Security analysis of attacks on UAV

Abstract

Today, unmanned aerial vehicles (UAVs) are very popular not only among IT people, but also among the public. In addition to being able to shoot or take photos from different perspectives and being a means of entertainment, they are also a great source of data. UAVs collect, store and send data to other devices, usually to smartphones or laptops. Smartphones or laptops also send information about changing of location or different commands to the UAV. But is the data transfer to/from the UAV well secured? Can we trust the data transfer between control station and UAV, or is data exposed to potential misuse?Our work deals with the issue of security of data transfer in the field of UAV. In the field of small drones, one of the most used protocols is the Micro Air Vehicle Link protocol (MAVLink protocol in short). This protocol enables the exchange of a small amount of data between the control station and the UAV.The work presents chosen attacks on UAV data transfer and chosen security mechanisms. Overall, four attacks were performed - Bluesnarfing, Bluesmacking, The ’open sesame bug’ and Blesa. Security mechanisms are designed to protect against specific attacks. Based on the studied information, selected attacks were performed. Then, every attack has an overview of defense mechanisms whose aims are detection of attacks and a reduction of their impact. Finally, a suggestion is provided, on how to approach current threats in the field of UAV.