无人机网络时代的安全回顾:威胁、对策和差距分析

Alessio Rugo, C. Ardagna, Nabil El Ioini
{"title":"无人机网络时代的安全回顾:威胁、对策和差距分析","authors":"Alessio Rugo, C. Ardagna, Nabil El Ioini","doi":"10.1145/3485272","DOIUrl":null,"url":null,"abstract":"Unmanned Aerial Vehicles (UAVs) are becoming one of the main technological supports for commercial applications, embracing many domains ranging from human safety to the medical field, agriculture and environment, multimedia production, and even commercial delivery. This rise in popularity, however, is causing an increasing interest from criminals, making UAVs the target of new attacks. To fully characterize the current UAV cybersecurity landscape, we perform a complete literature review, digging into drone security historic facts and scientific studies on the matter, reviewing specialized articles and scientific papers focusing on cybersecurity threats and gaps in the context of small UAVs in commercial applications. Being a recent research and development area, most of the articles have been published between 2016 and 2020 as a direct consequence of the increase of security concerns and interest in the drone field. Papers in this review deal with UAV cyberthreats and related vulnerabilities, identifying flaws experimented in a lab or describing incidents detected in the field. Communication, sensors, and system misconfigurations are among the most important threat vectors, while sensor spoofing/jamming and malware DoS/control are among the most cited threats. Threat vectors permit depicting a complete overview of the topic and potential countermeasures known to date, with related gap analysis, also accounting for the recent Unmanned Aircraft System evolution toward ad hoc or cloud-based UAV networks. Countermeasures include the adoption of traditional communication encryption and standard protocols, GPS spoofing/jamming mitigation, encryption and privacy-aware implementations, and counter-malware techniques, to name the most adopted. It also emerges that often attacks are simply ported or adapted from other attacks in similar domains, while peculiar attacks still remain such as targeted physical attacks, specific UAV malware, and GPS spoofing/jamming.","PeriodicalId":7000,"journal":{"name":"ACM Computing Surveys (CSUR)","volume":"34 1","pages":"1 - 35"},"PeriodicalIF":0.0000,"publicationDate":"2022-01-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"14","resultStr":"{\"title\":\"A Security Review in the UAVNet Era: Threats, Countermeasures, and Gap Analysis\",\"authors\":\"Alessio Rugo, C. Ardagna, Nabil El Ioini\",\"doi\":\"10.1145/3485272\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Unmanned Aerial Vehicles (UAVs) are becoming one of the main technological supports for commercial applications, embracing many domains ranging from human safety to the medical field, agriculture and environment, multimedia production, and even commercial delivery. This rise in popularity, however, is causing an increasing interest from criminals, making UAVs the target of new attacks. To fully characterize the current UAV cybersecurity landscape, we perform a complete literature review, digging into drone security historic facts and scientific studies on the matter, reviewing specialized articles and scientific papers focusing on cybersecurity threats and gaps in the context of small UAVs in commercial applications. Being a recent research and development area, most of the articles have been published between 2016 and 2020 as a direct consequence of the increase of security concerns and interest in the drone field. Papers in this review deal with UAV cyberthreats and related vulnerabilities, identifying flaws experimented in a lab or describing incidents detected in the field. Communication, sensors, and system misconfigurations are among the most important threat vectors, while sensor spoofing/jamming and malware DoS/control are among the most cited threats. Threat vectors permit depicting a complete overview of the topic and potential countermeasures known to date, with related gap analysis, also accounting for the recent Unmanned Aircraft System evolution toward ad hoc or cloud-based UAV networks. Countermeasures include the adoption of traditional communication encryption and standard protocols, GPS spoofing/jamming mitigation, encryption and privacy-aware implementations, and counter-malware techniques, to name the most adopted. It also emerges that often attacks are simply ported or adapted from other attacks in similar domains, while peculiar attacks still remain such as targeted physical attacks, specific UAV malware, and GPS spoofing/jamming.\",\"PeriodicalId\":7000,\"journal\":{\"name\":\"ACM Computing Surveys (CSUR)\",\"volume\":\"34 1\",\"pages\":\"1 - 35\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-01-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"14\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"ACM Computing Surveys (CSUR)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3485272\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Computing Surveys (CSUR)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3485272","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 14

摘要

无人驾驶飞行器(uav)正在成为商业应用的主要技术支持之一,涵盖了从人类安全到医疗领域、农业和环境、多媒体制作甚至商业交付的许多领域。然而,无人机受欢迎程度的上升引起了犯罪分子越来越大的兴趣,使无人机成为新的攻击目标。为了充分表征当前无人机网络安全格局,我们进行了完整的文献综述,深入研究了无人机安全的历史事实和科学研究,回顾了专注于小型无人机商业应用背景下的网络安全威胁和差距的专业文章和科学论文。作为一个最近的研究和开发领域,大多数文章都是在2016年至2020年之间发表的,这是对无人机领域安全问题和兴趣增加的直接后果。本综述中的论文涉及无人机网络威胁和相关漏洞,识别实验室实验中的缺陷或描述在现场发现的事件。通信、传感器和系统配置错误是最重要的威胁载体,而传感器欺骗/干扰和恶意软件DoS/控制是最常见的威胁。威胁向量允许描述该主题的完整概述和迄今为止已知的潜在对策,以及相关的差距分析,也说明了最近无人机系统向特设或基于云的无人机网络的演变。对策包括采用传统通信加密和标准协议,GPS欺骗/干扰缓解,加密和隐私感知实现,以及反恶意软件技术,这些是最常用的。通常,攻击只是简单地移植或改编自类似领域的其他攻击,而特殊攻击仍然存在,例如有针对性的物理攻击,特定的无人机恶意软件和GPS欺骗/干扰。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
A Security Review in the UAVNet Era: Threats, Countermeasures, and Gap Analysis
Unmanned Aerial Vehicles (UAVs) are becoming one of the main technological supports for commercial applications, embracing many domains ranging from human safety to the medical field, agriculture and environment, multimedia production, and even commercial delivery. This rise in popularity, however, is causing an increasing interest from criminals, making UAVs the target of new attacks. To fully characterize the current UAV cybersecurity landscape, we perform a complete literature review, digging into drone security historic facts and scientific studies on the matter, reviewing specialized articles and scientific papers focusing on cybersecurity threats and gaps in the context of small UAVs in commercial applications. Being a recent research and development area, most of the articles have been published between 2016 and 2020 as a direct consequence of the increase of security concerns and interest in the drone field. Papers in this review deal with UAV cyberthreats and related vulnerabilities, identifying flaws experimented in a lab or describing incidents detected in the field. Communication, sensors, and system misconfigurations are among the most important threat vectors, while sensor spoofing/jamming and malware DoS/control are among the most cited threats. Threat vectors permit depicting a complete overview of the topic and potential countermeasures known to date, with related gap analysis, also accounting for the recent Unmanned Aircraft System evolution toward ad hoc or cloud-based UAV networks. Countermeasures include the adoption of traditional communication encryption and standard protocols, GPS spoofing/jamming mitigation, encryption and privacy-aware implementations, and counter-malware techniques, to name the most adopted. It also emerges that often attacks are simply ported or adapted from other attacks in similar domains, while peculiar attacks still remain such as targeted physical attacks, specific UAV malware, and GPS spoofing/jamming.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信