Skip to main content
Springer Nature Link
Log in

GRYPHON: Drone Forensics in Dataflash and Telemetry Logs

  • Conference paper
  • First Online:
Advances in Information and Computer Security (IWSEC 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11689))

Included in the following conference series:

Abstract

The continuous decrease in the price of Unmanned Aerial Vehicles (UAVs), more commonly known as drones, has pushed their adoption from military-oriented to a wide range of civilian and business applications. Nevertheless, the many features that they offer have started being maliciously exploited. The latter coupled with the fact that accidents or malicious acts may occur to drones has sparked the interest towards drones forensics.

Trying to fill in the gap of the literature, this work focuses on a particular field of drone forensics that of forensics on the flight data logs. Therefore, we investigate one of the most widely used platforms, Ardupilot and the dataflash and telemetry logs. In this work, we discuss a methodology for collecting the necessary information, analysing it, and constructing the corresponding timeline. In this regard, we have developed an open source tool that is freely available and tested it on data provided by VTO Labs.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    https://www.businesswire.com/news/home/20160509005554/en/Unmanned-Aerial-Vehicles-UAV-Market-Forecast-2020.

  2. 2.

    https://press.pwc.com/News-releases/global-market-for-commercial-applications-of-drone-technology-valued-at-over--127-bn/s/ac04349e-c40d-4767-9f92-a4d219860cd2.

  3. 3.

    https://www.nytimes.com/2018/12/23/world/europe/gatwick-airport-drones.html.

  4. 4.

    https://www.bbc.com/news/uk-england-43413134.

  5. 5.

    https://www.rt.com/news/225051-drone-meth-crash-tijuana/.

  6. 6.

    https://www.telegraph.co.uk/news/uknews/crime/11613568/Burglars-use-drone-helicopters-to-identify-targe-homes.html.

  7. 7.

    https://www.belfasttelegraph.co.uk/news/northern-ireland/drone-filmed-peoples-pin-codes-at-co-antrim-atm-34945847.html.

  8. 8.

    http://ardupilot.org/.

  9. 9.

    https://globaluavtech.com/news-media/blog/open-source-ardupilot-software-vs-dji-software/.

  10. 10.

    http://github.com/emantas/GRYPHON_dft.

  11. 11.

    http://ardupilot.org/dev/docs/raspberry-pi-via-mavlink.html.

  12. 12.

    http://ardupilot.org/copter/docs/common-loading-chibios-firmware-onto-pixhawk.html.

  13. 13.

    http://ardupilot.org/dev/docs/interfacing-with-pixhawk-using-the-nsh.html.

  14. 14.

    http://ardupilot.org/copter/docs/common-diagnosing-problems-using-logs.html.

  15. 15.

    https://mavlink.io/en/.

  16. 16.

    https://mavlink.io/en/guide/mavlink_2.html.

  17. 17.

    https://github.com/ArduPilot/MAVProxy/blob/master/MAVProxy/tools/mavflightview.py.

  18. 18.

    https://github.com/ArduPilot/ardupilot.

  19. 19.

    http://ardupilot.org/planner/.

  20. 20.

    https://www.droneforensics.com.

References

  1. 2018 drone market sector report (2018). http://droneanalyst.com/research

  2. Abbaspour, A., Yen, K.K., Forouzannezhad, P., Sargolzaei, A.: A neural adaptive approach for active fault-tolerant control design in UAV. IEEE Trans. Syst. Man Cybern. Syst. 99, 1–11 (2018)

    Article  Google Scholar 

  3. Abbaspour, A., Yen, K.K., Noei, S., Sargolzaei, A.: Detection of fault data injection attack on UAV using adaptive neural network. Proc. Comput. Sci. 95, 193–200 (2016)

    Article  Google Scholar 

  4. Altawy, R., Youssef, A.M.: Security, privacy, and safety aspects of civilian drones: a survey. ACM Trans. Cyber-Phys. Syst. 1(2), 7 (2017)

    Google Scholar 

  5. Alvarez, P.: Using extended file information (EXIF) file headers in digital evidence analysis. Int. J. Digit. Evid. 2(3), 1–5 (2004)

    Google Scholar 

  6. Barton, T.E.A., Azhar, M.A.H.B.: Open source forensics for a multi-platform drone system. In: Matoušek, P., Schmiedecker, M. (eds.) ICDF2C 2017. LNICST, vol. 216, pp. 83–96. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-73697-6_6

    Chapter  Google Scholar 

  7. Barton, T.E.A., Azhar, M.H.B.: Forensic analysis of popular UAV systems. In: 2017 Seventh International Conference on Emerging Security Technologies (EST), pp. 91–96. IEEE (2017)

    Google Scholar 

  8. Birnbaum, Z., Dolgikh, A., Skormin, V., O’Brien, E., Muller, D., Stracquodaine, C.: Unmanned aerial vehicle security using recursive parameter estimation. J. Intell. Robot. Syst. 84(1–4), 107–120 (2016)

    Article  Google Scholar 

  9. Bouafif, H., Kamoun, F., Iqbal, F., Marrington, A.: Drone forensics: challenges and new insights. In: 2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS), pp. 1–6. IEEE (2018)

    Google Scholar 

  10. Clark, D.R., Meffert, C., Baggili, I., Breitinger, F.: DROP (drone open source parser) your drone: forensic analysis of the DJI Phantom III. Digit. Invest. 22, S3–S14 (2017)

