 Hi. Hi, everyone. My name is Harshad Sathay. I'm from Northeastern University, Boston. I'm a PhD student there. So this work on wireless attacks on aircraft landing systems is done in collaboration with Domian Shepas and my advisors, Professor Anjan Ranganathan and Professor Guwara Nobiyar. So there are around 15,000 flights in the sky at any given time. And right from taxing to the runway for takeoff, arriving and taxing back to the gate, these flights rely on a plethora of wireless navigation aids. So for example, pilots interact with ATC and other pilots over voice channels. ATC tracks aircraft using primary and secondary surveillance radars. ADSB or Automatic Dependent Surveillance Broadcast is used for aircraft tracking. So the map that you saw in the previous slide was because of ADSB tracking. Then ADSB and Modest transmissions are used for ACAS and TCAS for collision avoidance and traffic awareness. These aircrafts use GNS, like global navigation systems, for point-to-point navigation. And at the end, instrument landing system gets you safely back on ground, even in extreme weather conditions. In recent years, systems like ADSB, ACAS, and GPS has been extensively covered by the security community. For example, being able to spoof aircrafts or like plant-fake aircrafts on the radar by spoofing ADSB, privacy issues with ACAS. And everyone knows about serious vulnerability issues with GPS, like right from spoofing to relay attacks to time attacks for disturbing power grids. So these systems are very well covered by the security community. However, landing systems, there's no work about landing systems, especially in academic literature. So in this work, so about landing system, final approach is the most critical phase of a flight and also poses as the most risk. So according to a Boeing report, around 59% of all the fatal accidents occur during this critical phase. ILS, or Instrument Landing System, is the de facto precision landing system used all over the world. It provides precise lateral and vertical guidance. It has three main components. The localizer guides the pilot for aligning with the runway center line. The glide slope helps you to align with the glide path angle. And then there are marker beacons, which act as checkpoints throughout the final approach. So ILS malfunctions can have catastrophic results. So ILS is highly susceptible to interference and even minor disturbances can have bad results. For example, this Turkish airline acquired a false glide slope and the result was catastrophic. Even when pilots rely on autoland and if there's an aircraft which crosses the localizer, it results in aircraft steering left, hard, or right up on touchdown. And that can be disastrous, as if the plane lands on grass, then the landing gear might just break off. But these are because of some technical faults. However, with the advent of software-defined radios, it is easy or it's possible to fabricate these technical faults. And as a result, it is critical to evaluate the resilience of ILS to modern-day cyber-physical attacks. So in this work on aircraft landing system, we developed two attacks. First is the overshadow attack and a singleton attack for taking over ILS. We developed a closed-loop tightly-controlled ILS poofer, which is capable of adjusting attacker's signal as a function of aircraft's current location. We demonstrate these attacks on flight simulator software which satisfies FA certification requirement. Note that it's just a software and not the entire hardware setup. And later on, we also systematically evaluate the effectiveness of these attacks by using the autoland feature in Explain. So now before discussing the attack, let's look into detail about ILS, its components, and the transmitter and the receiver. So let's start off with localizer. Localizer is the component which helps the pilot to align the aircraft with the center line. So there's an antenna area located at the end of the runway. It transmits a 25 watt signal. It has a unique transmission pattern, so just like this. On the left side of the runway, 90 hertz tone dominates. And on the right side, 150 hertz tone dominates. So the receiver is configured to interpret these power levels and accordingly guide the pilot. So for example, if the aircraft is on the left side of the runway, 90 hertz will be dominant. And the needle will point right, indicating that the pilot has to fly right in order to intercept the center line. So glide slope, just like localizer, provides the pilot to intercept a perfect glide path angle. So each approach has a different glide path angle. It usually is three degrees, but based on environment and surroundings, it can be as steep as seven as well. So an antenna area just like this is located near the touchdown point and it transmits an eight watt signal. The transmitter is very similar to a localizer. However, it has a slightly different transmission pattern. So the region above the glide path is dominated by a 90 hertz tone. And the region below the glide path is dominated by a 150 hertz tone. So just like the localizer, the receiver is configured to interpret these power levels and guide the pilot accordingly. So for example, if the aircraft is above the glide path, the needle will be in the lower hemisphere, indicating that the pilot has to fly it down or increase the descent to intercept the glide path angle. Now let's look at the transmitter. The transmitter uses a VHF carrier for the localizer and a UHF carrier for the glide slope. These two frequencies are paired, which means that the pilot just has to tune in to a localizer and the instrument will automatically tune to the equivalent glide slope. So the carrier is then amplified and the power is split and is passed on to two amplitude modulators, where a 90 hertz tone is modulated and also a 150 hertz tone. The modulation depth is set to 20% for the localizer and 40% for the glide slope. So modulation depth is basically the ratio of the amplitudes of the 90 hertz tone and the carrier, rather the modulating tone and the carrier. So these two signals are then combined to give two specific distinct waveforms. These waveforms and how they are generated, it's not as simple as it looks in the picture. So