Sandia National Laboratories research team members Christy Sturgill, Jacob Hazelbaker, Eric Vugrin and Nicholas Troutman, from left to right, onboard a C-130 transport aircraft at Kirtland Air Force Base. (Credit: Craig Fritz, Sandia National Laboratories)
An international team of researchers led by Purdue University examine how a new cybersecurity technique could help keep aircrafts such as a military jet, a commercial airliner, and even a spacecraft technologically safe from cyberattacks. This study holds the potential to address the potential pitfalls of living in a world that is becoming more and more reliant on computers for everything we do.
“When we talk about protecting our computer systems, frequently there are two main pieces we rely on,” said Dr. Eric Vugrin, who is a Sandia National Laboratories cybersecurity senior scientist and a co-author on the study. “The first approach is just keeping the bad guy out and never permitting access to the system. The physical analogue is to build a big wall and don’t let him in in the first place. And the backup plan is, if the wall doesn’t work, we rely on detection. Both of those approaches are imperfect. And so, what moving target defense offers as a complementary strategy is, even if those two approaches fail, moving target confuses the attacker and makes it more difficult to do damage.”
Many aircraft systems use an onboard computer network called the military standard 1553, also known as MIL-DTS-1553 or simply 1553, which is a very efficient system that allows the various aircraft systems to talk to each other. Because of the importance of this system in controlling aircraft, it also makes it very vulnerable to cyberattacks.
For the study, the researchers pitted moving target defenses (MTDs) algorithms against machine learning (ML) and deep learning (DL) models to examine the algorithm’s effectiveness against the models trying to attack it in real-time systems. They put emphasis on examining one such algorithm that randomizes address assignments to see if the models could overcome the defenses. Essentially, it shuffles cards like in a game of three-card monte. While this randomness strategy has proven effective for internet protocols that possess millions, or even billions of network addresses, 1553 only possesses 31 addresses, which means the researchers had to develop a method to randomize all 31 addresses without them being able to be easily deciphered.
“Someone looked me in the face and said it’s not possible because it was just 31 addresses,” said Dr. Chris Jenkins who is a Sandia cybersecurity scientist, and a co-author on the study. “And because the number is so small compared to millions or billions or trillions, people just felt like it wasn’t enough randomness.”
Chris Jenkins, who is a cybersecurity expert at Sandia National Laboratories, with the original sketch of the movig target defense idea on a whiteboard behind him. (Credit: Craig Fritz, Sandia National Laboratories)
For testing, the Sandia researchers set up two devices capable of communicating with each other on a 1553 network and one of the devices would submit a coded message altering both devices’ network addresses. After logging the communications, the Purdue researchers used this new data to train an ML algorithm for predicting new addresses.
While the first set of tests was very successful, the second set of tests made use of a more dynamic routine that delivered much more successful results, demonstrating that MTDs can work against cyberattacks. The study’s findings could help cyber-physical network security other than 1553.
“Being able to do this work for me, personally, was somewhat satisfying because it showed that given the right type of technology and innovation, you can take a constrained problem and still apply moving target defense to it,” said Dr. Jenkins.
What new defenses against cybersecurity threats will researchers develop in the coming years and decades? Only time will tell, and this is why we science!
Sources: IEEE Transactions on Dependable and Secure Computing, EurekAlert!
As always, keep doing science & keep looking up!