Utilizing air traffic communications for OSINT on state and government aircraft

Authors: Martin Strohmeier, Matthew Smith, Daniel Moser, Matthias Schafer, Vincent Lenders, and Ivan Martinovic
10th International Conference on Cyber Conflict CyCon X: Maximising Effects
PDF

Abstract

In recent times, we have witnessed a trend in which communications data is increasingly collected and made open source by the public. A prominent example is the tracking of aircraft movements using unencrypted air traffic control (ATC) communication. This paper studies the implications of such new open source aircraft datasets on the operational privacy of military and government actors. We use publicly available aircraft metadata in conjunction with unfiltered ATC communication gathered from the collaborative sensor network OpenSky. We show that using these datasets, it is possible to collect, process and analyze large numbers of movements in an automated fashion, providing insights into potentially sensitive operations. We use movement data collected from more than 580 identified aircraft used by 100 different governments and over 6,000 military aircraft to identify operations and relationships in the real world. We also provide case studies which show that potentially sensitive information appears in these open datasets in the clear from both military and government-operated aircraft, despite attempts at encrypting some of this information. Considering these privacy violations, we establish which countries’ militaries and governments take active steps in blocking the movements of their sensitive aircraft from online tracking websites. We find that overall more than 80% of all military aircraft and 60% of all government aircraft are filtered for reasons of privacy, with significant variation between different countries. Finally, we study the main mitigation methods available to state aircraft operators and find that all currently existing options have significant downsides, which inhibit either their usability or their effectiveness.

People

Dr. Daniel Moser
Doctoral Student (2016 – 2021)
armasuisse

BibTex

@inproceedings{strohmeier2018utilizing,
  author    = {Strohmeier, Martin and Smith, Matthew and Moser, Daniel and Schafer, Matthias and Lenders, Vincent and Martinovic, Ivan},
  title     = {{Utilizing air traffic communications for OSINT on state and government aircraft}},
  booktitle = {10th International Conference on Cyber Conflict CyCon X: Maximising Effects},
  address   = {Tallinn, Estonia},
  year      = 2018,
  month     = may,
  publisher = {IEEE},
  doi       = {10.23919/CYCON.2018.8405023},
  url       = {https://doi.org/10.23919/CYCON.2018.8405023}
}

Research Collection: 20.500.11850/281733