Visible to the public Biblio

Found 596 results

Filters: Keyword is Computer crime  [Clear All Filters]
2023-08-18
Bukharev, Dmitriy A., Ragozin, Andrey N., Sokolov, Alexander N..  2022.  Method for Determining the Optimal Number of Clusters for ICS Information Processes Analysis During Cyberattacks Based on Hierarchical Clustering. 2022 Ural-Siberian Conference on Biomedical Engineering, Radioelectronics and Information Technology (USBEREIT). :309—312.
The development of industrial automation tools and the integration of industrial and corporate networks in order to improve the quality of production management have led to an increase in the risks of successful cyberattacks and, as a result, to the necessity to solve the problems of practical information security of industrial control systems (ICS). Detection of cyberattacks of both known and unknown types is could be implemented as anomaly detection in dynamic information processes recorded during the operation of ICS. Anomaly detection methods do not require preliminary analysis and labeling of the training sample. In the context of detecting attacks on ICS, cluster analysis is used as one of the methods that implement anomaly detection. The application of hierarchical cluster analysis for clustering data of ICS information processes exposed to various cyberattacks is studied, the problem of choosing the level of the cluster hierarchy corresponding to the minimum set of clusters aggregating separately normal and abnormal data is solved. It is shown that the Ward method of hierarchical cluster division produces the best division into clusters. The next stage of the study involves solving the problem of classifying the formed minimum set of clusters, that is, determining which cluster is normal and which cluster is abnormal.
2023-08-17
Misbahuddin, Mohammed, Harish, Rashmi, Ananya, K.  2022.  Identity of Things (IDoT): A Preliminary Report on Identity Management Solutions for IoT Devices. 2022 IEEE International Conference on Public Key Infrastructure and its Applications (PKIA). :1—9.
The Internet of Things poses some of the biggest security challenges in the present day. Companies, users and infrastructures are constantly under attack by malicious actors. Increasingly, attacks are being launched by hacking into one vulnerable device and hence disabling entire networks resulting in great loss. A strong identity management framework can help better protect these devices by issuing a unique identity and managing the same through its lifecycle. Identity of Things (IDoT) is a term that has been used to describe the importance of device identities in IoT networks. Since the traditional identity and access management (IAM) solutions are inadequate in managing identities for IoT, the Identity of Things (IDoT) is emerging as the solution for issuance of Identities to every type of device within the IoT IAM infrastructure. This paper presents the survey of recent research works proposed in the area of device identities and various commercial solutions offered by organizations specializing in IoT device security.
2023-08-11
Biswas, Ankur, Karan, Ashish, Nigam, Nidhi, Doreswamy, Hema, Sadykanova, Serikkhan, Rauliyevna, Mangazina Zhanel.  2022.  Implementation of Cyber Security for Enabling Data Protection Analysis and Data Protection using Robot Key Homomorphic Encryption. 2022 Sixth International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC). :170—174.
Cloud computing plays major role in the development of accessing clouduser’s document and sensitive information stored. It has variety of content and representation. Cyber security and attacks in the cloud is a challenging aspect. Information security attains a vital part in Cyber Security management. It involves actions intended to reduce the adverse impacts of such incidents. To access the documents stored in cloud safely and securely, access control will be introduced based on cloud users to access the user’s document in the cloud. To achieve this, it is highly required to combine security components (e.g., Access Control, Usage Control) in the security document to get automatic information. This research work has proposed a Role Key Homomorphic Encryption Algorithm (RKHEA) to monitor the cloud users, who access the services continuously. This method provides access creation of session-based key to store the singularized encryption to reduce the key size from random methods to occupy memory space. It has some terms and conditions to be followed by the cloud users and also has encryption method to secure the document content. Hence the documents are encrypted with the RKHEA algorithm based on Service Key Access (SKA). Then, the encrypted key will be created based on access control conditions. The proposed analytics result shows an enhanced control over the documents in cloud and improved security performance.