    Article  Google Scholar 

  11. Hartmann, K., Giles, K.: UAV exploitation: a new domain for cyber power. In: 2016 8th International Conference on Cyber Conflict (CyCon), pp. 205–221. IEEE (2016)

    Google Scholar 

  12. Hartmann, K., Steup, C.: The vulnerability of UAVs to cyber attacks-an approach to the risk assessment. In: 2013 5th International Conference on Cyber Conflict (CyCon), pp. 1–23. IEEE (2013)

    Google Scholar 

  13. Hooper, M., et al.: Securing commercial WiFi-based UAVs from common security attacks. In: MILCOM 2016–2016 IEEE Military Communications Conference, pp. 1213–1218. IEEE (2016)

    Google Scholar 

  14. Horsman, G.: Unmanned aerial vehicles: a preliminary analysis of forensic challenges. Digit. Invest. 16, 1–11 (2016)

    Article  Google Scholar 

  15. Jain, U., Rogers, M., Matson, E.T.: Drone forensic framework: sensor and data identification and verification. In: 2017 IEEE Sensors Applications Symposium (SAS), pp. 1–6. IEEE (2017)

    Google Scholar 

  16. Javaid, A.Y., Sun, W., Alam, M.: UAVSim: a simulation testbed for unmanned aerial vehicle network cyber security analysis. In: 2013 IEEE Globecom Workshops (GC Wkshps), pp. 1432–1436. IEEE (2013)

    Google Scholar 

  17. Kim, A., Wampler, B., Goppert, J., Hwang, I., Aldridge, H.: Cyber attack vulnerabilities analysis for unmanned aerial vehicles. In: Infotech@ Aerospace 2012, p. 2438 (2012)

    Google Scholar 

  18. Kovar, D., Dominguez, G., Murphy, C.: UAV (aka drone) forensics. Slides of a talk given at SANS DFIR summit in Austin, TX July 7 (2015)

    Google Scholar 

  19. Pleban, J.S., Band, R., Creutzburg, R.: Hacking and securing the AR.Drone 2.0 quadcopter: investigations for improving the security of a toy. In: Mobile Devices and Multimedia: Enabling Technologies, Algorithms, and Applications 2014, vol. 9030, p. 90300L. International Society for Optics and Photonics (2014)

    Google Scholar 

  20. Schumann, J., Moosbrugger, P., Rozier, K.Y.: R2U2: monitoring and diagnosis of security threats for unmanned aerial systems. In: Bartocci, E., Majumdar, R. (eds.) RV 2015. LNCS, vol. 9333, pp. 233–249. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-23820-3_15

    Chapter  Google Scholar 

  21. Sedjelmaci, H., Senouci, S.M., Messous, M.A.: How to detect cyber-attacks in unmanned aerial vehicles network? In: 2016 IEEE Global Communications Conference (GLOBECOM), pp. 1–6. IEEE (2016)

    Google Scholar 

  22. Solodov, A., Williams, A., Al Hanaei, S., Goddard, B.: Analyzing the threat of unmanned aerial vehicles (UAV) to nuclear facilities. Secur. J. 31(1), 305–324 (2018)

    Article  Google Scholar 

  23. Valente, J., Cardenas, A.A.: Understanding security threats in consumer drones through the lens of the discovery quadcopter family. In: Proceedings of the 2017 Workshop on Internet of Things Security and Privacy, pp. 31–36. ACM (2017)

    Google Scholar 

  24. Vattapparamban, E., Güvenç, İ., Yurekli, A.İ., Akkaya, K., Uluağaç, S.: Drones for smart cities: Issues in cybersecurity, privacy, and public safety. In: 2016 International Wireless Communications and Mobile computing Conference (IWCMC), pp. 216–221. IEEE (2016)

    Google Scholar 

  25. Yaqoob, I., Hashem, I.A.T., Ahmed, A., Kazmi, S.A., Hong, C.S.: Internet of things forensics: recent advances, taxonomy, requirements, and open challenges. Future Gener. Comput. Syst. 92, 265–275 (2019)

    Article  Google Scholar 

Download references

Acknowledgements

This work was supported by the European Commission under the Horizon 2020 Programme (H2020), as part of the project YAKSHA (Grant Agreement no. 780498) and is based upon work from COST Action CA17124: Digital forensics: evidence analysis via intelligent systems and practices (European Cooperation in Science and Technology).

This paper utilised datasets from droneforensics which is based on research completed by VTO Labs (Colorado, USA); sponsored by the United States Department of Homeland Security (DHS) Science and Technology Directorate, Cyber Security Division (DHS S&T/CSD) via contract number HHSP233201700017C.

Author information

Authors and Affiliations

  1. Department of Informatics, University of Piraeus, Piraeus, Greece

    Evangelos Mantas & Constantinos Patsakis

Authors
  1. Evangelos Mantas
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Constantinos Patsakis
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Constantinos Patsakis .

Editor information

Editors and Affiliations

  1. National Institute of Advanced Industrial Science and Technology, Tokyo, Japan

    Nuttapong Attrapadung

  2. NTT Security (Japan) KK, Tokyo, Japan

    Takeshi Yagi

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Mantas, E., Patsakis, C. (2019). GRYPHON: Drone Forensics in Dataflash and Telemetry Logs. In: Attrapadung, N., Yagi, T. (eds) Advances in Information and Computer Security. IWSEC 2019. Lecture Notes in Computer Science(), vol 11689. Springer, Cham. https://doi.org/10.1007/978-3-030-26834-3_22

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-26834-3_22

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-26833-6

  • Online ISBN: 978-3-030-26834-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics