Sensor Deprivation Attacks for Stealthy UAV Manipulation

TL;DR

This work shows that attacks on sensors are not limited to continuously inducing random measurements, and demonstrate that sensor reconfiguration can completely stall the drone controller, and proposes an attack synthesis methodology that optimizes the timing of these SDA manipulations, maximizing their impact.

Abstract

Unmanned Aerial Vehicles autonomously perform tasks with the use of state-of-the-art control algorithms. These control algorithms rely on the freshness and correctness of sensor readings. Incorrect control actions lead to catastrophic destabilization of the process. In this work, we propose a multi-part \emph{Sensor Deprivation Attacks} (SDAs), aiming to stealthily impact process control via sensor reconfiguration. In the first part, the attacker will inject messages on local buses that connect to the sensor. The injected message reconfigures the sensors, e.g.,~to suspend the sensing. In the second part, those manipulation primitives are selectively used to cause adversarial sensor values at the controller, transparently to the data consumer. In the third part, the manipulated sensor values lead to unwanted control actions (e.g. a drone crash). We experimentally investigate all three parts of our proposed attack. Our findings show that i)~reconfiguring sensors can have surprising effects on reported sensor values, and ii)~the attacker can stall the overall Kalman Filter state estimation, leading to a complete stop of control computations. As a result, the UAV becomes destabilized, leading to a crash or significant deviation from its planned trajectory (over 30 meters). We also propose an attack synthesis methodology that optimizes the timing of these SDA manipulations, maximizing their impact. Notably, our results demonstrate that these SDAs evade detection by state-of-the-art UAV anomaly detectors. Our work shows that attacks on sensors are not limited to continuously inducing random measurements, and demonstrate that sensor reconfiguration can completely stall the drone controller. In our experiments, state-of-the-art UAV controller software and countermeasures are unable to handle such manipulations. Hence, we also discuss new corresponding countermeasures.

Figures (14)

• Figure 1: In a sensor deprivation attack, an adversary remotely reconfigures a flying drone's onboard sensor (e.g., via IEMI). The drone starts operating with the reconfigured sensor and makes wrong control decisions, which leads to deviation and crash. With a series of reconfigurations of the sensor, the attacker can even remotely control the drone.
• Figure 2: Flight control---sensors, GPS receivers and their contribution to the state estimation.
• Figure 3: Sensor Deprivation Attack abstraction. An attacker reconfigures sensors to manipulate the readings. This can have different effects in the control loop, a) Absent data, where no data is received b) Default data where $s_k$ is constant and Erroneous data where $s_k\sim~\mathcal{N}~(\mu,\,\sigma^{2})$, c) Stale data where last observation is received by the controller.
• Figure 4: Motivating example, a drone flies on a straight trajectory. The flight is influenced by sensor and environmental noise which results in continuous correction applied to the flight. An attacker starts a Sensor Deprivation Attack, targeting one of the drone sensors. The sensor stops updating the transmitted value to the MCU. Consequently, the attitude estimation is compromised, causing wrong actuation commands which results in the drone deviation or crash.
• Figure 5: Reading Gyro X on the shared bus. Top: Readings before the malicious command injection. Bottom: Readings after the malicious command injection, no data are transmitted due to the device reconfiguration.