{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,24]],"date-time":"2026-03-24T00:24:12Z","timestamp":1774311852359,"version":"3.50.1"},"reference-count":47,"publisher":"MDPI AG","issue":"2","license":[{"start":{"date-parts":[[2021,4,14]],"date-time":"2021-04-14T00:00:00Z","timestamp":1618358400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["JCP"],"abstract":"<jats:p>Marine network protocols are domain-specific network protocols that aim to incorporate particular features within the specialized marine context that devices are implemented in. Devices implemented in such vessels involve critical equipment; however, limited research exists for marine network protocol security. In this paper, we provide an analysis of several marine network protocols used in today\u2019s vessels and provide a classification of attack risks. Several protocols involve known security limitations, such as Automated Identification System (AIS) and National Marine Electronic Association (NMEA) 0183, while newer protocols, such as OneNet provide more security hardiness. We further identify several challenges and opportunities for future implementations of such protocols.<\/jats:p>","DOI":"10.3390\/jcp1020013","type":"journal-article","created":{"date-parts":[[2021,4,14]],"date-time":"2021-04-14T04:21:08Z","timestamp":1618374068000},"page":"239-251","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":28,"title":["Marine Network Protocols and Security Risks"],"prefix":"10.3390","volume":"1","author":[{"given":"Ky","family":"Tran","sequence":"first","affiliation":[{"name":"Computer Science Department, Western Washington University, Bellingham, WA 98226, USA"}]},{"given":"Sid","family":"Keene","sequence":"additional","affiliation":[{"name":"Computer Science Department, Western Washington University, Bellingham, WA 98226, USA"}]},{"given":"Erik","family":"Fretheim","sequence":"additional","affiliation":[{"name":"Computer Science Department, Western Washington University, Bellingham, WA 98226, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6898-952X","authenticated-orcid":false,"given":"Michail","family":"Tsikerdekis","sequence":"additional","affiliation":[{"name":"Computer Science Department, Western Washington University, Bellingham, WA 98226, USA"}]}],"member":"1968","published-online":{"date-parts":[[2021,4,14]]},"reference":[{"key":"ref_1","unstructured":"Proc, J. (2021, February 23). The Story of Portishead Radio: Long Range Maritime Radio Communications: 1920\u20131995. Available online: http:\/\/jproc.ca\/radiostor\/portis1.html."},{"key":"ref_2","unstructured":"National Oceanic And Atmospheric Administrator (2021). History of the Program."},{"key":"ref_3","unstructured":"Inmarsat Government (2021). History of the Program."},{"key":"ref_4","unstructured":"National Marine Electronics Association (2002). NMEA 0183\u2013Standard for Interfacing Marine Electronic Devices, National Marine Electronics Association."},{"key":"ref_5","unstructured":"National Marine Electronic Association (2016). NMEA 2000\u00ae Interface Standard Standard for Serial-Data Networking of Marine Electronic Devices, National Marine Electronic Association."},{"key":"ref_6","unstructured":"Marine and Coastguard Agency (2021, April 12). Radio: Operational Guidance on the Use of VHF Radio and Automatic Identification Systems (AIS) at Sea, Available online: https:\/\/assets.publishing.service.gov.uk\/government\/uploads\/system\/uploads\/attachment_data\/file\/442648\/MGN_324Corr.pdf."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Shoab, M., Jain, K., Anulhaq, M., and Shashi, M. (2013, January 22\u201323). Development and implementation of NMEA interpreter for real time GPS data logging. Proceedings of the 2013 3rd IEEE International Advance Computing Conference (IACC), Ghaziabad, India.","DOI":"10.1109\/IAdCC.2013.6514210"},{"key":"ref_8","unstructured":"Federal Communications Commission (2017). Global Maritime Distress and Safety System (GMDSS)."