2023-06-30
Libicki, Martin C..  2022.  Obnoxious Deterrence. 2022 14th International Conference on Cyber Conflict: Keep Moving! (CyCon). 700:65–77.
The reigning U.S. paradigm for deterring malicious cyberspace activity carried out by or condoned by other countries is to levy penalties on them. The results have been disappointing. There is little evidence of the permanent reduction of such activity, and the narrative behind the paradigm presupposes a U.S./allied posture that assumes the morally superior role of judge upon whom also falls the burden of proof–-a posture not accepted but nevertheless exploited by other countries. In this paper, we explore an alternative paradigm, obnoxious deterrence, in which the United States itself carries out malicious cyberspace activity that is used as a bargaining chip to persuade others to abandon objectionable cyberspace activity. We then analyze the necessary characteristics of this malicious cyberspace activity, which is generated only to be traded off. It turns out that two fundamental criteria–that the activity be sufficiently obnoxious to induce bargaining but be insufficiently valuable to allow it to be traded away–may greatly reduce the feasibility of such a ploy. Even if symmetric agreements are easier to enforce than pseudo-symmetric agreements (e.g., the XiObama agreement of 2015) or asymmetric red lines (e.g., the Biden demand that Russia not condone its citizens hacking U.S. critical infrastructure), when violations occur, many of today’s problems recur. We then evaluate the practical consequences of this approach, one that is superficially attractive.
ISSN: 2325-5374
2023-06-23
Deri, Luca, Cardigliano, Alfredo.  2022.  Using CyberScore for Network Traffic Monitoring. 2022 IEEE International Conference on Cyber Security and Resilience (CSR). :56–61.
The growing number of cybersecurity incidents and the always increasing complexity of cybersecurity attacks is forcing the industry and the research community to develop robust and effective methods to detect and respond to network attacks. Many tools are either built upon a large number of rules and signatures which only large third-party vendors can afford to create and maintain, or are based on complex artificial intelligence engines which, in most cases, still require personalization and fine-tuning using costly service contracts offered by the vendors.This paper introduces an open-source network traffic monitoring system based on the concept of cyberscore, a numerical value that represents how a network activity is considered relevant for spotting cybersecurity-related events. We describe how this technique has been applied in real-life networks and present the result of this evaluation.
2023-06-22
Li, Mengxue, Zhang, Binxin, Wang, Guangchang, ZhuGe, Bin, Jiang, Xian, Dong, Ligang.  2022.  A DDoS attack detection method based on deep learning two-level model CNN-LSTM in SDN network. 2022 International Conference on Cloud Computing, Big Data Applications and Software Engineering (CBASE). :282–287.
This paper mainly explores the detection and defense of DDoS attacks in the SDN architecture of the 5G environment, and proposes a DDoS attack detection method based on the deep learning two-level model CNN-LSTM in the SDN network. Not only can it greatly improve the accuracy of attack detection, but it can also reduce the time for classifying and detecting network traffic, so that the transmission of DDoS attack traffic can be blocked in time to ensure the availability of network services.
Chen, Jing, Yang, Lei, Qiu, Ziqiao.  2022.  Survey of DDoS Attack Detection Technology for Traceability. 2022 IEEE 4th Eurasia Conference on IOT, Communication and Engineering (ECICE). :112–115.
Target attack identification and detection has always been a concern of network security in the current environment. However, the economic losses caused by DDoS attacks are also enormous. In recent years, DDoS attack detection has made great progress mainly in the user application layer of the network layer. In this paper, a review and discussion are carried out according to the different detection methods and platforms. This paper mainly includes three parts, which respectively review statistics-based machine learning detection, target attack detection on SDN platform and attack detection on cloud service platform. Finally, the research suggestions for DDoS attack detection are given.
Kumar, Anmol, Somani, Gaurav.  2022.  DDoS attack mitigation in cloud targets using scale-inside out assisted container separation. IEEE INFOCOM 2022 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). :1–6.
