Shinan Liu,Xiang Cheng,Hanchao Yang,Yuanchao Shu,Xiaoran Weng,Ping Guo,Kexiong (Curtis) Zeng,Gang Wang,Yaling Yang

2021-01-01

Abstract:The GPS has empowered billions of users and various critical infrastructures with its positioning and time services. However, GPS spoofing attacks also become a growing threat to GPS-dependent systems. Existing detection methods either require expensive hardware modifications to current GPS devices or lack the basic robustness against sophisticated attacks, hurting their adoption and usage in practice. In this paper, we propose a novel GPS spoofing detection framework that works with off-the-shelf GPS chipsets. Our basic idea is to rotate a one-side-blocked GPS receiver to derive the angle-of-arrival (AoAs) of received signals and compare them with the GPS constellation (consists of tens of GPS satellites). We first demonstrate the effectiveness of this idea by implementing a smartphone prototype and evaluating it against a real spoofer in various field experiments (in both open air and urban canyon environments). Our method achieves a high accuracy (95%-100%) in 5 seconds. Then we implement an adaptive attack, assuming the attacker becomes aware of our defense method and actively modulates the spoofing signals accordingly. We study this adaptive attack and propose enhancement methods (using the rotation speed as the "secret key") to fortify the defense. Further experiments are conducted to validate the effectiveness of the enhanced defense.

Barak Davidovich,Ben Nassi,Yuval Elovici

DOI: https://doi.org/10.3390/s22072608

2022-03-29

Abstract:A Global Positioning System (GPS) spoofing attack can be launched against any commercial GPS sensor in order to interfere with its navigation capabilities. These sensors are installed in a variety of devices and vehicles (e.g., cars, planes, cell phones, ships, UAVs, and more). In this study, we focus on micro UAVs (drones) for several reasons: (1) they are small and inexpensive, (2) they rely on a built-in camera, (3) they use GPS sensors, and (4) it is difficult to add external components to micro UAVs. We propose an innovative method, based on the video stream captured by a drone's camera, for the real-time detection of GPS spoofing attacks targeting drones. The proposed method collects frames from the video stream and their location (GPS coordinates); by calculating the correlation between each frame, our method can detect GPS spoofing attacks on drones. We first analyze the performance of the suggested method in a controlled environment by conducting experiments on a flight simulator that we developed. Then, we analyze its performance in the real world using a DJI drone. Our method can provide different levels of security against GPS spoofing attacks, depending on the detection interval required; for example, it can provide a high level of security to a drone flying at altitudes of 50-100 m over an urban area at an average speed of 4 km/h in conditions of low ambient light; in this scenario, the proposed method can provide a level of security that detects any GPS spoofing attack in which the spoofed location is a distance of 1-4 m (an average of 2.5 m) from the real location.

Xian-Chun Zheng,Hung-Min Sun

DOI: https://doi.org/10.18494/sam.2020.2783

IF: 1.2

2020-01-01

Sensors and Materials

Abstract:With the booming growth of unmanned aerial vehicles (UAVs, drones) in recent years, especially for commercial and recreational aerial photography UAVs, the safety issues of civilians and security problems of sensitive information are causing much concern. Some studies have confirmed that many attacks against UAVs are highly connected to the vulnerabilities of the civil global positioning system (GPS). The transparency and predictability of unencrypted civil GPS signals make them easy to counterfeit. Furthermore, owing to the development of software-defined radio (SDR) in recent years, launching a civil GPS spoofing attack is no longer expensive. GPS spoofing against drones using SDR devices has severely threatened their flight security and personal safety. In this study, we demonstrated three UAV hijacking attacks using HackRF One, an SDR device, with corresponding open source projects. We also proved that launching such threatening attacks is not expensive and such attacks are easy to control. We also propose some possible approaches to enhance the security of UAV location information.

