Académique Documents
Professionnel Documents
Culture Documents
MANAGEMENT
Tuesday 29th May 2017
Maritime environment is experiencing a growing Le transport maritime qui est soumis à une activité
activity, which has led to the use of new services for grandissante a favorisé l’apparition de systèmes
localization of vessels such as the Automatic internationaux de localisation de navires tel que
Identification System (AIS), which allows real-time l’Automatic Identification System (AIS), ceci afin
surveillance of maritime traffic and provides aids to d’accroitre la sécurité de la navigation et de permettre
navigation. Recent works have shown that falsification une surveillance du trafic maritime en temps-réel.
of AIS messages was possible, and therefore could lead Cependant il a été démontré que la falsification des
to illegals actions and new maritime risks. This way, informations émises par ces systèmes de
some ships have been hijacked without the knowledge positionnement était possible et que cela pouvait
of their crew or surveillance centers. DéAIS project induire des actes illégaux et engendrer de nouveaux
proposes a methodological approach for modelling, risques maritimes (e.g. détournement de route de
analyzing and detecting these new maritime risks. The navigation à l’insu du personnel à bord).
objective is to detect when a ship’s AIS system is Le projet DéAIS propose une méthodologie de
undergoing an attack. For this purpose, real-time AIS modélisation, d’analyse et de détection pour signaler
information is analyzed and compared to historical, les cas de messages AIS non authentiques et fournir
expected or predicted information. une évaluation des risques maritimes associés. En
analysant le signal et les informations AIS temps-réel
et en les confrontant avec celles archivées, prévues ou
prédites, l’objectif est de détecter si un navire falsifie
ou fait face à une attaque de son système AIS.
CONTENTS
1. DeAIS Project.................................................................................................................................... 3
2. Objectives......................................................................................................................................... 3
2.1. Postulate:................................................................................................................................... 3
2.2. Assumption:............................................................................................................................... 3
2.3. Main objectives ......................................................................................................................... 3
3. AIS Vulnerabilities ............................................................................................................................ 3
3.1. A variety of ais messages........................................................................................................... 3
3.2. New risks identified ................................................................................................................... 4
3.3. Potential failures and hackings ................................................................................................. 5
3.4. Understanding and modelling ais vulnerabilities and risks ....................................................... 6
4. DeAIS system description ................................................................................................................. 7
4.1. AIS data...................................................................................................................................... 7
4.2. Treatment flow .......................................................................................................................... 7
4.3. From detected flags to risk assesment...................................................................................... 8
5. Evaluation....................................................................................................................................... 10
5.1. Scenarios ................................................................................................................................. 10
5.1.1. Identity ................................................................................................................................................. 10
5.1.2. Position ................................................................................................................................................ 10
5.1.3. Messages #22 and #23 ......................................................................................................................... 10
5.1.4. Overloading .......................................................................................................................................... 10
5.2. Practical implementation ........................................................................................................ 11
5.3. Some results ............................................................................................................................ 11
6. Conclusion ...................................................................................................................................... 12
2. OBJECTIVES
2.1. POSTULATE:
The Automatic Identification System (AIS) is vulnerable to attacks and frauds, this leads to many risks
in navigation, masking illegal activities, impairment of surveillance, border control…
2.2. ASSUMPTION:
It is possible to ascertain the truth in a message by analysing its data and signal through the scope of
the quality of its inner information.
3. AIS VULNERABILITIES
All known information about AIS has been gathered and compiled with the help of a naval officer
leading to 334 risks of different levels:
This overview of the risks linked to the use of AIS must then be strengthened by the discovery of
behaviors, anomalies and falsifications in actual data.
This treatment leads to the apparition of flags which are then considered to assess the risk.
Finally, flags are combined for risk determination and associated to a level of risk:
Selected associated risks:
• Boarding / Collision
• Grounding
• Illegal Fishing
• Piracy / Terrorism
• Illegal Transportation
Selected risk levels:
• 1 : Weak
• 2 : Moderate
• 3 : High
• 4 : Critical
Selected risk dimensions:
• H : Human
• I : Infrastructure
• E : Environmental
For each message, risk levels are assessed for all three dimension:
The risk(s) determined for the given situation (flags)
The type of vessel (given by AIS messages) : T/C = Tankers and Cargos, T/C – H = Tankers and
Cargoes carrying hazardous goods, P = Passengers, Pl/F/S = Pleasance, Fishing and Service
Image 8 – Selected associated risks and risks levels
5.1. SCENARIOS
In order to test this system, some scenarios has been defined.
5.1.1. IDENTITY
S1.1.a : incorrect MMSI
S1.1.b : MMSI with no country code
S1.2.a : identity not referenced or different from the UE database
S1.2.b : identity not referenced or different from the French database
S1.3.a : identity change on [MMSI, callsign, n° OMI, name]
S1.4 : same MMSI at several place at the same time
S1.5 : change on the signal signature
Image 9 – Example of S1.3.a
5.1.2. POSITION
S2.1a : incorrect coordinates
S2.1.b : appearance of a ship on shore
S2.2 : loss of a ship and reappearance after a significant time with a different position
S2.3 : spontaneous appearance of a ship in an area of "low probability of occurrence"
5.1.4. OVERLOADING
S4.1 : abnormal occupation of the AIS frame
S4.2 : an MMSI (or a type of message) transmits too often
S4.3 : « white » saturation
6. CONCLUSION
Vulnerabilities, attacks but also fraudulent uses on AIS has been assessed and demonstrated during
the project.
DeAIS aims at providing detection techniques based on message analysis and data mining in real
time.
This approach could usefully be completed in order to improve the tools, make them compliant to all
situation and easier to use. The challenge is to include this methodology in a more general concern:
cyber security at sea.