The use of Internet-of-Things (IoT) technology is growing exponentially as more consumers and businesses acknowledge the benefits offered by the intelligent and smart devices. Drone technology is a rapidly emerging sector within the IoT and the risk of hacking could not only cause a data breach, it could also pose a major risk to the public safety. Thanks to their versatile applications and access to real-time data, commercial drones are used across a wide variety of smart city applications. However, as with many IoT devices, security is often an afterthought, leaving many drones vulnerable to hackers. This paper investigates the current state of drone security and demonstrates a set of WiFi enabled drone vulnerabilities. Five different types of attacks, together with the potential of automation of attacks, was identified and applied to two different types of commercially available drones. The communication links are investigated for the attacks, i.e. Denial of Service, Deauthentication Methods, Man-in-the-Middle, Unauthorised Root Access and Packet Spoofing. Lastly, the unauthorised root access was automated through the use of a Raspberry-Pi 3 and WiFi Pineapple. Furthermore, we outlined the methodology for each attack, and the experimental part outlines the findings and processes of the attacks. Finally, the paper addresses the current state of drone security, management, control, resilience, security, and privacy concerns.
|Title of host publication
|2019 1st International Conference on Unmanned Vehicle Systems-Oman (UVS)
|The Institute of Electrical and Electronics Engineers (IEEE)
|Published - 2019