Presentation Material
Abstract
The usage of flying drones to do tasks humans cannot do directly is increasing and in near future a lot of task would be performed by drones. It would soon become a necessity to security audit drones, to make sure they are not hijackable. Our talk is focused on analyzing the security of Unmanned drones.
The talk would walk you through things like:
Drone Aviation technology , the flight movements etc. Drone programming and hardware controls. Drone communication protocols and communication streams. Analysing/Securing drone wireless/gps Communication. Possible methods for drone hijacking Types of DOS Attacks on Communication protocol Possible methods to Hijack a drone Backdoor Drones [A sample Drone backdoor Steps to ensure safe and secure UAV systems Drones are basically a computer device that can fly. Which can be remotely controlled or programmatically setup. Drones uses multiple bands for communication L-Band [Military, GPS] , S-band [IEEE 802.11] C-band [TV Network and Raw satellite feeds].
DOS Attacks on GPS navigation: Global navigation satellite systems used for military drones has few known security issues. We would be explaining spoofing attacks on GNS receivers and other related GPS security issues.
DOS Attacks on 802.11 navigation: One of the major concern about 802.11 is DOS attack. Even when the transmission is protected with WEP/WAP security protocols DOS attacks are still prevalent. We would be demonstrating few possible security issues like EPA based DOS attack etc.We also focus low hanging bugs like unencrypted WLAN, usage of UDP, unencrypted video streaming etc. Performing DOS attacks and making the Drones lose control itself is a big deal, but we would be explaining/demonstrating drone hijack possibilities. Most of the drone has a loaded operating system. It could be a Linux kernel or a customised OS. We would be demonstrating backdoors that understands drone/aviation technology and the consequences of a backdoor.
We will have the following demos live: Drone aviations examples. DOS attacks on communication protocol. Analysing sniffing the communication. Drone Hijacking Drone backdoors and what all payloads it could have.
AI Generated Summarymay contain errors
Here is a summary of the content:
The speaker discusses a project to create malware that can infect drones and take control of them. The malware, called “Malron” is written in Go language and acts as a proxy between the drone’s sensor and controlling application. It sets up a serial port proxy,, killing the actual commanding program and redirecting traffic to the attacker’s computer.
The speaker explains how they used Go language for its cross-compilation capabilities and ease of use. They also created a Python program to upload the malware to the drone.
A demo is attempted, but it fails due to technical issues. The speaker then discusses the plan B, which involves infecting the drone with the malware using APIs to communicate with the drone’s autopilot system.
The speaker thanks various individuals and teams for their help and support throughout the project.