the details are present in the paper that we're gonna publish, so you can go through that for the details. Then these two distinct waveforms are fed to antenna elements by a power distributor, which feeds a pair of antenna elements with specific phase offset. This specific phase offset results in a space modulated signal at the receiver. So in simple terms, space modulation is a modulation technique. It's very unique as it depends on how two signals add up in space. For example, for a sine wave or for signals in general, their phase decides how the signals add up and what would be the effect. For example, if the phase difference is zero, the signals will add up and will amplify. And if the phase difference is 180 degrees, which means they are half a wavelength away, then they will just cancel each other out. So depending on this, it creates a unique transmission pattern based like this. And the receiver then figures out the power levels of the two tones and guides the pilot. Now let's look at the receiver design. Receiver has a very simple design as compared to the transmitter. So upon receiving, the signal undergoes amplification, demodulation and the 90 hertz and the 150 hertz tones are filtered. And passed on to a DDM calculator. So DDM is difference in depth of modulation, which is nothing but the difference in DC voltage of the 90 hertz component and the 150 hertz component. So the needle deflection is completely and solely based on this DDM value. For example, if the aircraft is on the left side, the 90 hertz will be dominant and there will be a positive DDM value. And this DDM value is directly or the receiver is configured to directly interpret this DDM value and deflect the needle accordingly. So these would be the needle positions for specific DDM values. Now in earlier days, all this was done mechanically by using a bridge and a DC rectifier. But nowadays it's all done digitally using sampled signals and the needle is just a bunch of pixels on a glass display. So let's look at the wireless attacks now that we have a fairly good understanding of ILS. So as we have learned that needle deflections are solely based on power levels of the two tones, it is possible that we can manipulate this DDM calculation just by altering the power levels. So and that is the primary objective of the attacker. So in order to spoof ILS or to spoof any kind of offset, the attacker just has to manipulate the power levels. This is done in order to force the aircraft to overshoot the runway or just completely miss the approach. So to do this, we came up with two attacks. First is the overshadow attack which uses high powered pre-crafted ILS signals. And the second is a singleton attack which is low power but we'll look into it later. And with minor changes, these attacks work both for localizer as well as the glideslope. So let's look at the overshadow attack. Here the attacker transmits a high power pre-crafted ILS signal which means that the attacker fabricates the power levels as it will be received at a particular location and thus overshadows the legitimate signal. So this is the frequency domain representation of the received signal. As you can see that the power levels are same which means that the aircraft is on the center line. But now if I want to make sure that the pilot things or the instrument things that the aircraft is on the left side, I'll simply or not me, the attacker will simply transmit a signal like this where I alter the 90 hertz power level which means that the DDM calculation will be manipulated and the instrument will think that the aircraft is on the left side, even though the actual position is that aircraft is on the center line. So this is a fairly straightforward attack. Even though the overshadow attack requires just a few watts of transmission power, we wanted to come up with a way in which we can make this attack more efficient and healthy by reducing the energy footprint. So for that we came up with the singledon attack where the attacker transmits just one of the two tones which make up the ILS signal. So for example, again this is the received signal in frequency domain where you see the two side bands which make up the ILS signal. Now since the attacker simply wants to make sure that the aircraft things are on the right side, so the attacker simply transmits the 150 hertz tone and does manipulate the DDM calculation. So if you notice that this signal is very similar to a double side band suppressed carrier signal which is known and proven to be spectacularly efficient than a regular AIM signal. So this attack has far less energy requirement but however it has its own challenges which I'll be discussing later. So the two attacks may seem very straightforward and easy, however there are a couple of challenges associated in executing this attack and I'll be going over those one by one. So the first is that the aircraft can intercept the localizer from multiple directions and as a result every time the aircraft enters this region or intercepts the localizer there will be needle shifts and there will be particular needle shifts. So for example, consider a scenario where the attacker starts transmitting at this point and if you pay close attention to the needle you'll notice that as soon as the attacker starts transmitting there will be a needle jump and this will definitely raise flags because pilot will notice that oh well the needle is like jumping and which is not a good sign and pilot will simply abort landing or use something else. The second challenge is associated with a naive overshadow attack wherein the attacker does not correct its signal. So for example, let's assume that the attacker times the attack in such a way that the attacker starts transmitting at the precise point to avoid any needle jumps. However, when the pilot or the aircraft starts interpreting the instrument the pilot will start correcting the course by following the needle. However, it is expected that the needle also starts aligning with the center line. However, since the attacker signals are not reacting or they are not manipulated the needle will be stuck and the pilot will simply notice that and will again stop using ILS and will just switch to something else. So