},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"Xu, H., Heijmans, J., and Visser, J. (2013, January 18\u201320). A Practical Model for Rating Software Security. Proceedings of the 2013 IEEE Seventh International Conference on Software Security and Reliability Companion, Gaithersburg, MD, USA.","DOI":"10.1109\/SERE-C.2013.11"},{"key":"ref_10","unstructured":"National Marine Electronic Association (2021). Basic NMEA 2000\u00ae Installer Training, National Marine Electronic Association."},{"key":"ref_11","unstructured":"Hester, P., and Highsmith, W. (2021, April 12). Method and Apparatus for Channel Allocation Integrity in a Communication Network. Available online: https:\/\/patentimages.storage.googleapis.com\/pdfs\/US5349580.pdf."},{"key":"ref_12","first-page":"657","article-title":"A Study on Cyber Security Requirements of Ship Using Threat Modeling","volume":"29","author":"Jo","year":"2019","journal-title":"J. Korea Inst. Inf. Secur. Cryptol."},{"key":"ref_13","unstructured":"Van Herrewege, A., Singelee, D., and Verbauwhede, I. (2011, January 28\u201329). CANAuth-a simple, backward compatible broadcast authentication protocol for CAN bus. Proceedings of the ECRYPT Workshop on Lightweight Cryptography, Louvain-la-Neuve, Belgium."},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Siddiqui, A.S., Gui, Y., Plusquellic, J., and Saqib, F. (2017, January 6\u20139). Secure communication over CANBus. Proceedings of the 2017 IEEE 60th International Midwest Symposium on Circuits and Systems (MWSCAS), Boston, MA, USA.","DOI":"10.1109\/MWSCAS.2017.8053160"},{"key":"ref_15","first-page":"21","article-title":"The CIA Strikes Back: Redefining Confidentiality, Integrity and Availability in Security","volume":"10","author":"Samonas","year":"2014","journal-title":"J. Inf. Syst. Secur."},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"Trivedi, K.S., Kim, D.S., Roy, A., and Medhi, D. (2009, January 25\u201328). Dependability and security models. Proceedings of the 2009 7th International Workshop on Design of Reliable Communication Networks, Washington, DC, USA.","DOI":"10.1109\/DRCN.2009.5340029"},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"155","DOI":"10.1080\/23738871.2017.1366536","article-title":"Security and privacy in the internet of things","volume":"2","author":"Maple","year":"2017","journal-title":"J. Cyber Policy"},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"69","DOI":"10.1016\/j.cosrev.2017.07.001","article-title":"Privacy issues in intrusion detection systems: A taxonomy, survey and future directions","volume":"25","author":"Niksefat","year":"2017","journal-title":"Comput. Sci. Rev."},{"key":"ref_19","unstructured":"Garmin (2021, March 07). Boat Antennas and Sensors. Available online: https:\/\/buy.garmin.com\/en-US\/US\/on-the-water\/antennas_sensors\/cOnTheWater-c10538-p1.html."},{"key":"ref_20","unstructured":"Wullems, C., Pozzobon, O., Looi, M., and Kubik, K. (2003, January 20\u201321). Enhancing the Trust of Location Acquisition Systems for Critical Applications and Location-Based Security Services. Proceedings of the 4th Australian Information Warfare & IT Security Conference, Enhancing Trust, Adelaide, Australia."},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Deering, S.R. (1998). Hinden Internet Protocol, Version6 (IPv6) Specification. RFC2460, Available online: https:\/\/www.hjp.at\/doc\/rfc\/rfc2460.html.","DOI":"10.17487\/rfc2460"},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Nikander, P. (2001). Denial-of-service, address ownership, and early authentication in the IPv6 world. International Workshop on Security Protocols, Springer.","DOI":"10.1007\/3-540-45807-7_3"},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"1900","DOI":"10.1109\/LCOMM.2012.100812.121517","article-title":"An Integrated Approach to Prevent Address Spoofing in IPv6 Links","volume":"16","author":"Bagnulo","year":"2012","journal-title":"IEEE Commun. Lett."