Drones' Cryptanalysis - Smashing Cryptography with a Flicker

In an "open skies" era in which drones fly among us, a new question arises: how can we tell whether a passing drone is being used by its operator for a legitimate purpose (e.g., delivering pizza) or an illegitimate purpose (e.g., taking a peek at a person showering in his/her own house)? Over the years, many methods have been suggested to detect the presence of a drone in a specific location, however since populated areas are no longer off limits for drone flights, the previously suggested methods for detecting a privacy invasion attack are irrelevant. In this paper, we present a new method that can detect whether a specific POI (point of interest) is being video streamed by a drone. We show that applying a periodic physical stimulus on a target/victim being video streamed by a drone causes a watermark to be added to the encrypted video traffic that is sent from the drone to its operator and how this watermark can be detected using interception. Based on this method, we present an algorithm for detecting a privacy invasion attack. We analyze the performance of our algorithm using four commercial drones (DJI Mavic Air, Parrot Bebop 2, DJI Spark, and DJI Mavic Pro). We show how our method can be used to (1) determine whether a detected FPV (first-person view) channel is being used to video stream a POI by a drone, and (2) locate a spying drone in space; we also demonstrate how the physical stimulus can be applied covertly. In addition, we present a classification algorithm that differentiates FPV transmissions from other suspicious radio transmissions. We implement this algorithm in a new invasion attack detection system which we evaluate in two use cases (when the victim is inside his/her house and when the victim is being tracked by a drone while driving his/her car); our evaluation shows that a privacy invasion attack can be detected by our system in about 2-3 seconds.

[1]  Vincent Lepetit,et al.  Flying objects detection from a single moving camera , 2014, 2015 IEEE Conference on Computer Vision and Pattern Recognition (CVPR).

[2]  Fabian Monrose,et al.  Phonotactic Reconstruction of Encrypted VoIP Conversations: Hookt on Fon-iks , 2011, 2011 IEEE Symposium on Security and Privacy.

[3]  Biswanath Mukherjee,et al.  Video Streaming Forensic - Content Identification with Traffic Snooping , 2010, ISC.

[4]  Yali Liu,et al.  Wavelet-Based Traffic Analysis for Identifying Video Streams over Broadband Networks , 2008, IEEE GLOBECOM 2008 - 2008 IEEE Global Telecommunications Conference.

[5]  Óscar Belmonte Fernández,et al.  An Indoor Positioning System Based on Wearables for Ambient-Assisted Living , 2016, Sensors.

[6]  Tadayoshi Kohno,et al.  Devices That Tell on You: Privacy Trends in Consumer Ubiquitous Computing , 2007, USENIX Security Symposium.

[7]  Peter D. Symes Video Compression , 1998 .

[8]  Peter Wellig,et al.  Detection and tracking of drones using advanced acoustic cameras , 2015, SPIE Security + Defence.

[9]  Charles V. Wright,et al.  Spot Me if You Can: Uncovering Spoken Phrases in Encrypted VoIP Conversations , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[10]  B.D. Rigling,et al.  Low-Cost Acoustic Array for Small UAV Detection and Tracking , 2008, 2008 IEEE National Aerospace and Electronics Conference.

[11]  Joseph Lindley,et al.  Game of Drones , 2015, CHI PLAY.

[12]  Andrew Reed,et al.  Leaky streams: Identifying variable bitrate DASH videos streamed over encrypted 802.11n connections , 2016, 2016 13th IEEE Annual Consumer Communications & Networking Conference (CCNC).

[13]  Nirvana Meratnia,et al.  Sensing Motion Using Spectral and Spatial Analysis of WLAN RSSI , 2007, EuroSSC.

[14]  Matthew Peacock,et al.  Towards detection and control of civilian unmanned aerial vehicles , 2013 .

[15]  Kin K. Leung,et al.  A Survey of Indoor Localization Systems and Technologies , 2017, IEEE Communications Surveys & Tutorials.

[16]  D. Marpe,et al.  Video coding with H.264/AVC: tools, performance, and complexity , 2004, IEEE Circuits and Systems Magazine.

[17]  Andrew Reed,et al.  Identifying HTTPS-Protected Netflix Videos in Real-Time , 2017, CODASPY.

[18]  Ivan Martinovic,et al.  Wi-Fly?: Detecting Privacy Invasion Attacks by Consumer Drones , 2017, NDSS.

[19]  Charles V. Wright,et al.  Language Identification of Encrypted VoIP Traffic: Alejandra y Roberto or Alice and Bob? , 2007, USENIX Security Symposium.

[20]  Iain E. G. Richardson,et al.  H.264 and MPEG-4 Video Compression: Video Coding for Next-Generation Multimedia , 2003 .

[21]  Vitaly Shmatikov,et al.  Beauty and the Burst: Remote Identification of Encrypted Video Streams , 2017, USENIX Security Symposium.

[22]  Brian D. Rigling,et al.  Multisensor 3D tracking for counter small unmanned air vehicles (CSUAV) , 2008, SPIE Defense + Commercial Sensing.

[23]  Richard Han,et al.  Matthan: Drone Presence Detection by Identifying Physical Signatures in the Drone's RF Communication , 2017, MobiSys.

[24]  Jun Huang,et al.  Detecting Wireless Spy Cameras Via Stimulating and Probing , 2018, MobiSys.

[25]  Ajay Luthra,et al.  Overview of the H.264/AVC video coding standard , 2003, IEEE Trans. Circuits Syst. Video Technol..

[26]  Wenyuan Xu,et al.  DeWiCam: Detecting Hidden Wireless Cameras via Smartphones , 2018, AsiaCCS.

[27]  Raheem Beyah,et al.  Information Leakage in Encrypted IP Video Traffic , 2014, GLOBECOM 2014.

[28]  Ran Dubin,et al.  I Know What You Saw Last Minute—Encrypted HTTP Adaptive Video Streaming Title Classification , 2016, IEEE Transactions on Information Forensics and Security.

[29]  Keith Jack,et al.  Video Demystified: A Handbook for the Digital Engineer , 1993 .