Ahmad Danial Bin Abdul Rahman,Kamaruddin Abdul Ghani,Nor Hisham H Khamis,Abd Rahim Mat Sidek

DOI: https://doi.org/10.1088/1742-6596/1793/1/012060

2021-02-01

Journal of Physics: Conference Series

Abstract:Abstract This paper discusses the existing jamming method from previous publication and how the method is modified to accomplished the GPS jamming of Unmanned Aerial Vehicle (UAV). This paper also presents the result from the field test of UAV GPS jamming by using Software Defined Radio (SDR) and GNU Radio software. The field test is carried out to study the performance of the jamming signal produced and the effect of elevation angle on the jamming range. The test subject used in this field test is DJI Phantom 4 Pro, a commercial consumer grade drone.

English Else

M. Surendra Kumar,Gaurav S. Kasbekar,Arnab Maity

DOI: https://doi.org/10.48550/arXiv.2206.09133

2022-06-18

Abstract:The vulnerability of the Global Positioning System (GPS) against spoofing is known for quite some time. Also, the positioning and navigation of most semi-autonomous and autonomous drones are dependent on Global Navigation Satellite System (GNSS) signals. In prior work, simplistic or asynchronous GPS spoofing was found to be a simple, efficient, and effective cyber attack against L1 GPS or GNSS dependent commercial drones. In this paper, first we make some important observations on asynchronous GPS spoofing attacks on drones presented in prior research literature. Then, we design an asynchronous GPS spoofing attack plan. Next, we test the effectiveness of this attack against GNSS receivers (high volume consumer devices based on Android mobile phones) of different capabilities and a commercial drone (DJI Mavic 2 Pro) under various conditions. Finally, we present several novel insights based on the results of the tests.

Cryptography and Security,Systems and Control

Jiangyi Deng,Xiaoyu Ji,Beibei Wang,Bin Wang,Wenyuan Xu

DOI: https://doi.org/10.1109/tifs.2023.3311964

IF: 7.231

2024-01-01

IEEE Transactions on Information Forensics and Security

Abstract:The market for consumer drones is growing and drones are becoming ever more pervasive than before in our life. However, drones have also brought about severe privacy violations and even safety issues. Especially, drones with cameras can snap pictures or take private videos. Researchers have designed drone detection mechanisms by passively inspecting the radio frequency (RF) signal in the communication channel between a drone and its controller. However, passive detection solutions shall fail when drones are in autopilot mode without control signals from controllers. In this paper, we seek to detect autopilot drones that transmit no RF signals by developing a proactive detection system named Dr. Defender. To this end, we resort to the Wi-Fi signals prevalent at each house and propose a proactive drone detection mechanism. To facilitate the detection of drones with Wi-Fi, we first study the motion characteristics of drones, including the shifting, moving, and spinning of propellers that can uniquely represent a drone. Then we investigate the physical layer information of Wi-Fi signals, i.e., the channel state information (CSI), to reveal specific motions of a drone. Finally, we implement our CSI-based proactive drone detection system, which requires no signal transmission from a drone or its controller. We extensively validate the feasibility and performance of our solution under different distances and directions of drones relative to a window. Results show that Dr. Defender can accurately detect drones 10 meters away.

Barak Davidovich,Ben Nassi,Yuval Elovici

DOI: https://doi.org/10.48550/arXiv.2201.00419

2022-01-03

Abstract:In this study, we propose an innovative method for the real-time detection of GPS spoofing attacks targeting drones, based on the video stream captured by a drone's camera. The proposed method collects frames from the video stream and their location (GPS); by calculating the correlation between each frame, our method can identify an attack on a drone. We first analyze the performance of the suggested method in a controlled environment by conducting experiments on a flight simulator that we developed. Then, we analyze its performance in the real world using a DJI drone. Our method can provide different levels of security against GPS spoofing attacks, depending on the detection interval required; for example, it can provide a high level of security to a drone flying at an altitude of 50-100 meters over an urban area at an average speed of 4 km/h in conditions of low ambient light; in this scenario, the method can provide a level of security that detects any GPS spoofing attack in which the spoofed location is a distance of 1-4 meters (an average of 2.5 meters) from the real location.

