用于异常检测的模糊无人机：系统文献综述

IF 4.8 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security Pub Date : 2024-10-20 DOI:10.1016/j.cose.2024.104157

Vikas K. Malviya, Wei Minn, Lwin Khin Shar, Lingxiao Jiang

{"title":"用于异常检测的模糊无人机：系统文献综述","authors":"Vikas K. Malviya, Wei Minn, Lwin Khin Shar, Lingxiao Jiang","doi":"10.1016/j.cose.2024.104157","DOIUrl":null,"url":null,"abstract":"<div><div>Drones, also referred to as Unmanned Aerial Vehicles (UAVs), are becoming popular today due to their uses in different fields and recent technological advancements which provide easy control of UAVs via mobile apps. However, UAVs may contain vulnerabilities or software bugs that cause serious safety and security concerns. For example, the communication protocol used by the UAV may contain authentication and authorization vulnerabilities, which may be exploited by attackers to gain remote access over the UAV. Drones must therefore undergo extensive testing before being released or deployed to identify and fix any software bugs or security vulnerabilities. Fuzzing is one commonly used technique for finding bugs and vulnerabilities in software programs and protocols. This article reviews various approaches where fuzzing is applied to detect bugs and vulnerabilities in UAVs. Our goal is to assess the current state-of-the-art fuzzing approaches for UAVs, which are yet to be explored in the literature. We identified open challenges that call for further research to improve the current state-of-the-art.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":null,"pages":null},"PeriodicalIF":4.8000,"publicationDate":"2024-10-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Fuzzing drones for anomaly detection: A systematic literature review\",\"authors\":\"Vikas K. Malviya, Wei Minn, Lwin Khin Shar, Lingxiao Jiang\",\"doi\":\"10.1016/j.cose.2024.104157\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>Drones, also referred to as Unmanned Aerial Vehicles (UAVs), are becoming popular today due to their uses in different fields and recent technological advancements which provide easy control of UAVs via mobile apps. However, UAVs may contain vulnerabilities or software bugs that cause serious safety and security concerns. For example, the communication protocol used by the UAV may contain authentication and authorization vulnerabilities, which may be exploited by attackers to gain remote access over the UAV. Drones must therefore undergo extensive testing before being released or deployed to identify and fix any software bugs or security vulnerabilities. Fuzzing is one commonly used technique for finding bugs and vulnerabilities in software programs and protocols. This article reviews various approaches where fuzzing is applied to detect bugs and vulnerabilities in UAVs. Our goal is to assess the current state-of-the-art fuzzing approaches for UAVs, which are yet to be explored in the literature. We identified open challenges that call for further research to improve the current state-of-the-art.</div></div>\",\"PeriodicalId\":51004,\"journal\":{\"name\":\"Computers & Security\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":4.8000,\"publicationDate\":\"2024-10-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computers & Security\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0167404824004620\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404824004620","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

无人机又称无人驾驶飞行器（UAVs），由于其在不同领域的用途和最近的技术进步（可通过移动应用程序轻松控制无人机），如今正变得越来越流行。然而，无人飞行器可能存在漏洞或软件错误，从而引发严重的安全和安保问题。例如，无人机使用的通信协议可能包含身份验证和授权漏洞，攻击者可能利用这些漏洞远程访问无人机。因此，无人机在发布或部署之前必须经过大量测试，以识别并修复任何软件错误或安全漏洞。模糊测试是发现软件程序和协议中的错误和漏洞的一种常用技术。本文回顾了应用模糊技术检测无人机错误和漏洞的各种方法。我们的目标是评估目前最先进的无人机模糊处理方法，这些方法尚未在文献中得到探讨。我们发现了一些有待进一步研究的挑战，以改进当前的先进技术。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Fuzzing drones for anomaly detection: A systematic literature review

Drones, also referred to as Unmanned Aerial Vehicles (UAVs), are becoming popular today due to their uses in different fields and recent technological advancements which provide easy control of UAVs via mobile apps. However, UAVs may contain vulnerabilities or software bugs that cause serious safety and security concerns. For example, the communication protocol used by the UAV may contain authentication and authorization vulnerabilities, which may be exploited by attackers to gain remote access over the UAV. Drones must therefore undergo extensive testing before being released or deployed to identify and fix any software bugs or security vulnerabilities. Fuzzing is one commonly used technique for finding bugs and vulnerabilities in software programs and protocols. This article reviews various approaches where fuzzing is applied to detect bugs and vulnerabilities in UAVs. Our goal is to assess the current state-of-the-art fuzzing approaches for UAVs, which are yet to be explored in the literature. We identified open challenges that call for further research to improve the current state-of-the-art.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Computers & Security 工程技术-计算机：信息系统

CiteScore

12.40

自引率

7.10%

发文量

365

审稿时长

10.7 months

期刊介绍： Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.