From the past few years, DDoS attack incidents are continuously rising across the world. DDoS attackers have also shifted their target towards cloud environments as majority of services have shifted their operations to cloud. Various authors proposed distinct solutions to minimize the DDoS attacks effects on victim services and co-located services in cloud environments. In this work, we propose an approach by utilizing incoming request separation at the container-level. In addition, we advocate to employ scale-inside out [10] approach for all the suspicious requests. In this manner, we achieve the request serving of all the authenticated benign requests even in the presence of an attack. We also improve the usages of scale-inside out approach by applying it to a container which is serving the suspicious requests in a separate container. The results of our proposed technique show a significant decrease in the response time of benign users during the DDoS attack as compared with existing solutions.
Žádník, Martin.  2022.  Towards Inference of DDoS Mitigation Rules. NOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium. :1–5.
DDoS attacks still represent a severe threat to network services. While there are more or less workable solutions to defend against these attacks, there is a significant space for further research regarding automation of reactions and subsequent management. In this paper, we focus on one piece of the whole puzzle. We strive to automatically infer filtering rules which are specific to the current DoS attack to decrease the time to mitigation. We employ a machine learning technique to create a model of the traffic mix based on observing network traffic during the attack and normal period. The model is converted into the filtering rules. We evaluate our approach with various setups of hyperparameters. The results of our experiments show that the proposed approach is feasible in terms of the capability of inferring successful filtering rules.
ISSN: 2374-9709
Sai, A N H Dhatreesh, Tilak, B H, Sanjith, N Sai, Suhas, Padi, Sanjeetha, R.  2022.  Detection and Mitigation of Low and Slow DDoS attack in an SDN environment. 2022 International Conference on Distributed Computing, VLSI, Electrical Circuits and Robotics ( DISCOVER). :106–111.

Distributed Denial of Service (DDoS) attacks aim to make a server unresponsive by flooding the target server with a large volume of packets (Volume based DDoS attacks), by keeping connections open for a long time and exhausting the resources (Low and Slow DDoS attacks) or by targeting protocols (Protocol based attacks). Volume based DDoS attacks that flood the target server with a large number of packets are easier to detect because of the abnormality in packet flow. Low and Slow DDoS attacks, however, make the server unavailable by keeping connections open for a long time, but send traffic similar to genuine traffic, making detection of such attacks difficult. This paper proposes a solution to detect and mitigate one such Low and slow DDoS attack, Slowloris in an SDN (Software Defined Networking) environment. The proposed solution involves communication between the detection and mitigation module and the controller of the Software Defined Network to get data to detect and mitigate low and slow DDoS attack.

Nascimento, Márcio, Araujo, Jean, Ribeiro, Admilson.  2022.  Systematic review on mitigating and preventing DDoS attacks on IoT networks. 2022 17th Iberian Conference on Information Systems and Technologies (CISTI). :1–9.
Internet of Things (IoT) and those protocol CoAP and MQTT has security issues that have entirely changed the security strategy should be utilized and behaved for devices restriction. Several challenges have been observed in multiple domains of security, but Distributed Denial of Service (DDoS) have actually dangerous in IoT that have RT. Thus, the IoT paradigm and those protocols CoAP and MQTT have been investigated to seek whether network services could be efficiently delivered for resources usage, managed, and disseminated to the devices. Internet of Things is justifiably joined with the best practices augmentation to make this task enriched. However, factors behaviors related to traditional networks have not been effectively mitigated until now. In this paper, we present and deep, qualitative, and comprehensive systematic mapping to find the answers to the following research questions, such as, (i) What is the state-of-the-art in IoT security, (ii) How to solve the restriction devices challenges via infrastructure involvement, (iii) What type of technical/protocol/ paradigm needs to be studied, and (iv) Security profile should be taken care of, (v) As the proposals are being evaluated: A. If in simulated/virtualized/emulated environment or; B. On real devices, in which case which devices. After doing a comparative study with other papers dictate that our work presents a timely contribution in terms of novel knowledge toward an understanding of formulating IoT security challenges under the IoT restriction devices take care.
