{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,5]],"date-time":"2026-06-05T02:10:57Z","timestamp":1780625457167,"version":"3.54.1"},"reference-count":46,"publisher":"MDPI AG","issue":"9","license":[{"start":{"date-parts":[[2021,5,4]],"date-time":"2021-05-04T00:00:00Z","timestamp":1620086400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>In the maritime sector, the integration of radar systems, Automatic Identification System (AIS) and Electronic Chart Display and Information System (ECDIS) through digital technologies enables several benefits to maritime operations, but also make ships prone to cyberattacks. In this context, this work investigates the feasibility of an attacker using a radar system or AIS as open door to remotely send commands to a cyber threat hosted on a ship, even if the ship\u2019s systems are air gapped\u2014i.e., are not connected to other networks. The received commands are intended to trigger a cyber threat located in the ship. Although the literature covers several analyzes on cyber risks and vulnerabilities in naval systems, it lacks exploiting mechanisms capable of acknowledging attack commands received through radar and AIS. To this end, this work proposes a triggering mechanism that uses a template matching technique to detect specific patterns transmitted by the attacker to the ship\u2019s radar or AIS. The results show the effectiveness of the proposed technique as a tool to acknowledge the received attack commands and activate a malicious code previously installed on the ship. In the case of attacks on a radar system, the accuracy achieved by the proposed method is 0.90. In the case of attacks on an AIS\/ECDIS setup it presents an accuracy of 0.93. In both cases the proposed mechanism maintains the due safety against accidental attack activations.<\/jats:p>","DOI":"10.3390\/s21093195","type":"journal-article","created":{"date-parts":[[2021,5,5]],"date-time":"2021-05-05T22:51:42Z","timestamp":1620255102000},"page":"3195","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":43,"title":["A Triggering Mechanism for Cyber-Attacks in Naval Sensors and Systems"],"prefix":"10.3390","volume":"21","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-1904-2126","authenticated-orcid":false,"given":"Walmor Cristino","family":"Leite Junior","sequence":"first","affiliation":[{"name":"Naval War College, Brazilian Navy, Rio de Janeiro 22290-255, Brazil"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Claudio Coreixas","family":"de Moraes","sequence":"additional","affiliation":[{"name":"Naval Systems Analysis Centre, Brazilian Navy, Rio de Janeiro 20091-000, Brazil"},{"name":"Ocean Technology Laboratory\u2014LabOceano\/COPPE, Federal University of Rio de Janeiro, Rio de Janeiro 21941-907, Brazil"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5644-4167","authenticated-orcid":false,"given":"Carlos E. P.","family":"de Albuquerque","sequence":"additional","affiliation":[{"name":"Institute of Computing, Fluminense Federal University, Niter\u00f3i 24210-310, Brazil"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Raphael Carlos Santos","family":"Machado","sequence":"additional","affiliation":[{"name":"Institute of Computing, Fluminense Federal University, Niter\u00f3i 24210-310, Brazil"},{"name":"National Institute of Metrology, Quality and Technology, Duque de Caxias 25250-020, Brazil"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6311-9672","authenticated-orcid":false,"given":"Alan Oliveira","family":"de S\u00e1","sequence":"additional","affiliation":[{"name":"Admiral Wandenkolk Instruction Center, Brazilian Navy, Rio de Janeiro 20180-003, Brazil"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"1968","published-online":{"date-parts":[[2021,5,4]]},"reference":[{"key":"ref_1","unstructured":"Ruffle, S., Coburn, A., Skelton, A., Evan, T., Kesaite, V., Coppack, L., and Maynard, T. (2018). Steering the Course\u2014A Different Approach to Modelling Marine Risk, Lloyd\u2019s. Emerging Risk Report."