US2019280871A1PendingUtilityA1

Method and network to implement decentralized validation and authentication mechanisms to prevent ads-b cyber-attacks

40
Assignee: ROBUST ANALYTICS INCPriority: Mar 6, 2018Filed: Nov 9, 2018Published: Sep 12, 2019
Est. expiryMar 6, 2038(~11.7 yrs left)· nominal 20-yr term from priority
H04B 7/18506H04L 9/3239G06Q 20/325H04L 2209/84H04L 63/12H04L 2209/80H04L 67/10H04L 63/08H04L 9/3236H04L 9/0637G08G 5/80H04L 9/50
40
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A method or network that addresses cybersecurity vulnerabilities in an ADS-B network by validating and authenticating ADS-B messages. Nodes of the network maintain a validated ledger of ADS-B transactions and use validated information from this ledger to improve security against common cybersecurity attacks including, but not limited to, denial of service attacks, jamming attacks, spoofing attacks, flooding attacks and eavesdropping.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
         1 . A method to ensure ADS-B message security by implementing a distributed ledger for protecting validity and authenticity of ADS-B transactions within a network having a plurality of nodes, one or more of the of the nodes performing the method comprising:
 receiving a whole or part of the distributed ledger containing one or more blocks of the ADS-B transactions by a validation module, each block comprising a set of states and other information pertaining to one of the other nodes in the network;   appending the whole or part of the distributed ledger to an existing local copy of the distributed ledger to create an unvalidated updated local copy of the distributed ledger;   broadcasting the updated local copy of the distributed ledger to the other nodes;   implementing a consensus algorithm to validate and authenticate the updated local copy of the distributed ledger;   broadcasting whole or part of the validated and authenticated updated local copy to other ones of the nodes in ADS-B range, and receiving from the other ones of the nodes their whole or part of the validated and authenticated updated local copy; and   replacing whole or part of the existing local copy of the distributed ledger with at least a part of the received whole or part of the validated and authenticated local copy of the distributed ledger.   
     
     
         2 . The method of  claim 1 , wherein the broadcasting whole or part of the validated and authenticated updated local copy to other ones of the nodes in ADS-B range, and receiving from the other ones of the nodes their whole or part of the validated and authenticated updated local copy are performed using available on-board, or ground based, communication technology that includes one of ADS-B communication, radio communication and WiFi communication. 
     
     
         3 . The method of  claim 1 , further comprising:
 creating a local copy of the distributed ledger by generating a first hash with arbitrary or system defined token information to be used in validating and authenticating the updated local copy of the distributed ledger.   
     
     
         4 . The method of  claim 1 , wherein the nodes comprise at least one of a vehicle, a ground based server, an IoT device, an embedded computer or chip, and a cloud based server. 
     
     
         5 . The method of  claim 1 , further comprising:
 detecting information about a nature of a cybersecurity attack, and alerting at least one of the nodes based upon the consensus algorithm failing to validate and authenticate the updated local copy of the distributed ledger.   
     
     
         6 . A network to ensure ADS-B message security by implementing a distributed ledger for protecting validity and authenticity of ADS-B transactions within the network, comprising:
 a plurality of nodes, wherein each of at least one of the nodes comprising:
 a receiver receiving a whole or part of the distributed ledger containing one or more blocks of the ADS-B transactions, each block comprising a set of states and other information pertaining to one of the other nodes in the network; 
 a validation module appending the whole or part of the distributed ledger to an existing local copy of the distributed ledger to create an unvalidated updated local copy of the distributed ledger; 
 a transmitter broadcasting the updated local copy of the distributed ledger to the other nodes; 
   wherein:
 the validation module implements a consensus algorithm to validate and authenticate the updated local copy of the distributed ledger; 
 the transmitter broadcasts whole or part of the validated and authenticated updated local copy to other ones of the nodes in ADS-B range, and the receiver receives from the other ones of the nodes their whole or part of the validated and authenticated updated local copy; and 
 the validation module replaces whole or part of the existing local copy of the distributed ledger with at least a part of the received whole or part of the validated and authenticated local copy of the distributed ledger. 
   
