Aircraft are becoming increasingly connected to other systems or networks, introducing attack vectors and posing a threat to their operational effectiveness. Many military aircraft function using the MIL-STD-1553 protocol in order to communicate information across its systems. Previous intrusion detection research on this type of data bus is unable to detect spoofing attacks where only data words are manipulated. This paper presents the design of a MIL-STD-1553 anomaly-based intrusion detection system able to identify those attacks through the use of a novel histogram comparison approach and time-based features. The approach includes optimizations for improved time resolution in threat identification. Results demonstrate the effectiveness of the approach in identifying threats quickly and accurately.

中文翻译：

---

MAIDENS：使用基于时间的直方图比较的 MIL-STD-1553 基于异常的入侵检测系统

飞机越来越多地与其他系统或网络连接，引入了攻击媒介并对其运营效率构成威胁。许多军用飞机使用 MIL-STD-1553 协议运行，以便在其系统之间传递信息。以前对此类数据总线的入侵检测研究无法检测仅操纵数据字的欺骗攻击。本文介绍了一种基于 MIL-STD-1553 异常的入侵检测系统的设计，该系统能够通过使用一种新颖的直方图比较方法和基于时间的特征来识别这些攻击。该方法包括优化以提高威胁识别的时间分辨率。结果证明了该方法在快速准确地识别威胁方面的有效性。