With the growing reliance on the vulnerable Automatic Dependent Surveillance-Broadcast (ADS-B) protocol in air traffic management (ATM), ensuring security is critical. This study investigates emerging machine learning models and training strategies to improve AI-based intrusion detection systems (IDS) for ADS-B. Focusing on ground-based ATM systems, we evaluate two deep learning IDS implementations: one using a transformer encoder and the other an extended Long Short-Term Memory (xLSTM) network, marking the first xLSTM-based IDS for ADS-B. A transfer learning strategy was employed, involving pre-training on benign ADS-B messages and fine-tuning with labeled data containing instances of tampered messages. Results show this approach outperforms existing methods, particularly in identifying subtle attacks that progressively undermine situational awareness. The xLSTM-based IDS achieves an F1-score of 98.9%, surpassing the transformer-based model at 94.3%. Tests on unseen attacks validated the generalization ability of the xLSTM model. Inference latency analysis shows that the 7.26-second delay introduced by the xLSTM-based IDS fits within the Secondary Surveillance Radar (SSR) refresh interval (5-12 s), although it may be restrictive for time-critical operations. While the transformer-based IDS achieves a 2.1-second latency, it does so at the cost of lower detection performance.

翻译：随着空中交通管理日益依赖脆弱的广播式自动相关监视协议，确保其安全性至关重要。本研究探讨了新兴的机器学习模型与训练策略，以改进基于人工智能的ADS-B入侵检测系统。聚焦地基空中交通管理系统，我们评估了两种深度学习入侵检测实施方案：一种采用Transformer编码器，另一种采用扩展长短期记忆网络，后者标志着首个基于xLSTM的ADS-B入侵检测系统。研究采用迁移学习策略，包括在良性ADS-B消息上进行预训练，并使用包含篡改消息实例的标注数据进行微调。结果表明，该方法优于现有技术，尤其在识别逐步破坏态势感知的隐蔽攻击方面表现突出。基于xLSTM的入侵检测系统取得了98.9%的F1分数，优于基于Transformer模型的94.3%。对未知攻击的测试验证了xLSTM模型的泛化能力。推理延迟分析显示，基于xLSTM的入侵检测系统引入的7.26秒延迟处于二次监视雷达刷新间隔范围内，但对于时间关键型操作可能构成限制。虽然基于Transformer的入侵检测系统实现了2.1秒的延迟，但这是以降低检测性能为代价的。