More Like this

1. Manipulating Drone Position Control

   https://doi.org/10.1109/CNS.2019.8802817  

   Chen, Wenxin; Dong, Yingfei; Duan, Zhenhai (June 2019, 2019 IEEE Conference on Communications and Network Security (CNS))

   Although consumer drones have been used in many attacks, besides specific methods such as jamming, very little research has been conducted on systematical methods to counter these drones. In this paper, we develop generic methods to compromise drone position control algorithms in order to make malicious drones deviate from their targets. Taking advantage of existing methods to remotely manipulate drone sensors through cyber or physical attacks (e.g., [1], [2]), we exploited the weaknesses of position estimation and autopilot controller algorithms on consumer drones in the proposed attacks. For compromising drone position control, we first designed two state estimation attacks: a maximum False Data Injection (FDI) attack and a generic FDI attack that compromised the Kalman-Filter-based position estimation (arguably the most popular method). Furthermore, based on the above attacks, we proposed two attacks on autopilot-based navigation, to compromise the actual position of a malicious drone. To the best of our knowledge, this is the first piece of work in this area. Our analysis and simulation results show that the proposed attacks can significantly affect the position estimation and the actual positions of drones. We also proposed potential countermeasures to address these attacks. 

   more » « less
2. Impacts of a Single GPS Spoofer on Multiple Receivers: Formal Analysis and Experimental Evaluation

   https://doi.org/10.1109/CCNC51664.2024.10454872  

   Chen, Wenxin; Dong, Yingfei; Duan, Zhenhai (January 2024, IEEE)

   As many mobile devices use Global Navigation Satellite Systems (GNSSs) to determine their locations for control, compromising such systems can result in serious consequences, as shown by existing GPS spoofing attacks. However, most such spoofing attacks focus on the effect of a single spoofer attacking a single receiver. In this paper, we investigate the impacts of a single spoofer on multiple receivers, motivated by research on attacking drone swarms. Our analysis independently shows that, using a single spoofer, multiple receivers at different locations in a spoofing area will see the same location reading. We consider the base case of spoofing four satellites and also the generic case when more satellites are involved in the spoofing attack. More importantly, we conduct real-world experiments to validate our analysis and demonstrate the potential threats to many practical applications. We use off-the-shelf SDR cards for spoofing and consumer GPS receivers for obtaining spoofed location readings. While this method can enable various attacks on mobile devices depending on GPS, it is also applicable to all existing GNSSs, because they use similar principles to determine locations. 

   more » « less
3. A Security Assessment for Consumer WiFi Drones

   https://doi.org/10.1109/ICII.2019.00011  

   Gordon, Joshua; Kraj, Victoria; Hwang, Ji Hun; Raja, Ashok (November 2019, 2019 IEEE International Conference on Industrial Internet (ICII))

   Small-scale unmanned aerial vehicles (UAVs) have become an increased presence in recent years due to their decreasing price and ease of use. Similarly, ways to detect drones through easily accessible programs like WireShark have raised more potential threats, including an increase in ease of jamming and spoofing drones utilizing commercially of the shelf (COTS) equipment like software defined radio (SDR). Given these advancements, an active area of research is drone security. Recent research has focused on using a HackRF SDR to perform eavesdropping or jamming attacks; however, most have failed to show a proposed remediation. Similarly, many research papers show post analysis of communications, but seem to lack a conclusive demonstration of command manipulation. Our security assessment shows clear steps in the manipulation of a WiFi drone using the aircrack-ng suite without the need for additional equipment like a SDR. This shows that anyone with access to a computer could potentially take down a drone. Alarmingly, we found that the COTS WiFi drone in our experiment still lacked the simple security measure of a password, and were very easily able to take over the drone in a deauthorization attack. We include a proposed remediation to mitigate the preformed attack and assess the entire process using the STRIDE and DREAD models. In doing so, we demonstrate a full attack process and provide a resolution to said attack. 

   more » « less
4. Compromising Flight Paths of Autopiloted Drones

   https://doi.org/10.1109/ICUAS.2019.8798162  

   Chen, W; Dong, Y; Duan, Z (June 2019, 2019 International Conference on Unmanned Aircraft Systems (ICUAS))

   While more and more consumer drones are abused in recent attacks, there is still very little systematical research on countering malicious consumer drones. In this paper, we focus on this issue and develop effective attacks to common autopilot control algorithms to compromise the flight paths of autopiloted drones, e.g., leading them away from its preset paths. We consider attacking an autopiloted drone in three phases: attacking its onboard sensors, attacking its state estimation, and attacking its autopilot algorithms. Several firstphase attacks have been developed (e.g., [1]–[4]); second-phase attacks (including our previous work [5], [6]) have also been investigated. In this paper, we focus on the third-phase attacks. We examine three common autopilot algorithms, and design several attacks by exploiting their weaknesses to mislead a drone from its preset path to a manipulated path. We present the formal analysis of the scope of such manipulated paths. We further discuss how to apply the proposed attacks to disrupt preset drone missions, such as missing a target in searching an area or misleading a drone to intercept another drone, etc. Many potential attacks can be built on top of the proposed attacks. We are currently investigating different models to apply such attacks on common drone missions and also building prototype systems on ArduPilot for real world tests. We will further investigate countermeasures to address the potential damages. 

   more » « less
5. Wind awareness for energy consumption in drone simulations (demo paper)

   https://doi.org/10.1145/3557915.3561045  

   Kelleher, Noah; Ramirez, Ricardo; Salihovic, Adnan; McKay, Nathan; Kelly, Jonathan; Chen, Hengwei; Trajcevski, Goce (November 2022, 30th International Conference on Advances in Geographic Information Systems, SIGSPATIAL 2022)

   Drone simulators are often used to reduce training costs and prepare operators for various ad-hoc scenarios, as well as to test the quality of algorithmic and communication aspects in collaborative scenarios. An important aspect of drone missions in simulated (as well as real life) environments is the operational lifetime of a given drone, in both solo and collaborative fleet settings. Its importance stems from the fact that the capacity of the on-board batteries in untethered (i.e., free-flying) drones determines the range and/or the length of the trajectory that a drone can travel in the course of its surveilance or delivery missions. Most of the existing simulators incorporate some kind of a consumption model based on different parameters of the drone and its flight trajectory. However, to our knowledge, the existing simulators are not capable of incorporating data obtained from actual physical measurements/observations into the consumption model. In this work, we take a first step towards enabling the (users of) drones simulator to incorporate the speed and direction of the wind into the model and monitor its impact on the battery consumption as the direction of the flight changes relative to the wind. We have also developed a proof-of-concept implementation with DJI Mavic 3 and Parrot ANAFI drones. 

   more » « less