Assessing and Exploiting Security Vulnerabilities of Unmanned Aerial Vehicles

Abstract

The demand for unmanned aerial vehicles (UAVs), popularly known by their generic term drones, is rapidly increasing not only for recreational UAVs but also for sophisticated and professional UAVs largely deployed for sensitive and critical missions. This exponential growth of UAVs and it’s applications has necessitated the need to assess their resilience to security and privacy threats. This paper primarily focuses on assessing the security vulnerabilities of two drones, Parrot Mambo FPV and Eachine E010. While the former drone was found to be vulnerable against de-authentication and FTP service attacks, successful attacks on the latter were radio frequency (RF) replay attack and custom made controller attack. Besides exploiting the security vulnerabilities of two UAVs, the paper also discusses potential countermeasures to improve the resilience of UAVs against the identified attacks.