Cryptography and Security

Eshta Ranyal,Kamal Jain

DOI: https://doi.org/10.1007/s12524-020-01225-1

IF: 1.894

2020-11-16

Journal of the Indian Society of Remote Sensing

Abstract:The Unmanned Aerial Vehicle often known as UAV plays a central role in providing multifarious services which can be encapsulated under following major categories namely military, research and civil. Various studies have revealed that unlike the military UAV the civil UAV uses unauthenticated, unencrypted and predictable signals and thus can be easily manipulated. With the burgeoning dependency on UAVs for time-critical response operations and many other, there is a need to secure the civil unmanned aerial system which lacks direct human interference. The goal of this paper is to focus on how Global Positioning System (GPS) signal spoofing allows the authentic ground control to change hands with threat actors. Spoofing forces erroneous location to be computed by target receiver by transmitting the counterfeit Global Navigation Satellite System like signals. The intention is to misinform the user about its location. In this paper, the UAVs vulnerability, resulting in complete command and control under the captor's influence, consequent to GPS spoofing, is analyzed and an analysis of the countermeasures to identify spoofing proposed by various researchers is done. While some countermeasures are computationally complex unsuitable for lightweight UAVs there are others that have been experimented on simulators. Very few have been established on real sensor data and have limitations of their own.

environmental sciences,remote sensing

Princess Chimmy Joeaneke,Onyinye Obioha Val,Oluwaseun Oladeji Olaniyi,Olumide Samuel Ogungbemi,Anthony Obulor Olisa,Oluwaseun Ibrahim Akinola

DOI: https://doi.org/10.9734/jerr/2024/v26i101291

2024-10-03

Journal of Engineering Research and Reports

Abstract:This study investigates the vulnerabilities of unmanned aerial vehicles (UAVs) to GPS spoofing and jamming, addressing three key research questions: (1) What are the common techniques used to spoof or jam GPS signals for UAVs? (2) How do these techniques impact UAV performance and safety? (3) What mitigation strategies are most effective in preventing interference? A mixed-methods approach was used, combining a qualitative review of peer-reviewed literature and a quantitative analysis of GPS signal data. Spoofing increased positioning errors to 20.45 meters, while jamming reduced mission completion rates by 40%. Detection models, including Random Forest, SVM, and Neural Networks, were evaluated, with SVM showing a recall of 56.4% for spoofed signals despite lower overall accuracy. Inertial Navigation Systems (INS) and Visual Odometry were most effective in reducing navigation errors by over 90% and showed the highest mission success rates, recovering from interference within 0.81 to 1.28 seconds. These findings highlight the importance of integrating advanced detection methods and resilient systems in GPS-reliant UAV operations.

Moritz Schloegel,Nils Bars,Nico Schiller,Tobias Scharnowski,Lea Schönherr,Thorsten Eisenhofer,Thorsten Holz,Felix Domke,Merlin Chlosta

DOI: https://doi.org/10.14722/ndss.2023.24217

Abstract:—Consumer drones enable high-class aerial video photography, promise to reform the logistics industry, and are already used for humanitarian rescue operations and during armed conflicts. Contrasting their widespread adoption and high popularity, the low entry barrier for air mobility—a traditionally heavily regulated sector—poses many risks to safety, security, and privacy. Malicious parties could, for example, (mis-)use drones for surveillance, transportation of illegal goods, or cause economic damage by intruding the closed airspace above air-ports. To prevent harm, drone manufacturers employ several countermeasures to enforce safe and secure use of drones, e.g., they impose software limits regarding speed and altitude, or use geofencing to implement no-fly zones around airports or prisons. Complementing traditional countermeasures, drones from the market leader DJI implement a tracking protocol called DroneID, which is designed to transmit the position of both the drone and its operator to authorized entities such as law enforcement or operators of critical infrastructures. In this paper, we analyze security and privacy claims for drones, focusing on the leading manufacturer DJI with a market share of 94%. We first systemize the drone attack surface and investigate an attacker capable of eavesdropping on the drone’s over-the-air data traffic. Based on reverse engineering of DJI firmware, we design and implement a decoder for DJI’s proprietary tracking protocol DroneID, using only cheap COTS hardware. We show that the transmitted data is not encrypted, but accessible to anyone, compromising the drone operator’s privacy. Second, we conduct a comprehensive analysis of drone security: Using a combination of reverse engineering, a novel fuzzing approach tailored to DJI’s communication protocol, and hardware analysis, we uncover several critical flaws in drone firmware that allow attackers to gain elevated privileges on two different DJI drones and their remote control. Such root access paves the way to disable

