Vulnerability Analysis of the MAVLink Protocol for Command and Control of Unmanned Aircraft

Abstract : The MAVLink protocol is an open source, point-to-point networking protocol used to carry telemetry and to command and control many small unmanned aircraft. This research presents three exploits that compromise confidentiality, integrity, and availability vulnerabilities in the communication between an unmanned aerial vehicle and a ground control station using the MAVLink protocol. The attacks assume the configuration settings for the data-link hardware have been obtained. Field experiments using MAVProxy to compromise communication between an ArduPilot Mega 2.5 autopilot and the Mission Planner application demonstrate that all three exploits are successful when MAVLink messages are unprotected. A methodology is proposed to quantify the cost of securing the MAVLink protocol through the measurement of network latency, power consumption, and exploit success. Experimental measurements indicate that the ArduPilot Mega 2.5 autopilot running the ATmega2560 processor at 16 MHz with the standard, unsecured MAVLink protocol consumes on average 0.0105 additional watts of power per second and operates with an average additional latency of 0.11 seconds while under the most resource-intensive attack than when not under attack.

[1]  Todd E. Humphreys,et al.  An Evaluation of the Vestigial Signal Defense for Civil GPS Anti-Spoofing , 2011 .

[2]  Daniel J. Bernstein,et al.  The Salsa20 Family of Stream Ciphers , 2008, The eSTREAM Finalists.

[3]  Martin Boesgaard,et al.  The Rabbit Stream Cipher - Design and Security Analysis , 2004, IACR Cryptol. ePrint Arch..

[4]  Thomas Staub,et al.  UAVNet: A mobile wireless mesh network using Unmanned Aerial Vehicles , 2012, 2012 IEEE Globecom Workshops.

[5]  Srdjan Capkun,et al.  On the requirements for successful GPS spoofing attacks , 2011, CCS '11.

[6]  David R. Frelinger,et al.  Evaluating Novel Threats to the Homeland: Unmanned Aerial Vehicles and Cruise Missiles , 2008 .

[7]  T. Humphreys STATEMENT ON THE VULNERABILITY OF CIVIL UNMANNED AERIAL VEHICLES AND OTHER SYSTEMS TO CIVIL GPS , 2012 .

[8]  Kenneth Munson,et al.  Jane's unmanned aerial vehicles and targets , 2006 .

[9]  John A. Wallace,et al.  Integrating Unmanned Aircraft Systems Into Modern Policing in An Urban Environment , 2012 .

[10]  Martin Boesgaard,et al.  Rabbit: A New High-Performance Stream Cipher , 2003, FSE.

[11]  Peter Schwabe,et al.  NaCl on 8-Bit AVR Microcontrollers , 2013, AFRICACRYPT.

[12]  Barry E. Mullins,et al.  Network vulnerability analysis of the Player command and control protocol , 2014, Int. J. Secur. Networks.

[13]  Elias Yarrkov Cryptanalysis of XXTEA , 2010, IACR Cryptol. ePrint Arch..

[14]  Peter Schwabe,et al.  Faster and Timing-Attack Resistant AES-GCM , 2009, CHES.

[15]  Ahmed ElShafee,et al.  MICRO ROTOR ENHANCED BLOCK CIPHER DESIGNED FOR EIGHT BITS MICRO -CONTROLLERS (MREBC) , 2013 .

[16]  D. McGrew,et al.  The Galois/Counter Mode of Operation (GCM) , 2005 .

[17]  Todd E. Humphreys,et al.  Receiver-Autonomous Spoofing Detection: Experimental Results of a Multi-Antenna Receiver Defense against a Portable Civil GPS Spoofer , 2009 .

[18]  Richard M. Thompson Drones in Domestic Surveillance Operations: Fourth Amendment Implications and Legislative Responses , 2013 .

[19]  Sven Dietrich,et al.  SkyNET: A 3G-Enabled Mobile Attack Drone and Stealth Botmaster , 2011, WOOT.

[20]  George Loukas,et al.  A Review of Cyber Threats and Defence Approaches in Emergency Management , 2013, Future Internet.

[21]  J. A. Volpe Vulnerability Assessment of the Transportation Infrastructure Relying on the Global Positioning Syst , 2001 .

[22]  Wolfgang W Rochus UAV Data-Links: Tasks, Types, Technologies and Examples , 2000 .

[23]  Richard S. Stansbury,et al.  A Survey of UAS Technologies for Command, Control, and Communication (C3) , 2009, J. Intell. Robotic Syst..

[24]  Jonathan P. How,et al.  Increasing autonomy of UAVs , 2009, IEEE Robotics & Automation Magazine.

[25]  Eric W. Frew,et al.  Networking Issues for Small Unmanned Aircraft Systems , 2009, J. Intell. Robotic Syst..

[26]  野波 健蔵,et al.  Autonomous flying robots : unmanned aerial vehicles and micro aerial vehicles , 2010 .

[27]  Tanja Lange,et al.  TweetNaCl: A Crypto Library in 100 Tweets , 2014, LATINCRYPT.

[28]  Todd E. Humphreys,et al.  Evaluation of the vulnerability of phasor measurement units to GPS spoofing attacks , 2012, Int. J. Crit. Infrastructure Prot..