},{"key":"ref_2","unstructured":"Daffron, J., Ruffle, S., Andrew, C., Copic, J., and Quantrill, K. (2019). Bashe Attack: Global Infection by Contagious Malware, Nanyang Technological University."},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"6617","DOI":"10.1109\/TII.2020.2976840","article-title":"Shipping 4.0: Security Requirements for the Cyber-Enabled Ship","volume":"16","author":"Kavallieratos","year":"2020","journal-title":"IEEE Trans. Ind. Inform."},{"key":"ref_4","doi-asserted-by":"crossref","unstructured":"Lund, M.S., Gulland, J.E., Hareide, O.S., Josok, E., and Weum, K.O.C. (June, January 30). Integrity of Integrated Navigation Systems. Proceedings of the 2018 IEEE Conference on Communications and Network Security (CNS), Beijing, China.","DOI":"10.1109\/CNS.2018.8433151"},{"key":"ref_5","unstructured":"International Maritime Organization (IMO) (2017). Facilitation Committee and Maritime Safety Committee. Guidelines on Mari-Time Cyber Risk Management (MSC-FAL.1\/Circ.3, 5.7.2017), International Maritime Organization (IMO)."},{"key":"ref_6","unstructured":"The President of the United States (2021, March 19). National Maritime Cybersecurity Plan, Available online: https:\/\/www.hsdl.org\/?view&did=848704."},{"key":"ref_7","unstructured":"Clarke, R.A., and Knake, R.K. (2014). Cyber War, Tantor Media, Incorporated."},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"34","DOI":"10.1109\/MSPEC.2008.4505310","article-title":"The Hunt for the Kill Switch","volume":"45","author":"Adee","year":"2008","journal-title":"IEEE Spectrum"},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"34","DOI":"10.1080\/15027570.2013.785126","article-title":"Other-than-Internet (OTI) cyberwarfare: Challenges for ethics, law, and policy","volume":"12","author":"Dipert","year":"2013","journal-title":"J. Mil. Ethics"},{"key":"ref_10","first-page":"125","article-title":"A novel data fusion algorithm to combat false data injection attacks in net-worked radar systems","volume":"4","author":"Yang","year":"2018","journal-title":"IEEE Trans. Signal Inf. Process. Netw."},{"key":"ref_11","unstructured":"ITU Radiocommunication Sector (2021, April 30). ITU-R M.1371-5 (02\/2014). Technical Characteristics for an Automatic Identification System Using Time-Division Multi-ple Access in the VHF Maritime Mobile Band. Geneva. Available online: https:\/\/www.itu.int\/rec\/R-REC-M.1371-5-201402-I\/en."},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"1108","DOI":"10.1017\/S0373463318001157","article-title":"Maritime Cyber Risk Management: An Experimental Ship Assessment","volume":"72","author":"Svilicic","year":"2019","journal-title":"J. Navig."},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"509","DOI":"10.1007\/s13437-019-00183-x","article-title":"Assessing ship cyber risks: A framework and case study of ECDIS security","volume":"18","author":"Svilicic","year":"2019","journal-title":"WMU J. Marit. Aff."},{"key":"ref_14","first-page":"27","article-title":"Analysis of Cybersecurity Issues in the Maritime Industry","volume":"47","author":"Mednikarov","year":"2020","journal-title":"Inf. Secur. Int. J."},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Liagkou, V., Kavvadas, V., Chronopoulos, S.K., Tafiadis, D., Christofilakis, V., and Peppas, K.P. (2019). Attack detection for healthcare monitoring systems using mechanical learning in virtual private networks over optical transport layer architecture. Computation, 7.","DOI":"10.3390\/computation7020024"},{"key":"ref_16","first-page":"671","article-title":"Deep Learning-Based Hybrid Intelligent Intrusion Detection System","volume":"68","author":"Khan","year":"2021","journal-title":"Comput. Mater. Contin."