Aerospace and defense industries are particularly vulnerable to cyber threats given their sensitive nature, significantly extending the consequences of security breaches to the national level. Aerospace vehicles are augmented by cooperative control, intelligent, connected, and autonomous systems. The risk against such systems is further amplified due to commonly relying on the MIL-STD-1553 communication bus developed with a high focus on reliability and fault tolerance, albeit with security as a second priority. MIL-STD-1553 (a.k.a., STANAG 3838 by NATO) is a standard that describes a serial data communication bus primarily used in aerospace vehicles for military and civilian applications, including avionics, aircraft, and spacecraft data handling. In the absence of core security measures such as authentication, authorization, and encryption, the bus connecting sensitive functions, including autopilot, GPS, fuel valve switches, and other avionics equipment, is easily vulnerable to a wide range of attacks. This paper proposes, AdaptIDS, a novel adaptive intrusion detection system as a security analytics framework for the MIL-STD-1553 communication bus. AdaptIDS mainly adopts data science principles and leverages advanced deep learning techniques (i.e., the stacking ensemble) to boost its generalization capabilities for detecting unseen patterns of attacks in the dynamic changing environment of aerospace vehicles. Extensive experiments are conducted using two datasets generated from an open-source simulation system, reflecting dynamic real-life scenarios. The evaluation results demonstrate that our solution outperforms existing solutions with high detection effectiveness of 0.99 F1-measure and computational time efficiency.
Read full abstract