ISSN: 2166-0727
Manoj, K. Sai.  2022.  DDOS Attack Detection and Prevention using the Bat Optimized Load Distribution Algorithm in Cloud. 2022 International Interdisciplinary Humanitarian Conference for Sustainability (IIHC). :633–642.
Cloud computing provides a great platform for the users to utilize the various computational services in order accomplish their requests. However it is difficult to utilize the computational storage services for the file handling due to the increased protection issues. Here Distributed Denial of Service (DDoS) attacks are the most commonly found attack which will prevent from cloud service utilization. Thus it is confirmed that the DDoS attack detection and load balancing in cloud are most extreme issues which needs to be concerned more for the improved performance. This attained in this research work by measuring up the trust factors of virtual machines in order to predict the most trustable VMs which will be combined together to form the trustable source vector. After trust evaluation, in this work Bat algorithm is utilized for the optimal load distribution which will predict the optimal VM resource for the task allocation with the concern of budget. This method is most useful in the process of detecting the DDoS attacks happening on the VM resources. Finally prevention of DDOS attacks are performed by introducing the Fuzzy Extreme Learning Machine Classifier which will learn the cloud resource setup details based on which DDoS attack detection can be prevented. The overall performance of the suggested study design is performed in a Java simulation model to demonstrate the superiority of the proposed algorithm over the current research method.
Das, Soumyajit, Dayam, Zeeshaan, Chatterjee, Pinaki Sankar.  2022.  Application of Random Forest Classifier for Prevention and Detection of Distributed Denial of Service Attacks. 2022 OITS International Conference on Information Technology (OCIT). :380–384.
A classification issue in machine learning is the issue of spotting Distributed Denial of Service (DDos) attacks. A Denial of Service (DoS) assault is essentially a deliberate attack launched from a single source with the implied intent of rendering the target's application unavailable. Attackers typically aims to consume all available network bandwidth in order to accomplish this, which inhibits authorized users from accessing system resources and denies them access. DDoS assaults, in contrast to DoS attacks, include several sources being used by the attacker to launch an attack. At the network, transportation, presentation, and application layers of a 7-layer OSI architecture, DDoS attacks are most frequently observed. With the help of the most well-known standard dataset and multiple regression analysis, we have created a machine learning model in this work that can predict DDoS and bot assaults based on traffic.
Chavan, Neeta, Kukreja, Mohit, Jagwani, Gaurav, Nishad, Neha, Deb, Namrata.  2022.  DDoS Attack Detection and Botnet Prevention using Machine Learning. 2022 8th International Conference on Advanced Computing and Communication Systems (ICACCS). 1:1159–1163.
One of the major threats in the cyber security and networking world is a Distributed Denial of Service (DDoS) attack. With massive development in Science and Technology, the privacy and security of various organizations are concerned. Computer Intrusion and DDoS attacks have always been a significant issue in networked environments. DDoS attacks result in non-availability of services to the end-users. It interrupts regular traffic flow and causes a flood of flooded packets, causing the system to crash. This research presents a Machine Learning-based DDoS attack detection system to overcome this challenge. For the training and testing purpose, we have used the NSL-KDD Dataset. Logistic Regression Classifier, Support Vector Machine, K Nearest Neighbour, and Decision Tree Classifier are examples of machine learning algorithms which we have used to train our model. The accuracy gained are 90.4, 90.36, 89.15 and 82.28 respectively. We have added a feature called BOTNET Prevention, which scans for Phishing URLs and prevents a healthy device from being a part of the botnet.
ISSN: 2575-7288
2023-06-09
Yang, Jeong, Rae Kim, Young, Earwood, Brandon.  2022.  A Study of Effectiveness and Problem Solving on Security Concepts with Model-Eliciting Activities. 2022 IEEE Frontiers in Education Conference (FIE). :1—9.
