New Machine Learning Approaches for Intrusion Detection in ADS-B

TL;DR

This paper tackles security for ADS-B by evaluating two deep-learning intrusion detection approaches—a transformer encoder and an extended LSTM (xLSTM)—within a transfer-learning framework. Using three OpenSky-based datasets, the authors pre-train on benign ADS-B sequences and fine-tune for binary attack detection, followed by multiclass classification to label specific intrusion types, including gradual attacks. The xLSTM-based IDS achieves the highest performance, notably a binary F1 of 0.982 and strong generalization to unseen attacks (F1 ≈0.910), albeit with a longer latency (~7.26 s) that may constrain time-critical scenarios; the transformer offers faster inference (~2.1 s) but lower detection accuracy. The findings support a defense-in-depth strategy for ADS-B security, highlighting a trade-off between detection quality and responsiveness, and point to potential optimizations to reduce latency while preserving accuracy for real-time ATC use.

Abstract

With the growing reliance on the vulnerable Automatic Dependent Surveillance-Broadcast (ADS-B) protocol in air traffic management (ATM), ensuring security is critical. This study investigates emerging machine learning models and training strategies to improve AI-based intrusion detection systems (IDS) for ADS-B. Focusing on ground-based ATM systems, we evaluate two deep learning IDS implementations: one using a transformer encoder and the other an extended Long Short-Term Memory (xLSTM) network, marking the first xLSTM-based IDS for ADS-B. A transfer learning strategy was employed, involving pre-training on benign ADS-B messages and fine-tuning with labeled data containing instances of tampered messages. Results show this approach outperforms existing methods, particularly in identifying subtle attacks that progressively undermine situational awareness. The xLSTM-based IDS achieves an F1-score of 98.9%, surpassing the transformer-based model at 94.3%. Tests on unseen attacks validated the generalization ability of the xLSTM model. Inference latency analysis shows that the 7.26-second delay introduced by the xLSTM-based IDS fits within the Secondary Surveillance Radar (SSR) refresh interval (5-12 s), although it may be restrictive for time-critical operations. While the transformer-based IDS achieves a 2.1-second latency, it does so at the cost of lower detection performance.

Figures (4)

• Figure 1: Architecture of the original LSTM memory cells and the new xLSTM variants (sLSTM and mLSTM), based on the illustration in paper b16
• Figure 2: Methodology for pre-training and fine-tuning. Models are first pre-trained to predict future ADS-B messages by minimizing the mean squared error (MSE) loss. They are then fine-tuned using transfer learning for binary classification tasks, learning to distinguish between benign and malicious traffic by minimizing the binary cross-entropy (BCE) loss.
• Figure 3: Overview of the experimental methodology. Dataset A contains genuine data; Dataset B includes binary-labeled genuine and tampered data; Dataset C has multiclass labels. Classical ML models are trained on Dataset B. The autoencoder is trained on Dataset A and tested on B using reconstruction error. xLSTM and transformer models are pretrained on A and fine-tuned on B. An ensemble of the fine-tuned models performs multiclass classification on Dataset C.
• Figure 4: Comparison of performance metrics across six classifiers applied to ADS-B intrusion detection. The xLSTM and transformer models consistently outperform traditional methods, while the SVM exhibits the highest false positive rate.