An official website of the United States government
In this article, real-time jamming detection against unmanned aerial vehicles (UAVs) is proposed via the integration of a software-defined radio (SDR) with an on-board Raspberry Pi processor. The SDR is utilized for capturing and forwarding the radio frequency signals to a receiver module hosted in the processor. This module extracts signal features characterized by orthogonal frequency division multiplexing (OFDM) parameters, energy parameters, and signal-to-noise ratio (SNR) parameters. Upon feature extraction, the aforementioned module exploits a machine learning (ML) classifier for detecting and classifying four jamming types; namely, barrage, single-tone, successive-pulse, and protocol-aware. The resulting configuration yielded in an overall detection rate (DR) of 93% and a false alarm rate (FAR) of 1.1%, which are in proximity to their counterparts obtained during the validation stage of the receiver module.
more »
« less
A Machine Learning Approach for Detecting and Classifying Jamming Attacks Against OFDM-based UAVs
In this paper, a machine learning (ML) approach is proposed to detect and classify jamming attacks on unmanned aerial vehicles (UAVs). Four attack types are implemented using software-defined radio (SDR); namely, barrage, single-tone, successive-pulse, and protocol-aware jamming. Each type is launched against a drone that uses orthogonal frequency division multiplexing (OFDM) communication to qualitatively analyze its impacts considering jamming range, complexity, and severity. Then, an SDR is utilized in proximity to the drone and in systematic testing scenarios to record the radiometric parameters before and after each attack is launched. Signal-to-noise ratio (SNR), energy threshold, and several OFDM parameters are exploited as features and fed to six ML algorithms to explore and enable autonomous jamming detection/classification. The algorithms are quantitatively evaluated with metrics including detection and false alarm rates to evaluate the received signals and facilitate efficient decision-making for improved reception integrity and reliability. The resulting ML approach detects and classifies jamming with an accuracy of 92.2% and a false-alarm rate of 1.35%.
more »
« less
- Award ID(s):
- 2006662
- PAR ID:
- 10273173
- Date Published:
- Journal Name:
- Proceedings of the 3rd ACM Workshop on Wireless Security and Machine Learning
- Page Range / eLocation ID:
- 1-6
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
Small-scale unmanned aerial vehicles (UAVs) have become an increased presence in recent years due to their decreasing price and ease of use. Similarly, ways to detect drones through easily accessible programs like WireShark have raised more potential threats, including an increase in ease of jamming and spoofing drones utilizing commercially of the shelf (COTS) equipment like software defined radio (SDR). Given these advancements, an active area of research is drone security. Recent research has focused on using a HackRF SDR to perform eavesdropping or jamming attacks; however, most have failed to show a proposed remediation. Similarly, many research papers show post analysis of communications, but seem to lack a conclusive demonstration of command manipulation. Our security assessment shows clear steps in the manipulation of a WiFi drone using the aircrack-ng suite without the need for additional equipment like a SDR. This shows that anyone with access to a computer could potentially take down a drone. Alarmingly, we found that the COTS WiFi drone in our experiment still lacked the simple security measure of a password, and were very easily able to take over the drone in a deauthorization attack. We include a proposed remediation to mitigate the preformed attack and assess the entire process using the STRIDE and DREAD models. In doing so, we demonstrate a full attack process and provide a resolution to said attack.more » « less
-
This work proposes the use of machine learning (ML) as a candidate for the detection of various types of message injection attacks against automatic dependent surveillance-broadcast (ADSB) messaging systems. Authentic ADS-B messages from a high-traffic area are collected from an open-source platform. These messages are combined with others imposing path modification, ghost aircraft injection, and velocity drift obtained from simulations. Then, ADS-B-related features are extracted from such messages and used to train different ML models for binary classification. For this purpose, authentic ADS-B data is considered as Class 1 (i.e., no attack), while the injection attacks are considered as Class 2 (i.e., presence of attack). The performance of the models is analyzed with metrics, including detection, misdetection, and false alarm rates, as well as validation accuracy, precision, recall, and Fl-score. The resulting models enable identifying the presence of injection attacks with a detection rate of 99.05%, and false alarm and misdetection rates of 0.76% and 1.10%, respectively.more » « less
-
Although consumer drones have been used in many attacks, besides specific methods such as jamming, very little research has been conducted on systematical methods to counter these drones. In this paper, we develop generic methods to compromise drone position control algorithms in order to make malicious drones deviate from their targets. Taking advantage of existing methods to remotely manipulate drone sensors through cyber or physical attacks (e.g., [1], [2]), we exploited the weaknesses of position estimation and autopilot controller algorithms on consumer drones in the proposed attacks. For compromising drone position control, we first designed two state estimation attacks: a maximum False Data Injection (FDI) attack and a generic FDI attack that compromised the Kalman-Filter-based position estimation (arguably the most popular method). Furthermore, based on the above attacks, we proposed two attacks on autopilot-based navigation, to compromise the actual position of a malicious drone. To the best of our knowledge, this is the first piece of work in this area. Our analysis and simulation results show that the proposed attacks can significantly affect the position estimation and the actual positions of drones. We also proposed potential countermeasures to address these attacks.more » « less
-
Anomaly-based attack detection methods depend on some form of machine learning to detect data falsification attacks in smart living cyber–physical systems. However, there is a lack of studies that consider the presence of attacks during the training phase and their effect on detection and false alarm performance. To improve the robustness of time series learning for anomaly detection, we propose a framework by modifying design choices such as regression error type and loss function type while learning the thresholds for an anomaly detection framework during the training phase. Specifically, we offer theoretical proofs on the relationship between poisoning attack strengths and how that informs the choice of loss functions used to learn the detection thresholds. This, in turn, leads to explainability of why and when our framework mitigates data poisoning and the trade-offs associated with such design changes. The theoretical results are backed by experimental results that prove attack mitigation performance with NIST-specified metrics for CPS, using real data collected from a smart metering infrastructure as a proof of concept. Thus, the contribution is a framework that guarantees security of ML and ML for security simultaneously.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Conference Paper:
- https://doi.org/10.1145/3468218.3469049