},{"key":"ref_24","first-page":"100","article-title":"IPv6 security vulnerabilities","volume":"1","author":"Dawood","year":"2012","journal-title":"Int. J. Inf. Secur. Sci."},{"key":"ref_25","doi-asserted-by":"crossref","unstructured":"Shue, C.A., Gupta, M., and Myers, S.A. (2007, January 24\u201328). IPSec: Performance Analysis and Enhancements. Proceedings of the 2007 IEEE International Conference on Communications, Glasgow, Scotland.","DOI":"10.1109\/ICC.2007.256"},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"Schulz, M., Klapper, P., Hollick, M., Tews, E., and Katzenbeisser, S. (2016, January 18\u201320). Trust The Wire, They Always Told Me! On Practical Non-Destructive Wire-Tap Attacks Against Ethernet. Proceedings of the 9th ACM Conference on Security & Privacy in Wireless and Mobile Networks, Darmstadt, Germany.","DOI":"10.1145\/2939918.2940650"},{"key":"ref_27","doi-asserted-by":"crossref","unstructured":"Anbar, M., Abdullah, R., Saad, R.M., Alomari, E., and Alsaleem, S. (2016). Review of security vulnerabilities in the IPv6 neighbor discovery protocol. Information Science and Applications (ICISA) 2016, Springer.","DOI":"10.1007\/978-981-10-0557-2_59"},{"key":"ref_28","unstructured":"Voss, W. (2008). A Comprehensible Guide to Controller Area Network, Copperhill Media."},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Hou, C., Jiang, H., Yang, Y., Rui, W., and Hu, L. (2010, January 27). Research on Implementing Real Time Ethernet for Ship Power System. Proceedings of the 2010 2nd International Workshop on Intelligent Systems and Applications, Wuhan, China.","DOI":"10.1109\/IWISA.2010.5473577"},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"Furumoto, K., Kolehmainen, A., Silverajan, B., Takahashi, T., Inoue, D., and Nakao, K. (2020, January 2\u20136). Toward Automated Smart Ships: Designing Effective Cyber Risk Management. Proceedings of the 2020 International Conferences on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData) and IEEE Congress on Cybermatics (Cybermatics), Rhodes, Greece.","DOI":"10.1109\/iThings-GreenCom-CPSCom-SmartData-Cybermatics50389.2020.00034"},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"90","DOI":"10.1109\/MCOM.001.1900632","article-title":"Vessels Cybersecurity: Issues, Challenges, and the Road Ahead","volume":"58","author":"Caprolu","year":"2020","journal-title":"IEEE Commun. Mag."},{"key":"ref_32","doi-asserted-by":"crossref","unstructured":"Taylor, A., Japkowicz, N., and Leblanc, S. (2015, January 14\u201316). Frequency-based anomaly detection for the automotive CAN bus. Proceedings of the 2015 World Congress on Industrial Control Systems Security (WCICSS), London, UK.","DOI":"10.1109\/WCICSS.2015.7420322"},{"key":"ref_33","doi-asserted-by":"crossref","unstructured":"Kim, J., Yim, J., Kang, Y., and Park, Y. (2015, January 28\u201330). Comparison of COTS inertial sensors for getting marine elevator\u2019s platform tilt values. Proceedings of the 2015 International Conference on Information and Communication Technology Convergence (ICTC), Jeju, Korea.","DOI":"10.1109\/ICTC.2015.7354720"},{"key":"ref_34","unstructured":"LabSat (2021, February 23). LabSat 3. Available online: https:\/\/www.labsat.co.uk\/index.php\/en\/products\/labsat-3."},{"key":"ref_35","unstructured":"NMEAsoft (2021, February 23). GPS Simulator. Available online: http:\/\/www.nmeasoft.com\/product\/gpssimulator\/."