Method of analyzing multidimensional combinations of network traffic features for identifying signs of unauthorized intrusion in aviation data transmission networks

Due to the increasing intensity and complexity of network interactions in aviation data transmission systems, the need for developing methods to detect signs of unauthorized interference in aviation operations is significantly growing. The importance of this issue is due to the need to ensure control systems and affect the safety of aircraft flights. This article develops and presents a method for analyzing multidimensional combinations of network traffic features in aviation data transmission systems, based on a modified frequent-pattern FP-Growth algorithm adapted specifically for multidimensional data. A distinctive feature of the proposed approach is maintaining the contextual integrity of network event attributes, enabling the identification of hidden dependencies among various parameters of network events that are inaccessible to traditional one-dimensional frequent pattern analysis algorithms. A model for representing network events as multidimensional transactions is formulated, and an algorithm for constructing a multidimensional frequent-pattern tree and extracting stable combinations of features with a predefined frequency of occurrence is proposed. Experimental validation using real network traffic data confirmed the capability of detecting network attack patterns and previously unrecorded anomalous feature combinations. A quantitative evaluation of the proposed method’s performance was conducted, confirming its efficiency and suitability for processing substantial data volumes characteristic of aviation data transmission systems in real-time conditions. The developed method provides improved protection for aviation networks and timely identification of threats to aviation operations. The developed method can be applied to enhance the resilience of aviation data transmission systems for air traffic management and prioritize protective measures to ensure flight safety.

1. Ganichev, A.A., Pitelinskiy, K.V., Britvina, V.V. (2024). Statistical analysis of potential information security threats in aircraft onboard networks. Information Security Questions, vol. 1 (144), pp. 11–22. DOI: 10.52190/ 2073-2600_2024_1_11 (in Russian)

2. Krotova, E.L., Andreev, R.A., Andreeva, P.A. (2021). Big data in the aviation industry: application options. International Re-search Journal, 2021, no. 5-1 (107), pp. 6–9. DOI: 10.23670/IRJ.2021.107.5.001 (in Russian)

3. Liu, D., Zhang, J., Cui, J., Ng, S.-X., Maunder, R.G., Hanzo, L. (2021). Deep learning aided packet routing in aeronautical ad-hoc networks relying on real flight data: from single-objective to near-Pareto multi-objective optimization. Networking and Internet Architecture. DOI: 10.48550/arXiv.2110.15145 (accessed: 22.03.2025).

4. Hillebrecht, A., Marks, T., Gollnick, V. (2023). An aeronautical data communication demand model for the North Atlantic oceanic airspace. CEAS Aeronautical Journal, vol. 14, pp. 553–567. DOI: 10.1007/s13272-023-00651-4

5. Adamopoulou, E., Daskalakis, E. (2023). Applications and technologies of big data in the aerospace domain. Electronics, vol. 12, issue 10, ID: 2225. DOI: 10.3390/electronics 12102225 (accessed: 22.03.2025).

6. Secera, J., Novak, A. (2021). The future of data communication in Aviation 4.0 environment. INCAS Bulletin, vol. 13, issue 3, pp. 165–178. DOI: 10.13111/2066-8201.2021. 13.3.14

7. Dou, X. (2020). Big data and smart aviation information management system. Cogent Business & Management, vol. 7, issue 1. DOI: 10.1080/23311975.2020.1766736 (accessed: 22.03.2025).

8. Hu, W., Li, J., Cheng, J., Guo, H., Xie, H. (2020). Security monitoring of hetero-geneous networks for big data based on distributed association algorithm. Computer Communications, vol. 152, pp. 206–214.

9. Ganichev, A.A., Pitelinskiy, K.V., Kesel, S.A., Pikov, V.A. (2024). Threat model of unauthorized interference in wireless avionics information systems. Information Security Questions, no. 4 (147), pp. 35–43. DOI: 10.52190/2073-2600_2024_4_35 (in Russian)

10. Petrov, V.I. (2017). The technique of analysis of software of on-board computers of air vessel to absence of undeclared capabilities by signature-heuristic way. Civil Aviation High Technologies, vol. 20, no. 1, pp. 186–193. (in Russian)

11. Shawly, T., Elghariani, A., Kobes, J., Ghafoor, A. (2019). Architectures for detecting interleaved multi-stage network attacks using hidden Markov models. IEEE Transactions on Dependable and Secure Computing, vol. 18, no. 5, pp. 2316–2330. DOI: 10.1109/TDSC.2019.2948623

12. Kotenko, I., Gaifulina, D., Zelichenok, I. (2022). Systematic literature review of security event correlation methods. IEEE Ac-cess, vol. 10, pp. 43387–43420. DOI: 10.1109/ACCESS.2022.3168976

13. Maosa, H., Ouazzane, K., Ghanem, M.C. (2024). A hierarchical security event correlation model for real-time threat detection and response. Network, vol. 4, no. 1, pp. 68–90. DOI: 10.3390/network4010004 (accessed: 22.03.2025).

14. Cheng, Q., Shen, Y., Kong, D., Wu, C. (2021). STEP: Spatial-temporal network security event prediction. Cryptography and Security. DOI: 10.1109/TIFS.2024.1234567 (accessed: 22.03.2025).

15. Israfilov, A. (2024). Contemporary challenges in cybersecurity of unmanned aerial systems. Universum: Technical Sciences, no. 2 (119). Available at: https://7universum.com/ru/tech/archive/item/16760. (accessed: 22.03.2025). (in Russian)

16. Lyanguzov, D.A., Plusnin, N.I. (2023). Security and vulnerability of unmanned aerial vehicle networks: review. Izvestiya Tulskogo gosudarstvennogo universiteta. Tekhnicheskiye nauki, no. 7, pp. 528–529. DOI: 10.24412/2071-6168-2023-7-528-529

17. Corretjer, P.J. (2018). A cybersecurity analysis of today’s commercial aircrafts and aviation industry systems: A thesis master of science. USA. NY: Utica College, 22 p.

18. Kessler, G.C., Craiger, J.P. (2018). Aviation cybersecurity: An overview. NTAS. Available at: https://commons.erau.edu/ntas/ 2018/presentations/37/ (accessed: 22.03.2025).

19. Liu, L.J. (2017). Research and application of improved Apriori algorithm. Computer Engineering and Design, vol. 38, no. 12, pp. 3324–3328.

20. Wang, J.M., Yuan, W. (2018). Improved FP-Growth algorithm based on node table. Computer Engineering and Design, vol. 39, no. 1, pp. 140–145.

21. Srinadh, V. (2022). Evaluation of Apriori, FP-Growth and Eclat association rule mining algorithms. International Journal of Health Sciences, vol. 6, no. S 2, pp. 7475–7485. DOI: 10.53730/ijhs.v6nS2.6729

22. Srivastava, A., Sinha, D. (2023). FP growth-based zero-day attack signature extraction & detection model for high-volume attacks on real-time data stream. SSRN, 38 p. DOI: 10.2139/ssrn.4701527 (accessed: 22.03.2025).

23. Ali, H., Salleh, M.N.M., Saedudin, R., Hussain, K., Mushtaq, M.F. (2019). Imbalance class problems in data mining: A review. Indonesian Journal of Electrical Engineering and Computer Science, vol. 14, no. 3, pp. 1552–1563. DOI: 10.11591/ijeecs.v14.i3.pp1552-1563