. Machine learning based anomaly detection (MLAD) is developed to detect anomaly behaviors (e.g., aircraft route anomaly) against both single-feature and multi-feature spoofing attacks across avionics mission data. Two GPS spoofing attack scenarios (e.g., restricted and generalized) with four attacking types (e.g., continuous, interim, biased, random) are crafted for the performance evaluation. A hardware-in-the-loop (HITL) implementation is also developed to demonstrate the effectiveness of RODAD for supporting real-time resilient analysis. Our experiments validate the performance of RODAD in detection accuracy and efficiency against spoofing attacks for UAM.