Security is a critical aspect in the process of designing, developing, and testing software systems. Due to the increasing need for security-related skills within software systems, there is a growing demand for these skills to be taught in computer science. A series of security modules was developed not only to meet the demand but also to assess the impact of these modules on teaching critical cyber security topics in computer science courses. This full paper in the innovative practice category presents the outcomes of six security modules in a freshman-level course at two institutions. The study adopts a Model-Eliciting Activity (MEA) as a project for students to demonstrate an understanding of the security concepts. Two experimental studies were conducted: 1) Teaching effectiveness of implementing cyber security modules and MEA project, 2) Students’ experiences in conceptual modeling tasks in problem-solving. In measuring the effectiveness of teaching security concepts with the MEA project, students’ performance, attitudes, and interests as well as the instructor’s effectiveness were assessed. For the conceptual modeling tasks in problem-solving, the results of student outcomes were analyzed. After implementing the security modules with the MEA project, students showed a great understanding of cyber security concepts and an increased interest in broader computer science concepts. The instructor’s beliefs about teaching, learning, and assessment shifted from teacher-centered to student-centered during their experience with the security modules and MEA project. Although 64.29% of students’ solutions do not seem suitable for real-world implementation, 76.9% of the developed solutions showed a sufficient degree of creativity.
Lang-Muhr, Christoph, Tjoa, Simon, Machherndl, Stefan, Haslinger, Daniel.  2022.  Business Continuity & Disaster Recovery A simulation game for holistic cyber security education. 2022 IEEE Global Engineering Education Conference (EDUCON). :1296—1302.
At the end of the IT Security degree program a simulation game is conducted to repeat and consolidate the core skills of a Bachelor’s graduate. The focus is not on teaching content, but on the application of already learned skills. The scenario shows the students the risks of a completely networked world, which has come to a complete standstill due to a catastrophe. The participants occupy in groups the predefined companies, which are assigned with the reconstruction of the communication infrastructure (the internet). This paper describes the preparation, technical and organizational implementation of the. Also, the most important conclusions drawn by the authors.
Lang, Michael, Dowling, Seamus, Lennon, Ruth G..  2022.  The Current State of Cyber Security in Ireland. 2022 Cyber Research Conference - Ireland (Cyber-RCI). :1—2.
There is a stark contrast between the state of cyber security of national infrastructure in Ireland and the efforts underway to support cyber security technologists to work in the country. Notable attacks have recently occurred against the national health service, universities, and various other state bodies, prompting an interest in changing the current situation. This paper presents an overview of the security projects, commercial establishments, and policy in Ireland.
Lee, Hwiwon, Kim, Sosun, Kim, Huy Kang.  2022.  SoK: Demystifying Cyber Resilience Quantification in Cyber-Physical Systems. 2022 IEEE International Conference on Cyber Security and Resilience (CSR). :178—183.
Cyber-Physical System (CPS) is becoming increasingly complicated and integrated into our daily lives, laying the foundation for advanced infrastructures, commodities, and services. In this regard, operational continuity of the system is the most critical objective, and cyber resilience quantification to evaluate and enhance it has garnered attention. However, understanding of the increasingly critical cyber risks is weak, with the focus being solely on the damage that occurs in the physical domain. To address this gap, this work takes aim at shedding some light on the cyber resilience quantification of CPS. We review the numerous resilience quantification techniques presented to date through several metrics to provide systematization of knowledge (SoK). In addition, we discuss the challenges of current quantification methods and give ideas for future research that will lead to more precise cyber resilience measurements.
2023-06-02
Nikoletos, Sotirios, Raftopoulou, Paraskevi.  2022.  Employing social network analysis to dark web communities. 2022 IEEE International Conference on Cyber Security and Resilience (CSR). :311—316.

