CyberDrone: a cybersecurity platform for drone attack detection
DOI:
https://doi.org/10.14482/inde.39.1.621.389Keywords:
Cyber-deception, Cybersecurity, Drone, GPS Spoofing, Honeypot, RadiofrequencyAbstract
This document presents the development of a cybersecurity platform for unmanned aerial vehicles (UAV), or drones, based on cyber-deception technology. This technology is based on the deliberate creation of easily accessible and detectable decoys (or honeypots) to detect potential intruders at the perimeter of a critical infrastructure. This document contains an explanation of the conceptual model of the proposed solution, and a detailed description of each of the developed procedures. A technological development methodology was implemented in this paper. Also, procedures were developed for the creation of honeypots in Wi-Fi wireless networks and in radio frequency bands, and the approach to the development of a GPS spoofing procedure was included. The latter was explored using software defined radio equipment (SDR) for the impersonation of GPS signals, which allows for the implementation of defense strategies against attacking drones. Finally, a web platform to monitor active decoys, and to register penetration attempts, is described. These penetration attempt records are stored in a blockchain, developed with basis on Ethereum technology. It was found that Wi-Fi and radio frequency wireless networks have vulnerabilities that can be exploited by potential attackers. Also, that the GPS spoofing procedure is much more complex than procedures by wireless networks, but it would allow to take action on attacking drones.
References
A. Constantin y R.-N. Dinculescu, “UAV development and impact in the power system”, en 2019 8th International Conference on Modern Power Systems (MPS), 2019, pp. 1-5. Doi: 10.1109/MPS.2019.8759745
Power Engineering International (23 febr. 2018), How drones are playing a role in the power and utility sector [En línea]. Disponible en: https://www.powerengineeringint.com/gas-oil-fired/om/how-drones-are-playing-a-role-in-the-power-and-utility-sector/
N. Ellis, “Inspection of power transmission lines using UAVs”, Tesis de grado, University of Southern Queensland, Australia, 2013 [En línea]. Disponible en: https://eprints.usq.edu.au/24719/1/Ellis, N._2013.pdf
D. Long, P. J. Rehm y S. Ferguson, “Benefits and challenges of using unmanned aerial systems in the monitoring of electrical distribution systems”, Electr. J., vol. 31, no. 2, pp. 26-32, mzo. 2018. https://doi.org/10.1016/j.tej.2018.02.004
M. Manzur, A. Wi?niewski y J. McMillan (oct. 2017), Clarity from above: leveraging drone technologies to secure utilities systems [En línea]. Disponible en: https://www.pwc.com/hu/hu/kiadvanyok/assets/pdf/clarity-from-above-leveraging-drone-technologies-to-secure-utilities-systems-pwc.pdf
C. G. L. Krishna y R. R. Murphy, “A review on cybersecurity vulnerabilities for unmanned aerial vehicles”, en 2017 IEEE International Symposium on Safety, Security and Rescue Robotics (SSRR), 2017, pp. 194-199. Doi: 10.1109/SSRR.2017.8088163
H. Benkraouda, E. Barka y K. Shuaib, “Cyber-attacks on the data communication of drones monitoring critical infrastructure”, Comput. Sci. Inf. Technol., vol. 8, no. 17, pp. 83-93, 2018. Doi : 10.5121/csit.2018.81708
K. Wesson y T. Humphreys, “Hacking drones”, Sci. Am., vol. 309, no. 5, pp. 54-59, nov. 2013. Doi: 10.1038/scientificamerican1113-54
K. Hartmann y K. Giles, “UAV exploitation: a new domain for cyber power”, en 2016 8th International Conference on Cyber Conflict (CyCon), 2016, pp. 205-221. Doi: 10.1109/CYCON.2016.7529436
N. Falliere, L. O. Murchu y E. Chien, “W32. stuxnet dossier”, White paper, Symantec Corp., Security Response, vol. 5, no. 6, p. 29, 2011 [En línea]. Disponible en: https://pax0r.com/hh/stuxnet/Symantec-Stuxnet-Update-Feb-2011.pdf
A. Cherepanov y R. Lipovsky (2 jun. 2017), Industroyer: biggest threat to industrial control systems since Stuxnet [En línea]. Disponible en: https://www.welivesecurity.com/2017/06/12/industroyer-biggest-threat-industrial-control-systems-since-stuxnet/
G. Liang, S. R. Weller, J. Zhao, F. Luo y Z. Y. Dong, “The 2015 ukraine blackout: Implications for false data injection attacks”, IEEE Trans. Power Syst., vol. 32, no. 4, pp. 3317-3318, jul. 2017. Doi: 10.1109/TPWRS.2016.2631891
S. Jajodia, V. S. Subrahmanian, V. Swarup y C. Wang, Cyber deception: building the scientific foundation. Cham: Springer, 2016.
C.-Y. J. Chiang, Y. M. Gottlieb, S. J. Sugrim, R. Chadha, C. Serban, A. Poylisher, L. M. Marvel y J. Santos, “ACyDS: An adaptive cyber deception system”, en MILCOM 2016 - 2016 IEEE Military Communications Conference, 2016, pp. 800-805. https://doi.org/10.1109/MILCOM.2016.7795427
C. De Faveri, A. Moreira y V. Amaral, “Multi-paradigm deception modeling for cyber defense”, J. Syst. Softw., vol. 141, pp. 32-51, jul. 2018. https://doi.org/10.1016/j.jss.2018.03.031
V. E. Urias, W. M. S. Stout, J. Luc-Watson, C. Grim, L. Liebrock y M. Merza, “Technologies to enable cyber deception”, en 2017 International Carnahan Conference on Security Technology (ICCST), 2017, pp. 1-6. Doi: 10.1109/CCST.2017.8167793
V. Zabatta Galgano, “Primeras reflexiones sobre un modelo general de desarrollo tecnológico”, Investig. y Postgrado, vol. 23, no. 2, pp. 433-446, ag. 2008 [En línea]. Disponible en: http://ve.scielo.org/scielo.php?script=sci_arttext&pid=S1316-00872008000200016
J. O’Malley, “Pirates of the skies”, Eng. Technol., vol. 12, no. 3, pp. 32-35, abr. 2017. Doi: 10.1049/et.2017.0302
T. E. Hay (1 ag. 2016), Determining electronic and cyber attack risk level for unmanned aircraft in a contested environment [En línea]. Disponible en: https://apps.dtic.mil/sti/citations/AD1040702.
