Attacking (and defending) the Maritime Radar System

TL;DR

This paper explores new cyber-physical threats to maritime radar systems, demonstrating feasible attacks and proposing an anomaly detection method that effectively identifies malicious activities without altering ship configurations.

Contribution

It introduces novel attack techniques on maritime radar systems and presents an effective detection system that does not require modifications to the ship's setup.

Findings

Attacks on radar systems are feasible and easy to execute.

The proposed detection method effectively identifies anomalies.

Attacks are hard to detect with existing methods.

Abstract

Operation of radar equipment is one of the key facilities used by navigators to gather situational awareness about their surroundings. With an ever increasing need for always-running logistics and tighter shipping schedules, operators are relying more and more on computerized instruments and their indications. As a result, modern ships have become a complex cyber-physical system in which sensors and computers constantly communicate and coordinate. In this work, we discuss novel threats related to the radar system, which is one of the most security-sensitive component on a ship. In detail, we first discuss some new attacks capable of compromising the integrity of data displayed on a radar system, with potentially catastrophic impacts on the crew' situational awareness or even safety itself. Then, we present a detection system aimed at highlighting anomalies in the radar video feed, requiring no modifications to the target ship configuration. Finally, we stimulate our detection system by performing the attacks inside of a simulated environment. The experimental results clearly indicate that the attacks are feasible, rather easy to carry out, and hard-to-detect. Moreover, they prove that the proposed detection technique is effective.