Railway networks could be subject to cyberattacks due to security breaches of their communication systems. The Communications-Based Train Control (CBTC) is considered as the main organ of a railway network. CBTC controls movements of trains and manages messages exchanged between the different systems of railways. In this paper, we propose a cooperative detection framework to secure the CBTC against attackers that execute locally a malicious software (i.e., internal threats) and/or spread and deliver an attack from an external network (i.e., external threats). The present detection framework has two main security systems: host and network detection system, and human-machine interaction system. When these security systems run in a cooperative way, the attack detection and false alarm rates are improved, while the expected attack damage rate is reduced. The framework is integrated in a real sub-systems of railway network and according to experiments results, we show that it is capable to detect accurately sophisticated cyber-attacks, such as fault data injection and flooding attacks.