Tech

Hackers can hijack a military plane; Can a scrambling network stop them?


Hackers can hijack a military plane;  Can a scrambling network stop them?

Aboard the 58th Special Operations Wing C-130 transport at Kirtland Air Force Base, Christy Sturgill, Jacob Hazelbaker, Eric Vugrin and Nicholas Troutman, from left to right, are part of the Sandia team at work. to protect moving targets creates a network computer commonly used in space and aircraft less susceptible to cyberattacks. Credit: Craig Fritz

A cybersecurity technique that shuffles network addresses like a blackjack dealer shuffling cards could effectively confuse hackers when gambling to gain control of a machine, according to a new study. military jet, commercial aircraft or spaceship. However, the study also shows that these defenses must be designed to resist the increasingly complex algorithms used to circumvent them.

Many aircraft, spacecraft, and weapon systems have on-board computer networks known as military standard 1553, commonly known as MIL-STD-1553, or even just 1553. This network is a protocol. Trial and true to allow systems such as radar, flight control and head-up display to talk to each other.

Protect these networks against a Cyber ​​attack Chris Jenkins, a Sandia cybersecurity scientist, said it was a national security imperative. If a hacker took control of a mid-1553 flight, he said, the pilot could lose control of the plane’s vital systems and the impact could be severe.

Jenkins is not alone in his concerns. Many researchers around the country are designing defenses for systems that use the MIL-STD-1553 protocol for command and control. Recently, Jenkins and his team at Sandia teamed up with researchers at Purdue University in West Lafayette, Indiana, to test an idea that could secure these critical networks.

Their results, recently published in a scientific journal IEEE transactions on computers are safe and reliableshowed that if implemented properly, a technique already known in the cybersecurity world, known as moving target defense, can effectively protect MIL-STD-1553 networks against machine learning algorithms.

Eric Vugrin, a Sandia senior cybersecurity scientist who also worked on the project, said: “When we talk about protecting our computer systems, we usually rely on two parts. main. “The first approach is to keep the bad guy out and never allow access to the system. The physical analogy is to build a big wall and keep him out in the first place. And the backup plan. is, if the wall doesn’t work, we rely on detection.Both of those approaches are imperfect, and so the moving target defense strategy offers as a complementary strategy. , even if those two approaches fail, a moving target will confuse the attacker and make it more difficult to deal damage.”

Moving target defense must keep cyber attackers guessing

Like the three-card monte game, in which the trickster uses hand dexterity to shuffle the cards from side to side, the defensive move of the target requires randomness. Without it, the defense would be broken. The researchers wanted to know if the mobile target defense system worked to constantly change network addresses, unique numbers assigned to each device on the network. They weren’t sure if it would work, because compared to other types of networks, the address space of MIL-STD-1553 is small and therefore difficult to randomize.

For example, this strategy has proven useful with internet protocols, which have millions or billions of network addresses at their disposal, but 1553 only has 31. In other words, Sandia had to come up with a stealthy way. shuffle 31 numbers in some way. which cannot be easily deciphered.

“Someone looked me in the face and said it’s impossible because it’s only 31 addresses,” Jenkins said. “And because the number is so small compared to the millions, billions or trillions, people just feel like it’s not random enough.”

Sandia computer scientist Indu Manickam says the challenge with randomly picking a small set of numbers is that “nothing in computer software is truly random. It’s always pseudo-random.” Everything has to be pre-programmed, she says, so there’s always a hidden pattern that can be discovered.

With enough time and data, she says, “Someone with an Excel sheet should be able to get it.”

Manickam is an expert in machine learning, or computer algorithms that identify and predict patterns. These algorithms, while beneficial for cybersecurity and many other fields of research and engineering, pose a threat to moving target defenses because of their pattern-detection capabilities. by random processes much faster than humans.

“We are using machine learning techniques to better protect our systems,” says Vugrin. “We also know the bad guys are using machine learning to attack systems. And so one of the things Chris identified early on was that we didn’t want to set up a moving target defense system. where someone can use machine learning to attack to circumvent it and render defenses worthless.”

Sophisticated algorithms are not necessarily the end of this type of network defense. Cybersecurity designers can simply write a program that changes the random sample before the machine can catch up.

But the Sandia team needed to know how quickly machine learning could break through their defenses. So they teamed up with Bharat Bhargava, a professor of computer science at Purdue University, to test it. Bhargava and his team have previously been involved in research on aspects of moving target defense systems.

Over the past seven years, the research fields of cybersecurity and machine learning have collided, Bhargava said. And that is reshaping the concept of cybersecurity.

“What we want to do is learn how to defend against attackers who are also learning,” Bhargava said.

Test results indicate future improvements to cybersecurity

Jenkins and the Sandia team have set up two devices to communicate back and forth on the 1553 network. Sometimes, one device will send an encrypted message that will change both devices’ network Address. Jenkins sent Bhargava’s research team logs of these communications using various random routines. Using this data, the Purdue team trained a type of machine learning algorithm called short-term memory to predict the next set of addresses.

The first random routine is not very efficient.

“We were able to detect not only the next set of addresses that will appear, but the next three,” said Ganapathy Mani, a former member of the Purdue team who contributed to the study.

The algorithm scored 0.9 on a perfect 1.0 scale based on what is known as the Matthews correlation coefficient, which measures how well a machine learning algorithm is performing.

But the second set of logs, using a more dynamic process, leads to an entirely different story. The algorithm only scored 0.2.

“0.2 is almost random, so it doesn’t really learn anything,” says Manickam.

The test showed that the mobile target defense system could essentially work, but more importantly it gave both groups a better understanding of how cybersecurity engineers should design this defense. to combat machine learning-based attack, a concept the researchers call threat token design.

For example, defenders can “Add fake data to it so attackers can’t learn from it,” says Mani.

These findings could help improve the security of small network physical networks other than MIL-STD-1553, such as those used in critical infrastructure.

Jenkins says, “Personally, I can do this work with some satisfaction because it shows that with the right kind of technology and innovation, you can solve a limited problem and still apply the right approach. move target defense for it.”

More information:
Ganapathy Mani et al., Address Randomization Network Defense Machine Learning Resilience Testing, IEEE transactions on computers are safe and reliable (2023). DOI: 10.1109/TDSC.2023.3234561

quote: Hackers can take over military aircraft; Can a scrambling network stop them? (2023, Feb 23) get Feb 23, 2023 from https://techxplore.com/news/2023-02-hackers-military-aircraft-cyber-shuffle.html

This document is the subject for the collection of authors. Other than any fair dealing for private learning or research purposes, no part may be reproduced without written permission. The content provided is for informational purposes only.

news7f

News7F: Update the world's latest breaking news online of the day, breaking news, politics, society today, international mainstream news .Updated news 24/7: Entertainment, Sports...at the World everyday world. Hot news, images, video clips that are updated quickly and reliably

Related Articles

Back to top button