ABSTRACT
Drones are usually associated with the military but in recent times, they are also used for public and commercial interests such as transporting of goods, communications, agriculture, disaster mitigation and environment preservation. However, like any system, drones have vulnerabilities that can be exploited which can jeopardise a drone's operation and may lead to loss of lives, property and money. Thus drones deployed must be carefully evaluated and selected. Pen-testing is a way to assess the vulnerabilities of drones but it may require multiple commands, files or scripts. In this work, we propose a tool to allow easy pen-testing and assessment of drones. Vulnerability assessment of the DJI Mavic 2 Pro is discussed extensively as well. Future work includes addressing the vulnerabilities of other drones and expanding the tool to conduct pen-testing on other drones.
Supplemental Material
Available for Download
Poster submission
- 2019. Drones to Survey Dengue Hotspots. https://www.smartnation.sg/what-issmart- nation/initiatives/Urban-Living/drones-to-survey-dengue-hotspots-1Google Scholar
- Siobhan Gorman, Yochi J Dreazen, and August Cole. 2009. Insurgents hack US drones. Wall Street Journal 17 (2009).Google Scholar
- Osqzss. 2018. osqzss/gps-sdr-sim. https://github.com/osqzss/gps-sdr-simGoogle Scholar
- Michael Ossmann. 2019. mossmann/hackrf. https://github.com/mossmann/ hackrf/wikiGoogle Scholar
- Johann-Sebastian Pleban, Ricardo Band, and Reiner Creutzburg. 2014. Hacking and securing the AR.. In Mobile Devices and Multimedia: Enabling Technologies, Algorithms, and Applications 2014, Vol. 9030. International Society for Optics and Photonics, 90300L.Google Scholar
- Mohit Sagar. 2019. Drones are a part of Singapore's Smart Nation strategy. https://www.opengovasia.com/drones-are-a-part-of-singapores-smartnation- strategy/Google Scholar
- Daniel P Shepard, Jahshan A Bhatti, and Todd E Humphreys. 2012. Drone hack: Spoofing attack demonstration on a civilian unmanned aerial vehicle. (2012).Google Scholar
- Hocheol Shin, Kibum Choi, Youngseok Park, Jaeyeong Choi, and Yongdae Kim. 2016. Security Analysis of FHSS-type Drone Controller, Vol. 9503. 240--253. https: //doi.org/10.1007/978--3--319--31875--2_20Google Scholar
- Mika Ståhlberg. 2000. Radio jamming attacks against two popular mobile networks. In In: Helsinki University of Technology Seminar on Network Security. (2000.Google Scholar
Index Terms
- DRAT: A Drone Attack Tool for Vulnerability Assessment
Recommendations
Tractor Beam: Safe-hijacking of Consumer Drones with Adaptive GPS Spoofing
The consumer drone market is booming. Consumer drones are predominantly used for aerial photography; however, their use has been expanding because of their autopilot technology. Unfortunately, terrorists have also begun to use consumer drones for ...
Security beyond cybersecurity: side-channel attacks against non-cyber systems and their countermeasures
AbstractSide-channels are unintended pathways within target systems that leak internal information, exploitable via side-channel attack techniques that extract the target information, compromising the system’s security and privacy. Side-channel attacks ...
Identifying and Exploiting Vulnerabilities in Civilian Unmanned Aerial Vehicle Systems and Evaluating and Countering Potential Threats Against the United States Airspace
SIGCSE '17: Proceedings of the 2017 ACM SIGCSE Technical Symposium on Computer Science EducationThis research project investigates the vulnerabilities of civilian Unmanned Aerial Vehicles (UAV) systems and how they can be exploited by law enforcement should a UAV be utilized in a terrorist attack against the United States. Research into the ...
Comments