Conference paper Open Access

Guiding Ship Navigators through the Heavy Seas of Cyberattacks

von Rechenberg, Merlin; Rößler, Nina; Schmidt, Mari; Wolsing, Konrad; Motz, Florian; Bergmann, Michael; Padilla, Elmar; Bauer, Jan

The entire maritime sector, encompassing not only on-shore systems but especially systems onboard vessels, is increasingly endangered by threats from cyberspace. Implementing preventive security like cryptography into existing systems can be costly. Thus, network-based Intrusion Detection Systems (NIDSs) promise to be a retrofittable security solution that alerts suspicious network behavior. Regarding vessels, however, there is still a lack of NIDSs detecting sophisticated cyberattacks manipulating nautical data, e.g., by spoofing a vessel’s course and position. Moreover, the intended users of such NIDSs onboard vessels would be nautical operators rather than cybersecurity experts, although interpreting the alarms of a typical NIDS and understanding their consequences requires expert knowledge in cybersecurity. For this reason, we present a Cyber Incident Monitor (CIM), a security framework combining a specialized maritime NIDS to detect sophisticated attacks in maritime networks with a customized human machine interface (HMI) providing tailored guidance for nautical operators to respond adequately in the event of a cyberattack. Using simulations, we show that CIM detects attacks quickly and through usability tests involving nautical experts, we derive helpful advice for the HMI development. Overall, CIM enables the detection of maritime cyberattacks while providing alerts and recommendations to navigators to take appropriate measures in a timely manner.

The work in this paper was partially funded by the German Federal Ministry for Digital and Transport (BMDV) as part of the project SINAV (project 40.0404/2019).
Files (344.9 kB)
Name Size
344.9 kB Download
All versions This version
Views 227227
Downloads 125125
Data volume 43.1 MB43.1 MB
Unique views 208208
Unique downloads 109109


Cite as