Deep web refers to sites that cannot be found by search engines and makes up the 96% of the digital world. The dark web is the part of the deep web that can only be accessed through specialised tools and anonymity networks. To avoid monitoring and control, communities that seek for anonymization are moving to the dark web. In this work, we scrape five dark web forums and construct five graphs to model user connections. These networks are then studied and compared using data mining techniques and social network analysis tools; for each community we identify the key actors, we study the social connections and interactions, we observe the small world effect, and we highlight the type of discussions among the users. Our results indicate that only a small subset of users are influential, while the rapid dissemination of information and resources between users may affect behaviours and formulate ideas for future members.

2023-05-11
Karayat, Ritik, Jadhav, Manish, Kondaka, Lakshmi Sudha, Nambiar, Ashwath.  2022.  Web Application Penetration Testing & Patch Development Using Kali Linux. 2022 8th International Conference on Advanced Computing and Communication Systems (ICACCS). 1:1392–1397.
Nowadays, safety is a first-rate subject for all applications. There has been an exponential growth year by year in the number of businesses going digital since the few decades following the birth of the Internet. In these technologically advanced times, cyber security is a must mainly for internet applications, so we have the notion of diving deeper into the Cyber security domain and are determined to make a complete project. We aim to develop a website portal for ease of communication between us and the end user. Utilizing the power of python scripting and flask server to make independent automated tools for detection of SQLI, XSS & a Spider(Content Discovery Tool). We have also integrated skipfish as a website vulnerability scanner to our project using python and Kali Linux. Since conducting a penetration test on another website without permission is not legal, we thought of building a dummy website prone to OS Command Injection in addition to the above-mentioned attacks. A well-documented report will be generated after the penetration test/ vulnerability scan. In case the website is vulnerable, patching of the website will be done with the user's consent.
ISSN: 2575-7288
2023-04-28
Gao, Hongbin, Wang, Shangxing, Zhang, Hongbin, Liu, Bin, Zhao, Dongmei, Liu, Zhen.  2022.  Network Security Situation Assessment Method Based on Absorbing Markov Chain. 2022 International Conference on Networking and Network Applications (NaNA). :556–561.
This paper has a new network security evaluation method as an absorbing Markov chain-based assessment method. This method is different from other network security situation assessment methods based on graph theory. It effectively refinement issues such as poor objectivity of other methods, incomplete consideration of evaluation factors, and mismatching of evaluation results with the actual situation of the network. Firstly, this method collects the security elements in the network. Then, using graph theory combined with absorbing Markov chain, the threat values of vulnerable nodes are calculated and sorted. Finally, the maximum possible attack path is obtained by blending network asset information to determine the current network security status. The experimental results prove that the method fully considers the vulnerability and threat node ranking and the specific case of system network assets, which makes the evaluation result close to the actual network situation.
Bálint, Krisztián.  2022.  Data Security Structure of a Students’ Attendance Register Based on Security Cameras and Blockchain Technology. 2022 IEEE 22nd International Symposium on Computational Intelligence and Informatics and 8th IEEE International Conference on Recent Achievements in Mechatronics, Automation, Computer Science and Robotics (CINTI-MACRo). :000185–000190.
The latest, modern security camera systems record numerous data at once. With the utilization of artificial intelligence, these systems can even compose an online attendance register of students present during the lectures. Data is primarily recorded on the hard disk of the NVR (Network Video Recorder), and in the long term, it is recommended to save the data in the blockchain. The purpose of the research is to demonstrate how university security cameras can be securely connected to the blockchain. This would be important for universities as this is sensitive student data that needs to be protected from unauthorized access. In my research, as part of the practical implementation, I therefore also use encryption methods and data fragmentation, which are saved at the nodes of the blockchain. Thus, even a DDoS (Distributed Denial of Service) type attack may be easily repelled, as data is not concentrated on a single, central server. To further increase security, it is useful to constitute a blockchain capable of its own data storage at the faculty itself, rather than renting data storage space, so we, ourselves may regulate the conditions of operation, and the policy of data protection. As a practical part of my research, therefore, I created a blockchain called UEDSC (Universities Data Storage Chain) where I saved the student's data.
ISSN: 2471-9269
2023-04-14
Wang, Bingyu, Sun, Qiuye, Fang, Fang.  2022.  Consensus-based Frequency Control of a Cyber-physical Power System under Two Types of DDoS Attacks. 2022 34th Chinese Control and Decision Conference (CCDC). :1060–1065.
The consensus-based frequency control relying on a communication system is used to restore the frequency deviations introduced by the primary droop control in an islanded AC microgrid, a typical cyber-physical power system(CPPS). This paper firstly studies the performance of the CPPS under two types of Distributed Denial of Service (DDoS ) attacks, finds that the intelligent attacks may cause more damage than the brute force attacks, and analyzes some potential defense strategies of the CPPS from two points of view. Some simulation results are also given to show the performance of both the physical and cyber system of the CPPS under different operation conditions.
ISSN: 1948-9447
2023-03-17
Vehabovic, Aldin, Ghani, Nasir, Bou-Harb, Elias, Crichigno, Jorge, Yayimli, Aysegül.  2022.  Ransomware Detection and Classification Strategies. 2022 IEEE International Black Sea Conference on Communications and Networking (BlackSeaCom). :316–324.
Ransomware uses encryption methods to make data inaccessible to legitimate users. To date a wide range of ransomware families have been developed and deployed, causing immense damage to governments, corporations, and private users. As these cyberthreats multiply, researchers have proposed a range of ransom ware detection and classification schemes. Most of these methods use advanced machine learning techniques to process and analyze real-world ransomware binaries and action sequences. Hence this paper presents a survey of this critical space and classifies existing solutions into several categories, i.e., including network-based, host-based, forensic characterization, and authorship attribution. Key facilities and tools for ransomware analysis are also presented along with open challenges.
Colter, Jamison, Kinnison, Matthew, Henderson, Alex, Schlager, Stephen M., Bryan, Samuel, O’Grady, Katherine L., Abballe, Ashlie, Harbour, Steven.  2022.  Testing the Resiliency of Consumer Off-the-Shelf Drones to a Variety of Cyberattack Methods. 2022 IEEE/AIAA 41st Digital Avionics Systems Conference (DASC). :1–5.
An often overlooked but equally important aspect of unmanned aerial system (UAS) design is the security of their networking protocols and how they deal with cyberattacks. In this context, cyberattacks are malicious attempts to monitor or modify incoming and outgoing data from the system. These attacks could target anywhere in the system where a transfer of data occurs but are most common in the transfer of data between the control station and the UAS. A compromise in the networking system of a UAS could result in a variety of issues including increased network latency between the control station and the UAS, temporary loss of control over the UAS, or a complete loss of the UAS. A complete loss of the system could result in the UAS being disabled, crashing, or the attacker overtaking command and control of the platform, all of which would be done with little to no alert to the operator. Fortunately, the majority of higher-end, enterprise, and government UAS platforms are aware of these threats and take actions to mitigate them. However, as the consumer market continues to grow and prices continue to drop, network security may be overlooked or ignored in favor of producing the lowest cost product possible. Additionally, these commercial off-the-shelf UAS often use uniform, standardized frequency bands, autopilots, and security measures, meaning a cyberattack could be developed to affect a wide variety of models with minimal changes. This paper will focus on a low-cost educational-use UAS and test its resilience to a variety of cyberattack methods, including man-in-the-middle attacks, spoofing of data, and distributed denial-of-service attacks. Following this experiment will be a discussion of current cybersecurity practices for counteracting these attacks and how they can be applied onboard a UAS. Although in this case the cyberattacks were tested against a simpler platform, the methods discussed are applicable to any UAS platform attempting to defend against such cyberattack methods.
ISSN: 2155-7209