Modern aircraft include a variety of electronic and computer systems to operate the aircraft and provide services to the passengers of the aircraft. Aircraft typically include a network system to allow the systems of the aircraft to communicate, provide services to the passengers, and communicate with off-board systems. The network, however, provides a conduit by which malicious entities, e.g., hackers, can attempt to gain unauthorized access to the aircraft. To prevent this, modern aircraft employ various security controls to prevent access to critical and sensitive systems.
The security controls, however, do not provide an effective and real-time means for detecting, analyzing, and tracking attempted breaches or attracting malicious entities. Conventional ground-based systems often include dedicated systems to detect and track breaches. The conventional ground-based systems are designed to work on large scale networks with thousands of network nodes running hundreds of network protocols. To service these large scale networks, the conventional ground-based systems are implemented on separate hardware appliances that require additional power, add additional weight, increase cost, and require additional space. These dedicated systems, however, are not suitable for aircraft due to size and computational requirements. There is therefore a need for methods and systems for detecting, analyzing, and tracking attempted breaches in aircraft.