Advertisement

Vulnerability Assessment for Unmanned Systems Autonomy Services Architecture

  • Yu Li
  • Ivan Frasure
  • Ademola Ayodeji Ikusan
  • Junjie ZhangEmail author
  • Rui Dai
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11058)

Abstract

Unmanned Systems Autonomy Services (UxAS) is a set of networked software modules that collaboratively automate mission-level decision making for unmanned systems. Proposed, developed, and publicized by United States Air Force Research Laboratory (U.S. AFRL), UxAS has strong and promising implications in practice and it can be easily extended to support emulation and practical deployment of unmanned aerial vehicles (UAVs). Therefore, performing vulnerability assessment for UxAS is of significant importance. In this project, we first leveraged the threat-driven method to identify security requirements that focus on UxAS’ confidentiality, integrity, and availability. Next, we designed and developed fuzz tests to evaluate whether UxAS satisfies these requirements. Our experiments have shown that the current version of UxAS is vulnerable to a variety of attacks such as denial of service, message injection/replay, service self-destruct, and timing-based side-channel attacks. Finally, we studied the root-causes for these vulnerabilities and proposed mitigation strategies.

References

  1. 1.
    Air Force Research Laboratory, Aerospace System Directorate, Power and Control Division: OpenUxAS (2017). https://github.com/afrl-rq/OpenUxAS
  2. 2.
    Birnbaum, Z., Dolgikh, A., Skormin, V., O’Brien, E., Muller, D., Stracquodaine, C.: Unmanned aerial vehicle security using behavioral profiling. In: 2015 International Conference on Unmanned Aircraft Systems (ICUAS), pp. 1310–1319. IEEE (2015)Google Scholar
  3. 3.
    Birnbaum, Z., Dolgikh, A., Skormin, V., Oâ Brien, E., Muller, D., Stracquodaine, C.: Unmanned aerial vehicle security using recursive parameter estimation. J. Intell. Robot. Syst. 84(1–4), 107–120 (2016)CrossRefGoogle Scholar
  4. 4.
    He, D., Chan, S., Guizani, M.: Communication security of unmanned aerial vehicles. IEEE Wirel. Commun. 24(4), 134–139 (2017)CrossRefGoogle Scholar
  5. 5.
    Hooper, M., et al.: Securing commercial Wifi-based UAVs from common security attacks. In: MILCOM 2016–2016 IEEE, pp. 1213–1218. IEEE (2016)Google Scholar
  6. 6.
    Javaid, A., Sun, W., Alam, M.: A cost-effective simulation testbed for unmanned aerial vehicle network cyber attack analysis. In: Safe & Secure Systems & Software Symposium S5, pp. 9–11 (2015)Google Scholar
  7. 7.
    Li, Y., Dai, R., Zhang, J.: Morphing communications of cyber-physical systems towards moving-target defense. In: 2014 IEEE ICC, pp. 592–598, June 2014.  https://doi.org/10.1109/ICC.2014.6883383
  8. 8.
    Luo, X., Zhou, P., Zhang, J., Perdisci, R., Lee, W., Chang, R.K.: Exposing invisible timing-based traffic watermarks with BACKLIT, pp. 197–206. ACM (2011)Google Scholar
  9. 9.
    Mansfield, K.M., Eveleigh, T.J., Holzer, T.H., Sarkani, S.: Dod comprehensive military unmanned aerial vehicle smart device ground control station threat model. Technical report, DEFENSE ACQUISITION UNIV FT BELVOIR VA (2015)Google Scholar
  10. 10.
    Mitchell, R., Chen, R.: Adaptive intrusion detection of malicious unmanned air vehicles using behavior rule specifications. IEEE Trans. Syst. Man Cybern. Syst. 44(5), 593–604 (2014)CrossRefGoogle Scholar
  11. 11.
    Noah Shachtman, W.: Exclusive: computer virus hits U.S. drone fleet (2011)Google Scholar
  12. 12.
    Rodday, N.M., Schmidt, R.O., Pras, A.: Exploring security vulnerabilities of unmanned aerial vehicles. In: 2016 IEEE/IFIP Network Operations and Management Symposium (NOMS), pp. 993–994. IEEE (2016)Google Scholar
  13. 13.
    Schneier, B.: Attack trees. Dr. Dobb’s J. 24(12), 21–29 (1999)Google Scholar
  14. 14.
    Schumann, J., Moosbrugger, P., Rozier, K.Y.: R2U2: monitoring and diagnosis of security threats for unmanned aerial systems. In: Bartocci, E., Majumdar, R. (eds.) RV 2015. LNCS, vol. 9333, pp. 233–249. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-23820-3_15CrossRefGoogle Scholar
  15. 15.
    CNN Wire Staff: Obama says US has asked Iran to return drone aircraft (2011)Google Scholar
  16. 16.
    Yoon, K., Park, D., Yim, Y., Kim, K., Yang, S.K., Robinson, M.: Security authentication system using encrypted channel on UAV network. In: IEEE International Conference on Robotic Computing (IRC), pp. 393–398. IEEE (2017)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  • Yu Li
    • 1
  • Ivan Frasure
    • 1
  • Ademola Ayodeji Ikusan
    • 2
  • Junjie Zhang
    • 1
    Email author
  • Rui Dai
    • 2
  1. 1.Wright State UniversityDaytonUSA
  2. 2.University of CincinnatiCincinnatiUSA

Personalised recommendations