skip to main content

Title: A Machine Learning Approach for Detecting and Classifying Jamming Attacks Against OFDM-based UAVs
In this paper, a machine learning (ML) approach is proposed to detect and classify jamming attacks on unmanned aerial vehicles (UAVs). Four attack types are implemented using software-defined radio (SDR); namely, barrage, single-tone, successive-pulse, and protocol-aware jamming. Each type is launched against a drone that uses orthogonal frequency division multiplexing (OFDM) communication to qualitatively analyze its impacts considering jamming range, complexity, and severity. Then, an SDR is utilized in proximity to the drone and in systematic testing scenarios to record the radiometric parameters before and after each attack is launched. Signal-to-noise ratio (SNR), energy threshold, and several OFDM parameters are exploited as features and fed to six ML algorithms to explore and enable autonomous jamming detection/classification. The algorithms are quantitatively evaluated with metrics including detection and false alarm rates to evaluate the received signals and facilitate efficient decision-making for improved reception integrity and reliability. The resulting ML approach detects and classifies jamming with an accuracy of 92.2% and a false-alarm rate of 1.35%.
; ; ; ; ; ;
Award ID(s):
Publication Date:
Journal Name:
Proceedings of the 3rd ACM Workshop on Wireless Security and Machine Learning
Page Range or eLocation-ID:
Sponsoring Org:
National Science Foundation
More Like this
  1. In this article, real-time jamming detection against unmanned aerial vehicles (UAVs) is proposed via the integration of a software-defined radio (SDR) with an on-board Raspberry Pi processor. The SDR is utilized for capturing and forwarding the radio frequency signals to a receiver module hosted in the processor. This module extracts signal features characterized by orthogonal frequency division multiplexing (OFDM) parameters, energy parameters, and signal-to-noise ratio (SNR) parameters. Upon feature extraction, the aforementioned module exploits a machine learning (ML) classifier for detecting and classifying four jamming types; namely, barrage, single-tone, successive-pulse, and protocol-aware. The resulting configuration yielded in an overall detection rate (DR) of 93% and a false alarm rate (FAR) of 1.1%, which are in proximity to their counterparts obtained during the validation stage of the receiver module.
  2. Small-scale unmanned aerial vehicles (UAVs) have become an increased presence in recent years due to their decreasing price and ease of use. Similarly, ways to detect drones through easily accessible programs like WireShark have raised more potential threats, including an increase in ease of jamming and spoofing drones utilizing commercially of the shelf (COTS) equipment like software defined radio (SDR). Given these advancements, an active area of research is drone security. Recent research has focused on using a HackRF SDR to perform eavesdropping or jamming attacks; however, most have failed to show a proposed remediation. Similarly, many research papers show post analysis of communications, but seem to lack a conclusive demonstration of command manipulation. Our security assessment shows clear steps in the manipulation of a WiFi drone using the aircrack-ng suite without the need for additional equipment like a SDR. This shows that anyone with access to a computer could potentially take down a drone. Alarmingly, we found that the COTS WiFi drone in our experiment still lacked the simple security measure of a password, and were very easily able to take over the drone in a deauthorization attack. We include a proposed remediation to mitigate the preformed attack andmore »assess the entire process using the STRIDE and DREAD models. In doing so, we demonstrate a full attack process and provide a resolution to said attack.« less
  3. Although consumer drones have been used in many attacks, besides specific methods such as jamming, very little research has been conducted on systematical methods to counter these drones. In this paper, we develop generic methods to compromise drone position control algorithms in order to make malicious drones deviate from their targets. Taking advantage of existing methods to remotely manipulate drone sensors through cyber or physical attacks (e.g., [1], [2]), we exploited the weaknesses of position estimation and autopilot controller algorithms on consumer drones in the proposed attacks. For compromising drone position control, we first designed two state estimation attacks: a maximum False Data Injection (FDI) attack and a generic FDI attack that compromised the Kalman-Filter-based position estimation (arguably the most popular method). Furthermore, based on the above attacks, we proposed two attacks on autopilot-based navigation, to compromise the actual position of a malicious drone. To the best of our knowledge, this is the first piece of work in this area. Our analysis and simulation results show that the proposed attacks can significantly affect the position estimation and the actual positions of drones. We also proposed potential countermeasures to address these attacks.
  4. Spurious power consumption data reported from compromised meters controlled by organized adversaries in the Advanced Metering Infrastructure (AMI) may have drastic consequences on a smart grid’s operations. While existing research on data falsification in smart grids mostly defends against isolated electricity theft, we introduce a taxonomy of various data falsification attack types, when smart meters are compromised by organized or strategic rivals. To counter these attacks, we first propose a coarse-grained and a fine-grained anomaly-based security event detection technique that uses indicators such as deviation and directional change in the time series of the proposed anomaly detection metrics to indicate: (i) occurrence, (ii) type of attack, and (iii) attack strategy used, collectively known as attack context . Leveraging the attack context information, we propose three attack response metrics to the inferred attack context: (a) an unbiased mean indicating a robust location parameter; (b) a median absolute deviation indicating a robust scale parameter; and (c) an attack probability time ratio metric indicating the active time horizon of attacks. Subsequently, we propose a trust scoring model based on Kullback-Leibler (KL) divergence, that embeds the appropriate unbiased mean, the median absolute deviation, and the attack probability ratio metric at runtime to produce trustmore »scores for each smart meter. These trust scores help classify compromised smart meters from the non-compromised ones. The embedding of the attack context, into the trust scoring model, facilitates accurate and rapid classification of compromised meters, even under large fractions of compromised meters, generalize across various attack strategies and margins of false data. Using real datasets collected from two different AMIs, experimental results show that our proposed framework has a high true positive detection rate, while the average false alarm and missed detection rates are much lesser than 10% for most attack combinations for two different real AMI micro-grid datasets. Finally, we also establish fundamental theoretical limits of the proposed method, which will help assess the applicability of our method to other domains.« less
  5. Most of the traditional state estimation algorithms are provided false alarm when there is attack. This paper proposes an attack-resilient algorithm where attack is automatically ignored, and the state estimation process is continuing which acts a grid-eye for monitoring whole power systems. After modeling the smart grid incorporating distributed energy resources, the smart sensors are deployed to gather measurement information where sensors are prone to attacks. Based on the noisy and cyber attack measurement information, the optimal state estimation algorithm is designed. When the attack is happened, the measurement residual error dynamic goes high and it can ignore using proposed saturation function. Moreover, the proposed saturation function is automatically computed in a dynamic way considering residual error and deigned parameters. Combing the aforementioned approaches, the Kalman filter algorithm is modified which is applied to the smart grid state estimation. The simulation results show that the proposed algorithm provides high estimation accuracy.