to avoid this we came up with two mechanisms. The first is offset correction algorithm wherein we change attacker signal based on aircraft's location. So this is the aircraft's current position and the green line represents the angle with the legitimate flight path. Now as expected the pilot will just follow the green arrow and align with the center line. Now when the attacker spoofs a flight path or spoofs an offset the expectation is that the attacker or the aircraft intercepts segment DA instead of CA. So this algorithm what it does is it simply calculates the difference between angle BAC and angle BAD thus giving what the offset has to be and then accordingly changes the power levels of the two tones just to match or take consider this offset. So the second solution or the second mechanism that we came up with is a spoofing zone detector. Since the aircraft can be vectored in from multiple directions we need to make sure that every time the aircraft is in the zone where it starts intercepting localizer we should automatically start transmitting. So the zone takes care of that. It basically enables automated spoof like triggering of the attack and timely triggering of the attack. So as you can see even the aircraft enters from like multiple directions it will take into account the current position and accordingly start spoofing. So this is coupled with the offset correction algorithm thus providing a seamless takeover of the instrument. So there won't be any kind of detection like pilot won't notice any certain needle jumps and it would be a smooth takeover. So the spoofing zone covers 17.5 degrees on the either side of the runway and extends up to 35 kilometers beyond the touchdown point. So it covers a vast region and even if the pilot is vectored in from multiple directions it will provide a seamless takeover. Now let's look at how we implemented our ILS spoofer and various components. So instead of implementing it on a real aircraft because of legal issues we decided to implement it on X-plane which is a flight simulator which has lots of capabilities like it has like realistic flight mechanisms, flight system, like flight dynamics. It can simulate various events and scenarios so it was perfect for our setup. It also has an external API which you can use to communicate with the SIM and also manipulate the needles and like instruments and everything. So the attacker control unit has four main components the spoofing zone detector, the offset correction algorithm, the legitimate signal generator and the attacker signal generator. So these two are interfaced with real software defined radios which are the RF front ends which are used for generating signals in real time. So the signal, the legitimate generator is specifically just for a setup validation which shows that we can actually overpower these signals which are then fed, which are then combined and fed to a navigation receiver just to verify the correctness of the signals. And this setup can also be run in like a non-radio setup without USRPs. So it's important to note that all this was done over wired interface because if we unplug the wire and plug in an antenna it will basically just start spoofing the airspace and that would be really bad. So this is all wired and those may take, like care was taken about that. We also did like a wireless test on this attack in an Ancoic chamber where it's like shielded, it's like a small faraday cage. Just to see that whether these attacks are also possible in like a real wireless scenario and they do work. So this is the actual photograph of our setup. So let's take a look at like, we have a small video demonstration of the attack. Okay, so this is the first landing where it's clear whether no spoofing, there are no offsets, instruments are giving out correct information and the aircraft lands at the precise point where it's supposed to. The second scenario is during a spoofing attack where I'm spoofing light slope as well as localizer and as soon as the aircraft enters at orange region a spoofer starts automatically. And as you can see the handle receiver and the instruments are in sync, which means that we can actually generate signals in real time. This is when I enable the autopilot and the aircraft just lands itself. It's clearly seen that the aircraft is off-centered but the needle says that it's perfectly aligned with the center line. And as a result the aircraft lands around 60 meters away from the center line. And this is especially dangerous for a big jetliner because the ground is not dense enough to support the weight. And in cat three conditions it's super difficult to identify that you're off. And the only option is just abort landing and initiate a go around. So this was a video demonstration. So for evaluating the effects of overshadow attack we perform five automated landings per degree offset for the localizer and also for the light slope. And as a result by just spoofing 0.5 degree offset the aircraft landed around 18 meters from the center line which is already very close to the edge of the runway. So even if one wheel at the touchdown is on the grass it will still be not good. And similarly for the glide slope if we reduce the glide path angle just by 0.1 degrees the aircraft landed around 800 meters beyond the touchdown point which is not good because aircraft will overshoot the runway as it won't have enough space to stop. We also had a certified pilot come in to test our setup and fly approaches with and without spoofing. And the pilot noted that it was easier to detect localizer offset because you can clearly see that the runways on your left or the right side. But it was equally hard to detect any kind of glide path offset because you have to push up like the depth. So and also noted that the glide like spoofing light path can actually be dangerous. So if you recall that scene from die hard that's exactly what they did like just spoof the glide path and the results are bad. Now to evaluate single tone attack it was a bit trickier because since this leverages space modulation and you are just transmitting one tone without overshadowing this attack is susceptible to phase differences between the attacker tone and the legitimate tone. So