Skip to main content
SpringerLink
Log in

Analysis and Systematization of Vulnerabilities of Drone Subsystems

  • Conference paper
  • First Online:
Information and Communication Technologies in Education, Research, and Industrial Applications (ICTERI 2023)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1980))

  • 117 Accesses

Abstract

A drone is a software (SW) and hardware (HW) complex that has wireless data transfer technologies (Wi-Fi, LTE, 5G, Bluetooth, etc.) To transfer data, it uses various communication protocols: both specific and generally known.

Drones can perform complex tasks, but some cyber-attacks (such as Denial-of-Services - DoS) can lead to the failure of individual components of the drone and the entire system as a whole.

Guidelines for protecting against drone attacks are provided by many organizations that develop cybersecurity standards (NIST, CERT, CISA, etc.). Methods to prevent cyber-attacks can be used to drones, with adjustments to their parameters and architectural features. There are also recommendations for protecting drone components and also methods of communication protocols protection from cyber-attacks.

The authors of this study offer a comprehensive approach to the analysis of vulnerabilities of drone subsystems, which includes a system analysis of drone architecture, vulnerability analysis by different vulnerability databases, and their systematization.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 64.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 84.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Autonomian. UAV Data Transmission and Protocols, 92 p. https://robolabor.ee/img/cms/projektid/UAV%20Data%20Transmission%20and%20Communication%20Protocols.pdf. Accessed 04 Apr 2023

  2. Yanmaz, E., Yahyanejad, S., Rinner, B., Hellwagner, H., Bettstetter, C.: Drone networks: communications, coordination, and sensing. Ad Hoc Netw. 68 (2017). https://doi.org/10.1016/j.adhoc.2017.09.001

  3. Pleban, J., Band, R., Creutzburg, R.: Hacking and securing the AR.Drone 2.0 quadcopter - investigations for improving the security of a toy (2014). https://doi.org/10.1117/12.2044868

  4. Menoret, S., Auburg, T., Nousi, V., Pitas Aristotle, I.: Drone communications. European Union’s Horizon 2020 research and innovation programmed under grant agreement. No 731667 (MULTIDRONE)

    Google Scholar 

  5. Sawalmeh, A., Othman, N.: An overview of collision avoidance approaches and network architecture of unmanned aerial vehicles (UAVs). Int. J. Eng. Technol. 7 (2018). https://doi.org/10.14419/IJET.v7i4.35.27395

  6. Aranzazu Suescun, C., Cardei, M.: Unmanned Aerial Vehicle Networking Protocols (2021). https://doi.org/10.18687/LACCEI2016.1.S.078

  7. Aldeen, S., Yousra, Abdulhadi, H.: Data communication for drone-enabled internet of things. Indones. J. Electr. Eng. Comput. Sci. 22, 1216. (2021). https://doi.org/10.11591/IJEECS.v22.i2.pp1216-1222

  8. Kwon, Y.M., Yu, J., Cho, B.M., Eun, Y., Park, K.J.: Empirical analysis of MAVLink protocol vulnerability for attacking unmanned aerial vehicles. IEEE Access 6, 43203–43212 (2018)

    Article  Google Scholar 

  9. Khan, N.A., Jhanjhi, N.Z., Brohi, S.N., Almazroi, A.A., Almazroi, A.A.: A secure communication protocol for unmanned aerial vehicles. Comput. Mater. Continua 70, 601–618 (2021). https://doi.org/10.32604/cmc.2022.019419

  10. Aerosmart. UAV systems and solutions. Use-case. Drone Detection System (2022). https://www.aerosmart.ae/drone-detection-system/. Accessed 05 Apr 2023

  11. Kaspersky. Endpoint Security for Linux. For workstations and servers. https://www.kaspersky.com/small-to-medium-business-security/endpoint-linux. Accessed 05 Apr 2023