},{"key":"ref_17","doi-asserted-by":"crossref","unstructured":"Daniya, T., Kumar, K.S., Kumar, B.S., and Kolli, C.S. (2021). A survey on anomaly based intrusion detection system. Mater. Today Proc.","DOI":"10.1016\/j.matpr.2021.03.353"},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Quincozes, S.E., Albuquerque, C., Passos, D., and Moss\u00e9, D. (2021). A survey on intrusion detection and prevention systems in digital substations. Comput. Netw., 184.","DOI":"10.1016\/j.comnet.2020.107679"},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Furumoto, K., Kolehmainen, A., Silverajan, B., Takahashi, T., Inoue, D., and Nakao, K. (2020, January 2\u20136). Toward Automated Smart Ships: De-signing Effective Cyber Risk Management. Proceedings of the 2020 International Conferences on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData) and IEEE Congress on Cybermatics (Cybermatics), Rhodes, Greece.","DOI":"10.1109\/iThings-GreenCom-CPSCom-SmartData-Cybermatics50389.2020.00034"},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Svilicic, B., Rudan, I., Jugovi\u0107, A., and Zec, D. (2019). A Study on Cyber Security Threats in a Shipboard Integrated Navigational System. J. Mar. Sci. Eng., 7.","DOI":"10.3390\/jmse7100364"},{"key":"ref_21","first-page":"231","article-title":"Raising Awareness on Cyber Security of ECDIS","volume":"13","author":"Svilicic","year":"2019","journal-title":"TransNav Int. J. Mar. Navig. Saf. Sea Transp."},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"176","DOI":"10.31217\/p.33.2.7","article-title":"Shipboard ECDIS cyber security: Third-party component threats","volume":"33","author":"Svilicic","year":"2019","journal-title":"Pomorstvo"},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"203","DOI":"10.1007\/s12198-020-00222-2","article-title":"Paperless ship navigation: Cyber security weaknesses","volume":"13","author":"Svilicic","year":"2020","journal-title":"J. Transp. Secur."},{"key":"ref_24","first-page":"429","article-title":"A Taxonomy Framework for Maritime Cybersecurity: A Demonstration Using the Automatic Identification System","volume":"12","author":"Kessler","year":"2018","journal-title":"TransNav Int. J. Mar. Navig. Saf. Sea Transp."},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"410","DOI":"10.1007\/s00773-018-0561-3","article-title":"Towards a secure automatic identification system (AIS)","volume":"24","author":"Goudossis","year":"2019","journal-title":"J. Mar. Sci. Technol."},{"key":"ref_26","first-page":"279","article-title":"Protected AIS: A Demonstration of Capability Scheme to Provide Authentication and Message Integrity","volume":"14","author":"Kessler","year":"2020","journal-title":"TransNav Int. J. Mar. Navig. Saf. Sea Transp."},{"key":"ref_27","first-page":"18","article-title":"Malicious bots threaten network security","volume":"38","author":"Geer","year":"2005","journal-title":"Computer"},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Hachem, N., Ben Mustapha, Y., Granadillo, G.D.G., and DeBar, H. (2011, January 18\u201321). Botnets: Lifecycle and Taxonomy. Proceedings of the 2011 Conference on Network and Information Systems Security, La Rochelle, France.","DOI":"10.1109\/SAR-SSI.2011.5931395"},{"key":"ref_29","unstructured":"Hayes, C.R. (2016). Maritime Cybersecurity: The Future of National Security. [Master\u2019s Thesis, Naval Postgraduate School]."},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"Reed, M., Miller, J.F., and Popick, P. (2014). Supply Chain Attack Patterns: Framework and Catalog.","DOI":"10.21236\/ADA610495"},{"key":"ref_31","doi-asserted-by":"crossref","unstructured":"Barabanov, A., Markov, A., and Tsirlov, V. (2020, January 14\u201316). On Systematics of the Information Security of Software Supply Chains. Proceedings of the Computational Methods in Systems and Software, Vsetin, Czech Republic.","DOI":"10.1007\/978-3-030-63322-6_9"},{"key":"ref_32","first-page":"89","article-title":"The Convergence of Cyber, Electronic and Kinetic Warfare within the Scope of Sea Power","volume":"25","author":"Machado","year":"2018","journal-title":"J. Braz. Nav. War Coll."},{"key":"ref_33","doi-asserted-by":"crossref","first-page":"51","DOI":"10.1002\/navi.183","article-title":"Hostile Control of Ships via False GPS Signals: Demonstration and Detection","volume":"64","author":"Bhatti","year":"2017","journal-title":"Navigation"},{"key":"ref_34","doi-asserted-by":"crossref","unstructured":"Almslmany, A., Wang, C., and Cao, Q. (2016, January 12\u201316). Advanced Deceptive Jamming Model Based on DRFM Sub-Nyquist Sampling. Proceedings of the 2016 13th International Bhurban Conference on Applied Sciences and Technology (IBCAST), Islamabad, Pakistan.","DOI":"10.1109\/IBCAST.2016.7429963"},{"key":"ref_35","doi-asserted-by":"crossref","first-page":"1039","DOI":"10.1109\/JPROC.2015.2512235","article-title":"The Cybersecurity Landscape in Industrial Control Systems","volume":"104","author":"McLaughlin","year":"2016","journal-title":"Proc. IEEE"},{"key":"ref_36","doi-asserted-by":"crossref","first-page":"49","DOI":"10.1109\/MSP.2011.67","article-title":"Stuxnet: Dissecting a Cyberwarfare Weapon","volume":"9","author":"Langner","year":"2011","journal-title":"IEEE Secur. Priv. Mag."},{"key":"ref_37","unstructured":"Zetter, K. (2014). Countdown to Zero Day: Stuxnet and the Launch of the World\u2019s First Digital Weapon, Broadway Books."},{"key":"ref_38","unstructured":"Falliere, N., Murchu, L.O., and Chien, E. (2010). W32. Stuxnet Dossier, Symantec."},{"key":"ref_39","unstructured":"Robertson, J., and Riley, M. (2021, April 30). The Big Hack: How China Used a Tiny Chip to Infiltrate US Companies. Bloomberg Businessweek, Available online: https:\/\/www.bloomberg.com\/news\/features\/2018-10-04\/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies."},{"key":"ref_40","doi-asserted-by":"crossref","first-page":"102","DOI":"10.1504\/IJBIC.2018.091244","article-title":"Embedded implementation of template matching using correlation and particle swarm optimization","volume":"11","author":"Tavares","year":"2018","journal-title":"Int. J. Bio-Inspired Comput."},{"key":"ref_41","unstructured":"International Maritime Organization (IMO) (2015). Resolution A.1106(29) Revised Guidelines for the Onboard Operational Use of Shipborne Automatic Identification Sysetm (AIS), International Maritime Organization (IMO)."},{"key":"ref_42","unstructured":"National Marine Electronics Association (NMEA) (2018). NMEA 0183. Standard for Interfacing Marine Electronic Devices, National Marine Electronics Association (NMEA). Revision 4.11."},{"key":"ref_43","unstructured":"International Association of Marine Aids to Navigation and Lighthouse Authorities (IALA) (2016). IALA 1082. An Overview of AIS, IALA. [2nd ed.]."},{"key":"ref_44","unstructured":"International Electrotechnical Commision (IEC) (2008). IEC 62288. Maritime Navigation and Radiocommunication Equipment and Systems\u2014Presentation of Navigation-Related Information on Shipborne Navigational Displays\u2014General Requirements, Methods of Testing and Required Test Results, International Electrotechnical Commision (IEC)."},{"key":"ref_45","doi-asserted-by":"crossref","unstructured":"Balduzzi, M., Pasta, A., and Wilhoit, K. (2014, January 8\u201312). A security evaluation of AIS automated identification system. Proceedings of the 30th Annual Computer Security Applica-tions Conference on\u2014ACSAC\u201914, New Orleans, LA, USA.","DOI":"10.1145\/2664243.2664257"},{"key":"ref_46","unstructured":"(2021, February 07). Centro de Hidrografia da Marinha, Ba\u00eda de Guanabara. Available online: https:\/\/www.marinha.mil.br\/chm\/dados-do-segnav-cartas-raster\/baia-de-guanabara."}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/21\/9\/3195\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T05:57:10Z","timestamp":1760162230000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/21\/9\/3195"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,5,4]]},"references-count":46,"journal-issue":{"issue":"9","published-online":{"date-parts":[[2021,5]]}},"alternative-id":["s21093195"],"URL":"https:\/\/doi.org\/10.3390\/s21093195","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,5,4]]}}}