},{"key":"ref_36","first-page":"149","article-title":"An Attack on an Integrated Navigation System","volume":"3","author":"Lund","year":"2018","journal-title":"Necesse"},{"key":"ref_37","doi-asserted-by":"crossref","unstructured":"Balduzzi, M., Pasta, A., and Wilhoit, K. (2014, January 8\u201312). A security evaluation of AIS automated identification system. Proceedings of the 30th Annual Computer Security Applications Conference, New Orleans, LA, USA.","DOI":"10.1145\/2664243.2664257"},{"key":"ref_38","first-page":"279","article-title":"Protected AIS: A demonstration of capability scheme to provide authentication and message integrity","volume":"14","author":"Kessler","year":"2020","journal-title":"TransNav Int. J. Mar. Navig. Saf. Sea Transp."},{"key":"ref_39","unstructured":"Stewart, A., Rice, E., and Safonov, P. (2021, April 12). Digital Authentication Strategies for the Automated Identification System. Available online: http:\/\/micsymposium.org\/mics2018\/proceedings\/MICS_2018_paper_64.pdf."},{"key":"ref_40","unstructured":"National Marine Electronics Association (2021). OneNet Standard for IP Networking of Marine Electronic Devices, National Marine Electronics Association. Available online: https:\/\/www.nmea.org\/content\/STANDARDS\/OneNet."},{"key":"ref_41","doi-asserted-by":"crossref","first-page":"55","DOI":"10.1007\/s12567-018-0214-8","article-title":"VHF Data Exchange System (VDES): An enabling technology for maritime communications","volume":"11","author":"Raulefs","year":"2019","journal-title":"CEAS Space J."},{"key":"ref_42","doi-asserted-by":"crossref","unstructured":"Ruan, N., and Hori, Y. (2012, January 2\u20134). DoS attack-tolerant TESLA-based broadcast authentication protocol in Internet of Things. Proceedings of the 2012 International Conference on Selected Topics in Mobile and Wireless Networking, Avignon, France.","DOI":"10.1109\/iCOST.2012.6271291"},{"key":"ref_43","unstructured":"Perrig, A., Canetti, R., Tygar, J.D., and Song, D. (2000, January 14\u201317). Efficient authentication and signing of multicast streams over lossy channels. Proceedings of the 2000 IEEE Symposium on Security and Privacy (S P 2000), Berkeley, CA, USA."},{"key":"ref_44","doi-asserted-by":"crossref","first-page":"3969","DOI":"10.3233\/JIFS-190159","article-title":"Distributed denial of service attack detection using autoencoder and deep neural networks","volume":"37","author":"Catak","year":"2019","journal-title":"J. Intell. Fuzzy Syst."},{"key":"ref_45","unstructured":"Thames, L.S.D. (2017). Decentralized Cyber-Physical Systems: A Paradigm for Cloud-Based Smart Factory of Industry 4.0. Cybersecurity for Industry 4.0, Springer."},{"key":"ref_46","doi-asserted-by":"crossref","unstructured":"Luo, H., Wu, K., Guo, Z., Gu, L., Yang, Z., and Ni, L.M. (2011, January 20\u201324). SID: Ship Intrusion Detection with Wireless Sensor Networks. Proceedings of the 2011 31st International Conference on Distributed Computing Systems, Minneapolis, MN, USA.","DOI":"10.1109\/ICDCS.2011.21"},{"key":"ref_47","unstructured":"Watrobski, P., Klosterman, J., Barker, W., and Souppaya, M. (2020). Methodology for Characterizing Network Behavior of Internet of Things Devices (Draft), Technical Report."}],"container-title":["Journal of Cybersecurity and Privacy"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2624-800X\/1\/2\/13\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T05:47:47Z","timestamp":1760161667000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2624-800X\/1\/2\/13"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,4,14]]},"references-count":47,"journal-issue":{"issue":"2","published-online":{"date-parts":[[2021,6]]}},"alternative-id":["jcp1020013"],"URL":"https:\/\/doi.org\/10.3390\/jcp1020013","relation":{},"ISSN":["2624-800X"],"issn-type":[{"value":"2624-800X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,4,14]]}}}