Wei Zhang1, Bing Bu2, Hongwei Wang1
12:15 - 12:30 | Mon 28 Oct | The Great Room III | MoD-T4.2
Communication-based train control (CBTC) technologies are widely applied in order to improve the efficiency and safety of urban rail transit systems. With the increase of informatization and automation through utilization of communication, computer and control technologies, amounts of potential security vulnerabilities are introduced into CBTC systems, where malicious attacks could be implemented. Some attacks, such as data tampering attacks cannot be efficiently detected by traditional IDS mechanisms, which can affect the safety operation of CBTC systems, e.g., rear-end collisions. Based on the operation principles and information exchange characteristics of CBTC systems, the paper firstly proposes a model to measure the effects of data tampering attacked on trains, and an intrusion detection method is developed based on the running status of the train through Kalman filter and χ2 detector. The method improves the χ2 detector to detect data tampering attacks and continuously output alarms during the attack. The improved method has higher accuracy and a lower false negative rate.