TY - GEN
T1 - Detecting drones status via encrypted traffic analysis
AU - Sciancalepore, Savio
AU - Ibrahim, Omar Adel
AU - Oligeri, Gabriele
AU - Di Pietro, Roberto
N1 - Publisher Copyright:
© 2019 ACM.
PY - 2019/5/15
Y1 - 2019/5/15
N2 - We propose a methodology to detect the current status of a powered-on drone (flying or at rest), leveraging just the communication traffic exchanged between the drone and its Remote Controller (RC). Our solution, other than being the first of its kind, does not require either any special hardware or to transmit any signal; it is built applying standard classification algorithms to the eavesdropped traffic, analyzing features such as packets inter-arrival time and size. Moreover, it is fully passive and it resorts to cheap and general purpose hardware. To evaluate the effectiveness of our solution, we collected real communication measurements from a drone running the widespread ArduCopter open-source firmware, mounted on-board on a wide range of commercial amateur drones. The results prove that our methodology can efficiently and effectively identify the current state of a powered-on drone, i.e., if it is flying or lying on the ground. In addition, we estimate a lower bound on the time required to identify the status of a drone with the requested level of assurance. The quality and viability of our solution do prove that network traffic analysis can be successfully adopted for drone status identification, and pave the way for future research in the area.
AB - We propose a methodology to detect the current status of a powered-on drone (flying or at rest), leveraging just the communication traffic exchanged between the drone and its Remote Controller (RC). Our solution, other than being the first of its kind, does not require either any special hardware or to transmit any signal; it is built applying standard classification algorithms to the eavesdropped traffic, analyzing features such as packets inter-arrival time and size. Moreover, it is fully passive and it resorts to cheap and general purpose hardware. To evaluate the effectiveness of our solution, we collected real communication measurements from a drone running the widespread ArduCopter open-source firmware, mounted on-board on a wide range of commercial amateur drones. The results prove that our methodology can efficiently and effectively identify the current state of a powered-on drone, i.e., if it is flying or lying on the ground. In addition, we estimate a lower bound on the time required to identify the status of a drone with the requested level of assurance. The quality and viability of our solution do prove that network traffic analysis can be successfully adopted for drone status identification, and pave the way for future research in the area.
UR - http://www.scopus.com/inward/record.url?scp=85066636605&partnerID=8YFLogxK
U2 - 10.1145/3324921.3328791
DO - 10.1145/3324921.3328791
M3 - Conference contribution
AN - SCOPUS:85066636605
T3 - WiseML 2019 - Proceedings of the 2019 ACM Workshop on Wireless Security and Machine Learning
SP - 67
EP - 72
BT - WiseML 2019 - Proceedings of the 2019 ACM Workshop on Wireless Security and Machine Learning
PB - Association for Computing Machinery, Inc
T2 - 2019 ACM Workshop on Wireless Security and Machine Learning, WiseML 2019
Y2 - 15 May 2019 through 17 May 2019
ER -