  12. Lee, M., Choi, G., Park, J., Cho, S.: Study of analyzing and mitigating vulnerabilities in uC/OS real-time operating system. In: 2018 Tenth International Conference on Ubiquitous and Future Networks (ICUFN), pp. 834–836 (2018). https://doi.org/10.1109/ICUFN.2018.8436965

  13. Belding, G.: Malware Spotlight: EvilGnome (2020). https://resources.infosecinstitute.com/topic/malware-spotlight-evilgnome/. Accessed 10 Apr 2023

  14. National Vulnerability Database. CVE-2020-14314. https://nvd.nist.gov/vuln/detail/CVE-2020-14314. Accessed 05 Apr 2023

  15. National Vulnerability Database. CVE-2020-16119, https://nvd.nist.gov/vuln/detail/CVE-2020-16119. Accessed 10 Apr 2023

  16. Linux RedHat. https://access.redhat.com/security/cve/cve-2020-16119. Accessed 10 Apr 2023

  17. National Vulnerability Database. CVE-2020-16120, https://nvd.nist.gov/vuln/detail/CVE-2020-16120. Accessed 10 Apr 2023

  18. National Vulnerability Database. CVE-2020-14385. https://nvd.nist.gov/vuln/detail/CVE-2020-14385

  19. National Vulnerability Database. CVE-2020-20285. https://nvd.nist.gov/vuln/detail/CVE-2020-20285. Accessed 10 Apr 2023

  20. National Vulnerability Database. CVE-2020-25641. https://nvd.nist.gov/vuln/detail/CVE-2020-25641. Accessed 10 Apr 2023

  21. National Vulnerability Database. CVE-2022-23222. https://nvd.nist.gov/vuln/detail/CVE-2020-23222. Accessed 10 Apr 2023

  22. RedHat. https://bugzilla.redhat.com/show_bug.cgi?id=2119048. Accessed 10 Apr 2023

  23. RedHat. https://bugzilla.redhat.com/show_bug.cgi?id=2188396. Accessed 10 Apr 2023

  24. MITRE. CVE-2021-1378. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1378. Accessed 10 Apr 2023

  25. National Vulnerability Database. CVE-2021-1378. https://nvd.nist.gov/vuln/detail/CVE-2021-1378. Accessed 10 Apr 2023

  26. National Vulnerability Database. CVE-2021-1592. https://nvd.nist.gov/vuln/detail/CVE-2021-1592. Accessed 10 Apr 2023

  27. National Vulnerability Database. CVE-2020-15025. https://nvd.nist.gov/vuln/detail/CVE-2020-15025. Accessed 10 Apr 2023

  28. National Vulnerability Database. CVE-2020-13817. https://nvd.nist.gov/vuln/detail/CVE-2020-13817. Accessed 10 Apr 2023

  29. National Vulnerability Database. CVE-2020-11868. https://nvd.nist.gov/vuln/detail/CVE-2020-11868. Accessed 10 Apr 2023

  30. National Vulnerability Database. CVE-2022-27000. https://nvd.nist.gov/vuln/detail/CVE-2022-27000. Accessed 10 Apr 2023

  31. National Vulnerability Database. CVE-2022-26019. https://nvd.nist.gov/vuln/detail/CVE-2022-26019. Accessed 10 Apr 2023

  32. National Vulnerability Database. CVE-2018-0280. https://nvd.nist.gov/vuln/detail/CVE-2018-0280. Accessed 10 Apr 2023

  33. National Vulnerability Database. CVE-2022-21722. https://nvd.nist.gov/vuln/detail/CVE-2022-21722. Accessed 10 Apr 2023

  34. Burleson-Davis, J.: 7 Common VPN Security Risks: The Not-So-Good, The Bad, and the Ugly, April 14, 2021. https://www.securelink.com/blog/vpnproblems/#:~:text=VPNs%20are%20insecure%20because%20they,network%20can%20be%20brought%20down. Accessed 10 Apr 2023

