ADS-B is the backbone of modern air-traffic surveillance, yet it was designed for safety and openness, not security: its messages are not authenticated and not encrypted. This is the complete, plain-English reference to the resulting attack surface — every major attack class, the surge in real-world GNSS spoofing, and the concrete ways these attacks are detected. Maintained alongside an open, citable benchmark dataset.
For a decade, ADS-B attacks lived mostly in security papers. That changed. Industry monitors now report a steep, sustained rise in GNSS (GPS) spoofing affecting civil aviation — Aireon observed roughly a 500% increase in spoofing activity, with on the order of 1,500 flights per day affected in 2025 versus a few hundred in early 2024, and EASA recorded about 6,000 spoofing events in 2024, a quarter of them during approach. Activity clusters near conflict zones but is no longer confined to them.
Figures as reported by Aireon and EASA; see references below. AeroScope is an independent observer-relative platform — it does not control air-traffic systems; it makes these signals legible and flags the inconsistencies attacks leave behind.
ADS-B was standardised to make aviation safer and more open — every aircraft continuously announces where it is so everyone can see it. Security was not a design goal. Three properties create the entire attack surface:
Researchers demonstrated practical attacks over a decade ago using inexpensive software-defined radios — Schäfer, Lenders & Martinovic showed low-cost injection of fake messages in 2013, and Strohmeier, Lenders & Martinovic mapped the protocol's security in their 2015 IEEE survey. The hardware has only gotten cheaper since. How ADS-B works →
| Attack | What it does | Effect on the picture |
|---|---|---|
| Eavesdropping | Passively receive all traffic in range | Privacy / reconnaissance; no signal change |
| Jamming | Flood 1090 MHz with noise | Denial of service — aircraft vanish from a whole area |
| Message injection (ghost aircraft) | Transmit fabricated frames for non-existent aircraft | Phantom targets appear; controllers/operators chase nothing |
| Message deletion | Cancel a target's frames via destructive interference | A real aircraft disappears from surveillance |
| Message modification | Alter fields of a real aircraft's broadcasts | Virtual trajectory change — wrong altitude, position or identity |
| Replay | Re-broadcast previously recorded messages | Plausible but stale/duplicated tracks |
| Flooding / DoS | Saturate receivers with high-rate valid-looking frames | Processing overload; real targets crowded out |
| GNSS / GPS spoofing | Fake the satellite signals the aircraft navigates by | The aircraft honestly reports a false position via ADS-B |
The first seven attack the ADS-B link directly. The eighth — GNSS spoofing — is different and increasingly the dominant real-world threat, so it deserves its own section.
The attacker forges the radio message. The aircraft (real or fabricated) "says" something false because someone else transmitted it. Defended by checking message integrity and cross-validating against independent receivers.
The attacker forges the satellite signal. A real aircraft's GPS computes the wrong position, and the aircraft then broadcasts that wrong position truthfully over ADS-B. This is the surge driving 2024–2025 incidents, often near conflict zones.
Drones widen the attack surface from two directions. A compliant drone broadcasting Remote ID can have that broadcast spoofed just like ADS-B. And most small drones broadcast nothing on these frequencies at all — a deliberate-intrusion blind spot that ADS-B alone cannot close. AeroScope flags Remote-ID and low-and-slow candidates honestly, and is explicit that a fully silent drone is invisible to cooperative surveillance. Drone detection →
Because ADS-B cannot be authenticated cryptographically (today), defence is about cross-checking every broadcast against things an attacker cannot easily fake at once: physics, message-integrity metadata, and independent geometry.
A DO-260B-style validation of NIC/NACp/NACv/SIL — a fabricated message often gets these wrong or claims precision its track can't support. Integrity model →
A Kalman filter predicts the next position; spoofs that teleport, freeze or exceed the performance envelope fail the normalised-innovation test.
Geometric-vs-barometric altitude, ground-speed-vs-Mach and track-vs-heading should agree on a real airframe; contradictions betray fabrication.
A genuine aircraft is heard by many independent receivers; multilateration and inter-network agreement expose single-source or geometry-inconsistent signals. Multi-source fusion →
Six independent torch-free detectors (River, IsolationForest, pykalman, OpenAP, stumpy, PyOD) vote; a flag fires only on agreement. Detectors →
The signals roll into an explainable 0–100 attention score so a human looks at the right aircraft first — a ranker, never an automated accusation. Threat scoring →
This is precisely what AeroScope runs on every aircraft, every cycle, fused across 60+ public receiver networks. See the end-to-end method on how to detect ADS-B spoofing.
Detection research has long been held back by the lack of shared, labelled, openly-licensed attack data. AeroScope publishes the ADS-B Anomaly Benchmark v1 (CC-BY 4.0): real airborne traffic paired with synthetically injected attacks from the standard taxonomy (altitude/velocity tampering, ghost kinematics, integrity-field downgrade; methodology after Habler & Shabtai, 2018), across 38 documented columns, with a reproducible IsolationForest baseline (ROC-AUC ≈ 0.87). Use it to build and compare your own detectors — also on Hugging Face. Dataset & card →
· Strohmeier, M., Lenders, V. & Martinovic, I. (2015). On the Security of the Automatic Dependent Surveillance-Broadcast Protocol. IEEE Communications Surveys & Tutorials.
· Schäfer, M., Lenders, V. & Martinovic, I. (2013). Experimental Analysis of Attacks on Next Generation Air Traffic Communication. ACNS.
· Habler, E. & Shabtai, A. (2018). Using LSTM encoder-decoder algorithm for detecting anomalous ADS-B messages. Computers & Security. arXiv:1711.10192
· EASA (2024) reporting on GNSS spoofing/jamming events affecting civil aviation.
· Aireon (2025). Observations of trends in GPS anomalies affecting aviation (white paper).
· OPSGROUP (2025). GPS Spoofing Workgroup — Final Report.