     
     
         7 . The network of  claim 6 , wherein the transmitter broadcasts whole or part of the validated and authenticated updated local copy to other ones of the nodes in ADS-B range, and the receiver receives from the other ones of the nodes their whole or part of the validated and authenticated updated local copy are performed using available on-board, or ground based, communication technology that includes one of ADS-B communication, radio communication and WiFi communication. 
     
     
         8 . The network of  claim 6 , wherein the validation module:
 creates a local copy of the distributed ledger by generating a first hash with arbitrary or system defined token information to be used in validating and authenticating the updated local copy of the distributed ledger.   
     
     
         9 . The network of  claim 6 , wherein the nodes comprise at least one of a vehicle, a ground based server, an IoT device, an embedded computer or chip, and a cloud based server. 
     
     
         10 . The network of  claim 6 , wherein the validation module:
 detects information about a nature of a cybersecurity attack, and alerts at least one of the nodes based upon the consensus algorithm failing to validate and authenticate the updated local copy of the distributed ledger.   
     
     
         11 . A node to ensure ADS-B message security by implementing a distributed ledger for protecting validity and authenticity of ADS-B transactions within a network comprising a plurality of nodes, the node comprising:
 a receiver receiving a whole or part of the distributed ledger containing one or more blocks of the ADS-B transactions, each block comprising a set of states and other information pertaining to one of the other nodes in the network;   a validation module appending the whole or part of the distributed ledger to an existing local copy of the distributed ledger to create an unvalidated updated local copy of the distributed ledger;   a transmitter broadcasting the updated local copy of the distributed ledger to the other nodes;   wherein:
 the validation module implements a consensus algorithm to validate and authenticate the updated local copy of the distributed ledger; 
 the transmitter broadcasts whole or part of the validated and authenticated updated local copy to other ones of the nodes in ADS-B range, and the receiver receives from the other ones of the nodes their whole or part of the validated and authenticated updated local copy; and 
 the validation module replaces whole or part of the existing local copy of the distributed ledger with at least a part of the received whole or part of the validated and authenticated local copy of the distributed ledger. 
   
     
     
         12 . The node of  claim 11 , wherein the transmitter broadcasts whole or part of the validated and authenticated updated local copy to other ones of the nodes in ADS-B range, and the receiver receives from the other ones of the nodes their whole or part of the validated and authenticated updated local copy are performed using available on-board, or ground based, communication technology that includes one of ADS-B communication, radio communication and WiFi communication. 
     
     
         13 . The node of  claim 11 , wherein the validation module:
 creates a local copy of the distributed ledger by generating a first hash with arbitrary or system defined token information to be used in validating and authenticating the updated local copy of the distributed ledger.   
     
     
         14 . The node of  claim 11 , wherein the nodes comprise at least one of a vehicle, a ground based server, an IoT device, an embedded computer or chip, and a cloud based server. 
     
     
         15 . The network of  claim 11 , wherein the validation module:
 detects information about a nature of a cybersecurity attack, and alerts at least one of the nodes based upon the consensus algorithm failing to validate and authenticate the updated local copy of the distributed ledger.   
     
     
         16 . A non-transitory machine-readable medium storing a non-transitory, tangible computer program product comprising computer program code which when executed causes a validation module in at least one node of a network to perform operations comprising:
 appending a whole or part of the distributed ledger to an existing local copy of the distributed ledger to create an unvalidated updated local copy of the distributed ledger, in response to receiving the whole or part of the distributed ledger containing one or more blocks of ADS-B transactions within the network, each block comprising a set of states and other information pertaining to one of the other nodes in the network;   implementing a consensus algorithm to validate and authenticate the updated local copy of the distributed ledger based upon receiving from the other ones of the nodes their whole or part of the validated and authenticated updated local copy; and   replacing whole or part of the existing local copy of the distributed ledger with at least a part of the received whole or part of the validated and authenticated local copy of the distributed ledger.   
     
     
         17 . The non-transitory machine-readable medium of  claim 16 , wherein the operations further comprise:
 creating a local copy of the distributed ledger by generating a first hash with arbitrary or system defined token information to be used in validating and authenticating the updated local copy of the distributed ledger.   
     
     
         18 . The non-transitory machine-readable medium of  claim 16 , wherein the operations further comprise:
 detecting information about a nature of a cybersecurity attack, and alerting at least one of the nodes based upon the consensus algorithm failing to validate and authenticate the updated local copy of the distributed ledger.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.