Political Science,Computer Science,Law

Yassine Mekdad,Abbas Acar,Ahmet Aris,Abdeslam El Fergougui,Mauro Conti,Riccardo Lazzeretti,Selcuk Uluagac

2024-03-07

Abstract:Recent advancements in drone technology have shown that commercial off-the-shelf Micro Aerial Drones are more effective than large-sized drones for performing flight missions in narrow environments, such as swarming, indoor navigation, and inspection of hazardous locations. Due to their deployments in many civilian and military applications, safe and reliable communication of these drones throughout the mission is critical. The Crazyflie ecosystem is one of the most popular Micro Aerial Drones and has the potential to be deployed worldwide. In this paper, we empirically investigate two interference attacks against the Crazy Real Time Protocol (CRTP) implemented within the Crazyflie drones. In particular, we explore the feasibility of experimenting two attack vectors that can disrupt an ongoing flight mission: the jamming attack, and the hijacking attack. Our experimental results demonstrate the effectiveness of such attacks in both autonomous and non-autonomous flight modes on a Crazyflie 2.1 drone. Finally, we suggest potential shielding strategies that guarantee a safe and secure flight mission. To the best of our knowledge, this is the first work investigating jamming and hijacking attacks against Micro Aerial Drones, both in autonomous and non-autonomous modes.

Cryptography and Security

Ji Hyuk Jung,Mi Yeon Hong,Hyeongjun Choi,Ji Won Yoon

DOI: https://doi.org/10.1109/access.2024.3382543

IF: 3.9

2024-04-05

IEEE Access

Abstract:Unmanned Aerial Vehicles (UAVs) are aerial vehicles that can go to a particular position without human control or with remote human control. It is because unmanned control mainly relies on position estimation that a lot of research has been studied on GPS spoofing attacks. Detection methods against GPS spoofing attacks mainly include monitoring RF signals or IMU sensor values inside UAVs. In this work, we analyze GPS attack and detection in an advanced autopilot system, PX4 without excluding RF detection. Recent studies have shown that GPS spoofing is unable to evade the detection using EKF sensor fusion. Therefore, this paper experiment whether the detection could be evaded by strengthening the attacker model. This paper classifies attacker models according to whether an attacker knows the true position of UAVs or the estimated position by UAV and proposed attack methods depending on each model in PX4. We inject GPS value which our attack method intends to UAV during mission flight in simulation environment. By manipulating the GPS driver code of PX4 controller, we inject GPS value the attack method wants into UAV in physical environment. Finally, we observed the innovation test ratio during GPS spoofing and demonstrate that GPS spoofing attack is possible keeping the innovation test ratio under the anomaly detection criterion. After that, we proposed our approach which scales the EKF's Kalman gain randomly to increase the detection method's efficiency and experiment with the attack methods. This detection method has little effect on the test ratio without the attack. But during the attack, the innovation test ratio was increased higher than the anomaly detection criterion so that the attack could be detected.

computer science, information systems,telecommunications,engineering, electrical & electronic

