Enhanced Cybersecurity Framework for Unmanned Aerial Systems: A Comprehensive STRIDE-Model Analysis and Emerging Defense Strategies

IF 2.6 4区计算机科学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS

IET Information Security Pub Date : 2025-08-11 DOI:10.1049/ise2/9637334

Hailong Xi, Le Ru, Jiwei Tian, Bo Lu, Shiguang Hu, Wenfei Wang, Hongqiao Wang, Xiaohui Luan

{"title":"Enhanced Cybersecurity Framework for Unmanned Aerial Systems: A Comprehensive STRIDE-Model Analysis and Emerging Defense Strategies","authors":"Hailong Xi, Le Ru, Jiwei Tian, Bo Lu, Shiguang Hu, Wenfei Wang, Hongqiao Wang, Xiaohui Luan","doi":"10.1049/ise2/9637334","DOIUrl":null,"url":null,"abstract":"<p>Recent advancements in unmanned aerial vehicle (UAV) technology have facilitated its widespread adoption across a spectrum of sectors, such as commercial logistics, agricultural surveillance, industrial diagnostics, and military maneuvers. However, the widespread adoption has also engendered a burgeoning array of security concerns. Unmanned aerial systems (UAS) networks are characterized by high node mobility, unstable links, open communication environments, and limited platform resources, which in turn exhibit typical vulnerabilities in terms of cybersecurity. Most current studies on UAV cybersecurity issues tend to focus on individual UAVs, often neglecting the holistic cybersecurity of UAS. This paper outlines the composition of UAS network architecture. It summarizes the main cybersecurity challenges UAS faces within six categories—spoofing, tampering, information disclosure, denial of service (DoS), service refusal, and privilege escalation—based on the STRIDE threat model. Corresponding methods for risk mitigation and security protection strategies are proposed. Ultimately, the paper provides a perspective on the future development directions of UAS cybersecurity, aiming to offer a reference for addressing related issues in subsequent research and practice.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6000,"publicationDate":"2025-08-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/9637334","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Information Security","FirstCategoryId":"94","ListUrlMain":"https://ietresearch.onlinelibrary.wiley.com/doi/10.1049/ise2/9637334","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Recent advancements in unmanned aerial vehicle (UAV) technology have facilitated its widespread adoption across a spectrum of sectors, such as commercial logistics, agricultural surveillance, industrial diagnostics, and military maneuvers. However, the widespread adoption has also engendered a burgeoning array of security concerns. Unmanned aerial systems (UAS) networks are characterized by high node mobility, unstable links, open communication environments, and limited platform resources, which in turn exhibit typical vulnerabilities in terms of cybersecurity. Most current studies on UAV cybersecurity issues tend to focus on individual UAVs, often neglecting the holistic cybersecurity of UAS. This paper outlines the composition of UAS network architecture. It summarizes the main cybersecurity challenges UAS faces within six categories—spoofing, tampering, information disclosure, denial of service (DoS), service refusal, and privilege escalation—based on the STRIDE threat model. Corresponding methods for risk mitigation and security protection strategies are proposed. Ultimately, the paper provides a perspective on the future development directions of UAS cybersecurity, aiming to offer a reference for addressing related issues in subsequent research and practice.

Abstract Image

查看原文本刊更多论文

增强的无人机系统网络安全框架：一个全面的跨越式模型分析和新兴的防御战略

无人机（UAV）技术的最新进展促进了其在商业物流、农业监控、工业诊断和军事演习等领域的广泛采用。然而，这种广泛采用也引发了一系列安全问题。无人机系统（UAS）网络具有节点机动性高、链路不稳定、通信环境开放、平台资源有限等特点，在网络安全方面表现出典型的脆弱性。目前对无人机网络安全问题的研究大多集中在单个无人机上，往往忽视了无人机的整体网络安全。本文概述了UAS网络体系结构的组成。基于STRIDE威胁模型，总结了UAS面临的六类主要网络安全挑战——欺骗、篡改、信息泄露、拒绝服务（DoS）、拒绝服务和特权升级。提出了相应的风险缓解方法和安全防护策略。最后，本文对无人机网络安全的未来发展方向进行了展望，旨在为后续研究和实践中解决相关问题提供参考。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IET Information Security 工程技术-计算机：理论方法

CiteScore

3.80

自引率

7.10%

发文量

审稿时长

8.6 months

期刊介绍： IET Information Security publishes original research papers in the following areas of information security and cryptography. Submitting authors should specify clearly in their covering statement the area into which their paper falls. Scope: Access Control and Database Security Ad-Hoc Network Aspects Anonymity and E-Voting Authentication Block Ciphers and Hash Functions Blockchain, Bitcoin (Technical aspects only) Broadcast Encryption and Traitor Tracing Combinatorial Aspects Covert Channels and Information Flow Critical Infrastructures Cryptanalysis Dependability Digital Rights Management Digital Signature Schemes Digital Steganography Economic Aspects of Information Security Elliptic Curve Cryptography and Number Theory Embedded Systems Aspects Embedded Systems Security and Forensics Financial Cryptography Firewall Security Formal Methods and Security Verification Human Aspects Information Warfare and Survivability Intrusion Detection Java and XML Security Key Distribution Key Management Malware Multi-Party Computation and Threshold Cryptography Peer-to-peer Security PKIs Public-Key and Hybrid Encryption Quantum Cryptography Risks of using Computers Robust Networks Secret Sharing Secure Electronic Commerce Software Obfuscation Stream Ciphers Trust Models Watermarking and Fingerprinting Special Issues. Current Call for Papers: Security on Mobile and IoT devices - https://digital-library.theiet.org/files/IET_IFS_SMID_CFP.pdf