  35. Aljehani, M., Inoue, M.: Communication and Autonomous Control of Multi-UAV System in Disaster Response Tasks (2017). https://doi.org/10.1007/978-3-319-59394-4_12

  36. Rametta, C., Beritelli, F., Avanzato, R., Russo, M.: A smart VPN bonding technique for drone communication applications. In: 2019 15th International CONFERENCE on Distributed Computing in Sensor Systems (DCOSS), pp. 612–618 (2019). https://doi.org/10.1109/DCOSS.2019.00112

  37. National Vulnerability Database. CVE-2022-22510. https://nvd.nist.gov/vuln/detail/CVE-2022-22510. Accessed 15 Apr 2023

  38. Husnain, M., et al.: Preventing MQTT vulnerabilities using IoT-enabled intrusion detection system. Sensors 22, 567 (2022). https://doi.org/10.3390/s22020567

    Article  Google Scholar 

  39. National Vulnerability Database. CVE-2022-0673. https://nvd.nist.gov/vuln/detail/CVE-2022-0673. Accessed 21 Apr 2023

  40. National Vulnerability Database. CVE-2020-3162. https://nvd.nist.gov/vuln/detail/CVE-2020-3162. Accessed 21 Apr 2023

  41. National Vulnerability Database. CVE-2022-22899, https://nvd.nist.gov/vuln/detail/CVE-2022-22899. Accessed 21 Apr 2023

  42. National Vulnerability Database. CVE-2017-5754. https://nvd.nist.gov/vuln/detail/CVE-2017-5754. Accessed 21 Apr 2023

  43. National Vulnerability Database. CVE-2017-5753. https://nvd.nist.gov/vuln/detail/CVE-2017-5753. Accessed 21 Apr 2023

  44. National Vulnerability Database. CVE-2022-29402. https://nvd.nist.gov/vuln/detail/cve-2022-29402. Accessed 05 May 2023

  45. National Vulnerability Database. CVE-2021-26317. https://nvd.nist.gov/vuln/detail/CVE-2021-26317. Accessed 21 Apr 2023

  46. National Vulnerability Database. CVE-2023-2166. https://nvd.nist.gov/vuln/detail/CVE-2022-2166. Accessed 21 Apr 2023

Download references

Author information

Authors and Affiliations

  1. National Aerospace University “Kharkiv Aviation Institute”, Kharkiv, Ukraine

    Maryna Kolisnyk & Oleksandr Piskachov

  2. Vienna University of Technology (TU Wien), Vienna, Austria

    Maryna Kolisnyk

Authors
  1. Maryna Kolisnyk
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Oleksandr Piskachov
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Maryna Kolisnyk .

Editor information

Editors and Affiliations

  1. University of Huddersfield, Huddersfield, UK

    Grigoris Antoniou

  2. Ukrainian Catholic University, Lviv, Ukraine

    Vadim Ermolayev

  3. Kherson State University, Kherson, Ukraine

    Vitaliy Kobets

  4. Odessa National Polytechnic University, Odesa, Ukraine

    Vira Liubchenko

  5. University of Klagenfurt, Klagenfurt, Austria

    Heinrich C. Mayr

  6. Kherson State University, Kherson, Ukraine

    Aleksander Spivakovsky

  7. University of Warmia and Mazury in Olsztyn, Olsztyn, Poland

    Vitaliy Yakovyna

  8. V. N. Karazin Kharkiv National University, Kharkiv, Ukraine

    Grygoriy Zholtkevych

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Kolisnyk, M., Piskachov, O. (2023). Analysis and Systematization of Vulnerabilities of Drone Subsystems. In: Antoniou, G., et al. Information and Communication Technologies in Education, Research, and Industrial Applications. ICTERI 2023. Communications in Computer and Information Science, vol 1980. Springer, Cham. https://doi.org/10.1007/978-3-031-48325-7_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-48325-7_6

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-48324-0

  • Online ISBN: 978-3-031-48325-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation