Tweet
Tool or Project Name: AIS Tools
Short Abstract: AIS Tools is a suite of Perl-based scripts to create, capture, interpret, and play NMEA 0183 Automatic Identification System (AIS) messages.
Short Developer Bio: Gary Kessler, Ph.D., CISSP is a principal consultant at Fathom5, a retired professor of cybersecurity, and co-author of "Maritime Cybersecurity: A Guide for Leaders and Managers." He is a past speaker at DEFCON, where he has presented on AIS cybersecurity vulnerabilities and an encryption-based demonstration-of-capability method to mitigate some of those vulnerabilities. Gary's background is in mathematics and computer science, and he has spent several decades teaching about network protocols, data communications, digital forensics, and information security. He holds a leadership position in USCG Auxiliary cybersecurity efforts, is a Master SCUBA Diver Trainer, and holds a 50GT captain license.
URL to any additional information:
Detailed Explanation of Tool:
AIS Tools is a suite of Perl scripts that allow a user to customize and parse National Marine Electronics Association (NMEA) 0183 standard AIS messages (seen in over-the-air broadcasts per ITU Recommendation M.1371). It is conceptually based upon the TrendMicro AIS Blacktoolkit, but is an extension intended for research and development purposes by incorporating more message types and standard default values.
The suite includes the following programs and functions:
More detail can be found in https://www.garykessler.net/software/AIS_README.TXT
Supporting Files, Code, etc: https://www.garykessler.net/software/index.html#ais
Target Audience:
Defense, students, researchers, product developers (but, like any good tool, can be used for offense)
This tool is specifically directed at those interested in maritime cybersecurity, particularly with respect to navigation systems, but applies to anyone interested in a deep understanding of the AIS protocol as observed in over-the-air transmissions. It will aid researchers in capturing and analyzing AIS data, and designing scenarios with which to prepare exercises and test products.
Short Abstract: AIS Tools is a suite of Perl-based scripts to create, capture, interpret, and play NMEA 0183 Automatic Identification System (AIS) messages.
Short Developer Bio: Gary Kessler, Ph.D., CISSP is a principal consultant at Fathom5, a retired professor of cybersecurity, and co-author of "Maritime Cybersecurity: A Guide for Leaders and Managers." He is a past speaker at DEFCON, where he has presented on AIS cybersecurity vulnerabilities and an encryption-based demonstration-of-capability method to mitigate some of those vulnerabilities. Gary's background is in mathematics and computer science, and he has spent several decades teaching about network protocols, data communications, digital forensics, and information security. He holds a leadership position in USCG Auxiliary cybersecurity efforts, is a Master SCUBA Diver Trainer, and holds a 50GT captain license.
URL to any additional information:
- https://www.garykessler.net/library/ais_pi.html
- https://www.garykessler.net/software/AIS_README.TXT
- https://gpsd.gitlab.io/gpsd/AIVDM.html
- https://github.com/trendmicro/ais/
Detailed Explanation of Tool:
AIS Tools is a suite of Perl scripts that allow a user to customize and parse National Marine Electronics Association (NMEA) 0183 standard AIS messages (seen in over-the-air broadcasts per ITU Recommendation M.1371). It is conceptually based upon the TrendMicro AIS Blacktoolkit, but is an extension intended for research and development purposes by incorporating more message types and standard default values.
The suite includes the following programs and functions:
- AIS_menu: Allows the user to create a custom NMEA 0183 AIS message by entering parameters specific to a requested message type. (At this time, the tools supports 22 of the 27 message types.) The output of the program is a properly formatted command line with all appropriate switches for the AIS_ping program.
- AIS_ping: AIS_ping allows a user to define an AIS message that will be properly formatted but could, in fact, contain invalid parameter values (a la hping3). The output is a binary string representing the AIS message. The binary string could be directed to a radio transmission (using Blacktoolkit software for GNU Radio) or formatted into one or more AIS sentences using AIS_NMEA.
- AIS_NMEA: This program accepts an AIS message binary string and produces a set of one or more AIS sentences.
- AIS_parser: Decodes an NMEA binary string or AIS sentence, displaying the contents field by field.
- parser2html: Produces HTML formatting of parsed messages.
- timestamp_data: Capture live AIS data from over-the-air transmissions and store the sentences in a file with a timestamp.
- play_ais: Replay timestamped AIS data from a file.
More detail can be found in https://www.garykessler.net/software/AIS_README.TXT
Supporting Files, Code, etc: https://www.garykessler.net/software/index.html#ais
Target Audience:
Defense, students, researchers, product developers (but, like any good tool, can be used for offense)
This tool is specifically directed at those interested in maritime cybersecurity, particularly with respect to navigation systems, but applies to anyone interested in a deep understanding of the AIS protocol as observed in over-the-air transmissions. It will aid researchers in capturing and analyzing AIS data, and designing scenarios with which to prepare exercises and test products.