Yichao Chen,Guanbang Liu,Zhen Zhang,Lidong He,Shibo He

DOI: https://doi.org/10.1109/tvt.2023.3337154

IF: 6.8

2024-01-01

IEEE Transactions on Vehicular Technology

Abstract:Multiple unmanned aerial vehicle (UAV) systems are increasingly used in civilian and military applications. However, due to the open and broadcast nature of wireless communications, the control and non-payload communication (CNPC) between UAVs and ground control stations (GCSs) is vulnerable to physical (PHY) and medium access control (MAC) layer wireless attacks, such as eavesdropping, jamming, and spoofing. In this paper, we investigate the secure remote control (RC) issue in multi-UAV systems from a physical layer security (PLS) perspective. We propose a secure RC mechanism based on John Boyd's OODA loop and introduce cooperative jamming (CJ) from UAVs to safeguard control data from GCS. To quantify the uncertainty of wireless attacks from aerial and terrestrial potential attackers, we first introduce the Nakagami-m fading model and a mixed line-of-sight (LoS) / non-line-of-sight (NLoS) probability model to characterize hostile air-to-ground (A2G) channels. We then derive the conditions for successful attacks including passive/active eavesdropping, jamming and spoofing, and formulate the risks of each attack and the overall CJ efficiency based on secrecy outage probability (SOP). To optimize the trade-off between risk costs and CJ power consumption for various situations, we propose three levels of control schemes (centralized, partially centralized, and distributed) applicable at GCS or UAVs, and design three decision-making methods with differing complexities. Through simulations, we evaluate the performance of the proposed mechanism under a general scenario that provides diverse physical conditions, threat levels, and security requirements.

Sagar Dasgupta,Abdullah Ahmed,Mizanur Rahman,Thejesh N. Bandi

2024-01-03

Abstract:Autonomous vehicles (AVs) rely on the Global Positioning System (GPS) or Global Navigation Satellite Systems (GNSS) for precise (Positioning, Navigation, and Timing) PNT solutions. However, the vulnerability of GPS signals to intentional and unintended threats due to their lack of encryption and weak signal strength poses serious risks, thereby reducing the reliability of AVs. GPS spoofing is a complex and damaging attack that deceives AVs by altering GPS receivers to calculate false position and tracking information leading to misdirection. This study explores a stealthy slow drift GPS spoofing attack, replicating the victim AV's satellite reception pattern while changing pseudo ranges to deceive the AV, particularly during turns. The attack is designed to gradually deviate from the correct route, making real-time detection challenging and jeopardizing user safety. We present a system and study methodology for constructing covert spoofing attacks on AVs, investigating the correlation between original and spoofed pseudo ranges to create effective defenses. By closely following the victim vehicle and using the same satellite signals, the attacker executes the attack precisely. Changing the pseudo ranges confuses the AV, leading it to incorrect destinations while remaining oblivious to the manipulation. The gradual deviation from the actual route further conceals the attack, hindering its swift identification. The experiments showcase a robust correlation between the original and spoofed pseudo ranges, with R square values varying between 0.99 and 1. This strong correlation facilitates effective evaluation and mitigation of spoofing signals.

Cryptography and Security

Renato Ferreira,João Gaspar,Pedro Sebastião,Nuno Souto

DOI: https://doi.org/10.3390/s22041487

IF: 3.9

2022-02-15

Sensors

Abstract:The number of incidents between unmanned aerial vehicles (UAVs) and aircrafts at airports and airfields has been increasing over the last years. To address the problem, in this paper we describe a portable system capable of protecting areas against unauthorized UAVs, which is based on the use of low-cost SDR (software defined radio) platforms. The proposed anti-UAV system supports target localization and integrates effective jamming techniques with the generation of global positioning system (GPS) spoofing signals aimed at the drone. Real-life tests of the implemented prototype have shown that the proposed approach is capable of stopping the reliable reception of radionavigation signals and can also divert or even take control of unauthorized UAVs, whose flight path depends on the information obtained by the GPS system.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Philip H. Kulp,Nagi Mei

DOI: https://doi.org/10.1109/SMC42975.2020.9283478

2020-05-04

Abstract:Drone susceptibility to jamming or spoofing attacks of GPS, RF, Wi-Fi, and operator signals presents a danger to future medical delivery systems. A detection framework capable of sensing attacks on drones could provide the capability for active responses. The identification of interference attacks has applicability in medical delivery, disaster zone relief, and FAA enforcement against illegal jamming activities. A gap exists in the literature for solo or swarm-based drones to identify radio frequency spectrum attacks. Any non-delivery specific function, such as attack sensing, added to a drone involves a weight increase and additional complexity; therefore, the value must exceed the disadvantages. Medical delivery, high-value cargo, and disaster zone applications could present a value proposition which overcomes the additional costs. The paper examines types of attacks against drones and describes a framework for designing an attack detection system with active response capabilities for improving the reliability of delivery and other medical applications.