we built a MATLAB simulation wherein we adjust the phase and calculate the resultant offset. As you can see, change in phase has an adverse impact on the resultant offset. And as the aircraft is approaching phase will constantly change because the distance between the transmitter and the receiver is constantly changing. But however, when we implemented this attack on our experimental setup we realized that this effect is not as severe as seen in the graph because it certainly depends on the speed of the aircraft as it decides the rate at which the phase changes and also the refresh rate of the instrument. However, the unpredictable needle deflections based on the phase can also be used as a last minute denial of service attack. So for the pilots in the room just after decision height if the attacker starts a single tone attack then there will be abrupt needle deflections and if it is auto land then the aircraft will definitely react to that. And as a result, there will be just moments for the pilot to react and take corrective action. So however, to compensate the effect of phase we came up with amplitude scaling which is basically the mechanism in which you change or manipulate the amplitude of the signal to compensate for the effect of phase. So out of the three components of a signal or like a wave, a phase frequency and amplitude it is easier to manipulate the amplitude as compared to phase. So you can change the amplitude to counter the effect of phase. So that's amplitude scaling. But and with enough knowledge the attacker can leverage these properties to successfully execute this type of attack. So we also had to compare the power requirements for both of these attacks and we performed 400 trials wherein we spoofed multiple offsets and we observed the success of the attack by observing the needle deflection on the handle receiver. And as a result, the power difference is 20.53 dB for localizer. So this difference is in the power required for executing the overshadow attack and the singleton attack. And for the glideslope the same was 27.47 dB. So singleton attack has much low energy requirement and an energy footprint as compared to overshadow attack. However, singleton attack has its own challenges as it's complicated, it's phase sensitive, but however it's still possible and they can be done. So the received signal strength which is in blue is calculated using Frisk equation which is basically received signal strength at a particular distance. And that's how we implemented the whole setup in lab with like on a wide interface. So to summarize, ILS is vulnerable to spoofing attacks. Even though the attacks are simple, they are hard to execute because of the challenges associated with it. But if the attacker also is working with VORs, DMEs and GPS, then it's very hard to detect and counter the effect of this attack. So the attacks were also successfully demonstrated on flight simulator software. One important thing to note that is the pure analog nature of these systems makes it extremely challenging to develop secure solutions since it's rather impossible to encrypt or protect power levels because it's a very physical characteristic of a signal and you certainly cannot encrypt that. So it is fundamentally challenging to secure the systems. However, we are in a process of developing secure solutions for this, but it's ongoing. And pilots have a whole bunch of other systems to work with. Even though these systems are vulnerable, flying is still the safest means of transportation and aircrafts won't be falling out of sky. Thank you. Any questions? Yes? So are you talking about far field monitors? Okay, so far field monitors are usually about two nautical miles from the transmitter or the touchdown point. However, in this case, the attacker is usually inside the aircraft or it can be anywhere. And since the attacker directs a signal towards the aircraft and uses minimal power, by the time far field monitors actually detect any anomaly, the aircraft has already landed or the attack is already executed. Yes? The tower gets an alert and they'll shut down the ILS system and say, sorry, we can't use ILS today. Yes, so consider a scenario of cat three approach. Please. Oh, sorry. So it was a follow up question to far field monitors that if they are at two nautical miles, then ATC will notice that there are there's some anomaly and will shut off ILS. So if ATC completely shuts off ILS, it is still a victory for the attacker because, well, it's just preventing any aircraft to use ILS. So it would be a denial of service. And as a result, the attacker still succeeds. And for example, consider a scenario of cat three ILS where decision height is just a few meters. Sorry. So the decision height is just few meters. And in some scenarios, pilots are asked to just completely auto land, especially in cat three C conditions. So in that pilot has to rely on ILS throughout the approach. And yes, right, right. So one thing is that we are making sure that we are not exceeding 2.5 degree of offset. And as a result, the aircraft lands around 100 to 200 meters. And one thing about GPS is that its accuracy is up to 10 to 100 meters for civilian GPS. And it's also based on how the receiver or the instrument's resolution and all those things. So in the aviation village itself, I met a couple of American Airlines pilots. And they said that, yeah, 99% of the time, we do completely rely on ILS, actively or passively. So for example, if it's a visual approach, they still use ILS for reference. But if it's a complete IFR, then they have to actively rely on ILS because they can't see a thing outside. And the marker we can act as checkpoints, which say, OK, you are at a certain distance from the runway. So we are not manipulating the distance. We are just shifting it. Yes. So that's why we are not going for a kilometer of displacement from the center line. It's just a few meters. So the objective of the attacker is to make the aircraft land for the localizer, is to make the aircraft land just outside the runway. For CAT-3C, you do autoland. Like, that was the feedback that we got from pilots. And this attack is especially targeted to that. Yeah. Trashing that aircraft. Yeah. All right. Thank you.