An approach to detect identity spoofing in AIS messages

Abstract

Automatic identification system (AIS) is a maritime communication system that uses a transceiver to automatically transmit navigational data. These data help navigation and allow to monitor the maritime traffic. However, this system can be hacked and malicious users can easily transmit false data to mislead the coastguards or vessels navigating around. While previous research has proposed methods to detect these falsifications, none of them suggest strategies that detect AIS identity spoofing combining the tracking of the ship position and AIS transceiver’s carrier frequency offset (CFO). The CFO, caused by the carrier frequencies mismatch between emitter and receiver and Doppler effect, is used as a radiometric signature to identify materially every transceiver independently of its transmitted identity. It can drift over time and this is why it is tracked thanks to a Kalman filter (KF). In addition, position is also considered to reduce the miss probability of spoofing detection. The KF is noise adaptive to be robust against various CFO drifts and noise levels of the environment. The strategy is tested on real AIS data and the results demonstrate its efficacy: false alarm and miss probabilities were respectively 1% and 1.7%. These results show the ability of the test to correctly detect identity spoofing and the interest of CFO as a radiometric signature. This signature, used for the first time in an AIS application, could be used with other signatures in a future work to improve identity spoofing detection. This is why we made open source in GitHub our algorithm and the real AIS data used.