Computers and Society,Cryptography and Security,Networking and Internet Architecture,Robotics

Derry Pratama,Jaegeun Moon,Agus Mahardika Ari Laksmono,Dongwook Yun,Iqbal Muhammad,Byeonguk Jeong,Janghyun Ji,Howon Kim

DOI: https://doi.org/10.48550/arXiv.2309.05913

2023-09-12

Abstract:This research paper entails an examination of the Enhanced Wi-Fi protocol, focusing on its control command reverse-engineering analysis and subsequent demonstration of a hijacking attack. Our investigation discovered vulnerabilities in the Enhanced Wi-Fi control commands, rendering them susceptible to hijacking attacks. Notably, the study established that even readily available and cost-effective commercial off-the-shelf Wi-Fi routers could be leveraged as effective tools for executing such attacks. To illustrate this vulnerability, a proof-of-concept remote hijacking attack was carried out on a DJI Mini SE drone, whereby we intercepted the control commands to manipulate the drone's flight trajectory. The findings of this research emphasize the critical necessity of implementing robust security measures to safeguard unmanned aerial vehicles against potential hijacking threats. Considering that civilian drones are now used as war weapons, the study underscores the urgent need for further exploration and advancement in the domain of civilian drone security.

Cryptography and Security

Ryan D. Restivo,Laurel C. Dodson,Jian Wang,Wenkai Tan,Yongxin Liu,Huihui Wang,Houbing Song

DOI: https://doi.org/10.1109/infocomwkshps57453.2023.10225980

2023-01-01

Abstract:With the development of the Internet of Things (IoT) and Cyber-Physical System (CPS), Unmanned Aerial Vehicles (UAVs) are deployed in various implementations which improve the performance of the IoT and reduce labor consumption significantly. As the core of UAV, Global Positioning System (GPS) is essential to provide the navigation information for UAVs to finish missions. GPS receives satellite signals and calculated localization so UAVs can recognize their positions. However, malicious attackers leverage the mechanism to generate forged GPS signals that can spoof UAV that has wrong positions. The wrong positions can lead to missions' failure and threaten public safety and private security. In this paper, we investigated the overview of GPS spoofing and explored the development of GPS spoofing on UAVs. This work can provide researchers with state-of-the-art GPS spoofing development on UAVs and inspiration for new directions in this field.

Pavlo Mykytyn,Marcin Brzozowski,Zoya Dyka,Peter Langendoerfer

2023-06-27

Abstract:Recently autonomous and semi-autonomous Unmanned Aerial Vehicle (UAV) swarms started to receive a lot of research interest and demand from various civil application fields. However, for successful mission execution, UAV swarms require Global navigation satellite system signals and in particular, Global Positioning System (GPS) signals for navigation. Unfortunately, civil GPS signals are unencrypted and unauthenticated, which facilitates the execution of GPS spoofing attacks. During these attacks, adversaries mimic the authentic GPS signal and broadcast it to the targeted UAV in order to change its course, and force it to land or crash. In this study, we propose a GPS spoofing detection mechanism capable of detecting single-transmitter and multi-transmitter GPS spoofing attacks to prevent the outcomes mentioned above. Our detection mechanism is based on comparing the distance between each two swarm members calculated from their GPS coordinates to the distance acquired from Impulse Radio Ultra-Wideband ranging between the same swarm members. If the difference in distances is larger than a chosen threshold the GPS spoofing attack is declared detected.

Cryptography and Security

Sirish Deshmukh,Vaibhav Sharma

DOI: https://doi.org/10.1109/MAPCON56011.2022.10046968

2022-12-12

Abstract:Numerous cases have been reported wherein drones have been used for eavesdropping, planned attacks on vital installations, and accidental damages to defense and civil assets. This paper proposes using a low-cost Software Defined Radio based system to protect vital areas against unauthorized drones. The paper proposes the use of software defined radio as a radar for drone detection along with Jamming and spoofing of drone GPS to protect vital areas. Real-time tests of the implemented solution were carried out with varying scenarios demonstrating the proposed system's effectiveness.

Engineering,Environmental Science,Computer Science