Abstract. The aim of the study is to develop and evaluate machine learning models for detecting cyber threats in aviation communication and navigation systems. Modern aviation infrastructures, including ADS-B and ACARS protocols, are vulnerable to attacks such as GPS spoofing, DoS, and false message injection. The study uses a combined dataset of 50,000 records, of which 30% simulate attacks and 70% represent normal system operation.
The methodology includes the use of Random Forest, SVM, and autoencoder models. After normalisation and dimensionality reduction (to 10 PCA components), the models were trained and tested using 5-fold stratified cross-validation. Random Forest showed the best classification accuracy — 96.4%, with an F1-measure of 94.9%, Recall 95.1% and Precision 94.7%. SVM demonstrated 91.2% accuracy, while autoencoder achieved 92.3% successful attack detection with a false positive rate of no more than 4.1%. According to ROC analysis, the Random Forest model had an AUC = 0.98, and Precision-Recall analysis showed an AP = 0.96.
The scientific novelty lies in the systematic comparison of models with and without a teacher in terms of their applicability to real aviation scenarios, taking into account the specifics of protocols and temporal features.
The practical significance lies in the possibility of integrating the trained models into air traffic monitoring systems and digital onboard systems for early threat detection, minimising the risk of failures and improving flight safety.

Keywords: aviation cybersecurity, machine learning, intrusion detection, ADS-B, GPS spoofing, autoencoder, Random Forest.