ABSTRACT
Swarm robotics, particularly drone swarms, are used in various safety-critical tasks. While a lot of attention has been paid to improving swarm control algorithms for improved intelligence, the security implications of various design choices in swarm control algorithms have not been studied. We highlight how an attacker can exploit the vulnerabilities in swarm control algorithms to disrupt drone swarms. Specifically, we show that the attacker can target one swarm member (target drone) through sensor spoofing attacks, and indirectly cause other swarm members (victim drones) to veer off from their course, and potentially resulting in a crash. Our attack cannot be prevented by traditional software security techniques, and it is stealthy in nature as it causes seemingly benign deviations in drone swarms. Our initial results show that spoofing the position of a target drone by 5m is sufficient to cause other drones to crash into a front obstacle. Overall, our attack achieves 76.67% and 93.33% success rate with 5m and 10m spoofing deviation respectively.
- 2008. Global Positioning System Standard Positioning Service Performance Stan- dard. https://www.gps.gov/technical/ps/2008-SPS-performance-standard.pdf.Google Scholar
- 2019. The Pentagon Wants AI-Driven Drone Swarms for Search and Rescue Ops. https://www.nextgov.com/emerging-tech/2019/12/pentagon-wants-ai-driven-drone-swarms-search-and-rescue-ops/162113/Google Scholar
- Pritam Dash, Guanpeng Li, Zitao Chen, Mehdi Karimibiuki, and Karthik Pattabiraman. 2021. PID-Piper: Recovering Robotic Vehicles from Physical Attacks. In 51st International Conference on Dependable Systems and Networks (DSN) 2021.Google ScholarCross Ref
- Xinyu Huang, Yunzhe Tian, Yifei He, Endong Tong, Wenjia Niu, Chenyang Li, Jiqiang Liu, and Liang Chang. 2020. Exposing Spoofing Attack on Flocking-Based Unmanned Aerial Vehicle Cluster: A Threat to Swarm Intelligence. Secur. Commun. Networks, Vol. 2020 (2020), 8889122:1-8889122:15.Google ScholarDigital Library
- Chi-Gon Jung, Alipour Asl Ahad, Yuseok Jeon, and Yonghwi Kwon. 2022. SWARMFLAWFINDER: Discovering and Exploiting Logic Flaws of Swarm Algorithms. In IEEE Symposium on Security and Privacy.Google Scholar
- Liangjun Liu, Hongyan Qian, and Feng Hu. 2019. Random Label Based Security Authentication Mechanism for Large-Scale UAV Swarm. 2019 IEEE Intl Conf on Parallel & Distributed Processing with Applications, Big Data & Cloud Computing, Sustainable Computing & Communications, Social Computing & Networking (ISPA/BDCloud/SocialCom/SustainCom) (2019), 229--235.Google Scholar
- Craig W. Reynolds. 1987. Flocks, herds and schools: A distributed behavioral model. Proceedings of the 14th annual conference on Computer graphics and interactive techniques (1987).Google ScholarDigital Library
- Enrica Soria, Fabrizio Schiano, and Dario Floreano. 2020. SwarmLab: a Matlab Drone Swarm Simulator. 2020 IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS) (2020), 8005--8011.Google ScholarDigital Library
- Nils Ole Tippenhauer, Christina Pöpper, Kasper Bonne Rasmussen, and Srdjan Capkun. 2011. On the requirements for successful GPS spoofing attacks. In CCS.Google Scholar
- Gábor Vásárhelyi, Csaba Virágh, Gergo Somorjai, Tamás Nepusz, Agoston E. Eiben, and Tamás Vicsek. 2018. Optimized flocking of autonomous drones in confined environments. Science Robotics, Vol. 3 (2018).Google ScholarCross Ref
Index Terms
- Poster: May the Swarm Be With You: Sensor Spoofing Attacks Against Drone Swarms
Recommendations
Poster: mimicry attacks against wireless link signature
CCS '11: Proceedings of the 18th ACM conference on Computer and communications securityWireless link signature is a physical layer authentication mechanism, which uses the multi-path effect between a transmitter and a receiver to provide authentication of wireless signals. We identify a new attack, called mimicry attack, against the ...
Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2
CCS '17: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications SecurityWe introduce the key reinstallation attack. This attack abuses design or implementation flaws in cryptographic protocols to reinstall an already-in-use key. This resets the key's associated parameters such as transmit nonces and receive replay counters. ...
Combining Cyber Security Intelligence to Refine Automotive Cyber Threats
Modern vehicles increasingly rely on electronics, software, and communication technologies (cyber space) to perform their driving task. Over-The-Air (OTA) connectivity further extends the cyber space by creating remote access entry points. Accordingly, ...
Comments