Unmanned Aerial Vehicles (UAVs) are becoming one of the main technological supports for commercial applications, embracing many domains ranging from human safety to the medical field, agriculture and environment, multimedia production, and even commercial delivery. This rise in popularity, however, is causing an increasing interest from criminals, making UAVs the target of new attacks. To fully characterize the current UAV cybersecurity landscape, we perform a complete literature review, digging into drone security historic facts and scientific studies on the matter, reviewing specialized articles and scientific papers focusing on cybersecurity threats and gaps in the context of small UAVs in commercial applications. Being a recent research and development area, most of the articles have been published between 2016 and 2020 as a direct consequence of the increase of security concerns and interest in the drone field. Papers in this review deal with UAV cyberthreats and related vulnerabilities, identifying flaws experimented in a lab or describing incidents detected in the field. Communication, sensors, and system misconfigurations are among the most important threat vectors, while sensor spoofing/jamming and malware DoS/control are among the most cited threats. Threat vectors permit depicting a complete overview of the topic and potential countermeasures known to date, with related gap analysis, also accounting for the recent Unmanned Aircraft System evolution toward ad hoc or cloud-based UAV networks. Countermeasures include the adoption of traditional communication encryption and standard protocols, GPS spoofing/jamming mitigation, encryption and privacy-aware implementations, and counter-malware techniques, to name the most adopted. It also emerges that often attacks are simply ported or adapted from other attacks in similar domains, while peculiar attacks still remain such as targeted physical attacks, specific UAV malware, and GPS spoofing/jamming.

A Security Review in the UAVNet Era: Threats, Countermeasures, and Gap Analysis / A. Rugo, C.A. Ardagna, N. El Ioini. - In: ACM COMPUTING SURVEYS. - ISSN 0360-0300. - 55:1(2022), pp. 21.1-21.35. [10.1145/3485272]

A Security Review in the UAVNet Era: Threats, Countermeasures, and Gap Analysis

C.A. Ardagna
Secondo
;
2022

Abstract

Unmanned Aerial Vehicles (UAVs) are becoming one of the main technological supports for commercial applications, embracing many domains ranging from human safety to the medical field, agriculture and environment, multimedia production, and even commercial delivery. This rise in popularity, however, is causing an increasing interest from criminals, making UAVs the target of new attacks. To fully characterize the current UAV cybersecurity landscape, we perform a complete literature review, digging into drone security historic facts and scientific studies on the matter, reviewing specialized articles and scientific papers focusing on cybersecurity threats and gaps in the context of small UAVs in commercial applications. Being a recent research and development area, most of the articles have been published between 2016 and 2020 as a direct consequence of the increase of security concerns and interest in the drone field. Papers in this review deal with UAV cyberthreats and related vulnerabilities, identifying flaws experimented in a lab or describing incidents detected in the field. Communication, sensors, and system misconfigurations are among the most important threat vectors, while sensor spoofing/jamming and malware DoS/control are among the most cited threats. Threat vectors permit depicting a complete overview of the topic and potential countermeasures known to date, with related gap analysis, also accounting for the recent Unmanned Aircraft System evolution toward ad hoc or cloud-based UAV networks. Countermeasures include the adoption of traditional communication encryption and standard protocols, GPS spoofing/jamming mitigation, encryption and privacy-aware implementations, and counter-malware techniques, to name the most adopted. It also emerges that often attacks are simply ported or adapted from other attacks in similar domains, while peculiar attacks still remain such as targeted physical attacks, specific UAV malware, and GPS spoofing/jamming.
Cybersecurity; threats; unmanned aerial vehicles; unmanned aircraft systems
Settore INF/01 - Informatica
2022
Article (author)
File in questo prodotto:
File Dimensione Formato  
3485272.pdf

accesso riservato

Tipologia: Publisher's version/PDF
Dimensione 980.38 kB
Formato Adobe PDF
980.38 kB Adobe PDF   Visualizza/Apri   Richiedi una copia
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/945048
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 40
  • ???jsp.display-item.citation.isi??? 19
social impact