Security techniques for drones

Jongho Won (5930405)

10 June 2019

<div>Unmanned Aerial Vehicles (UAVs), commonly known as drones, are aircrafts without a human pilot aboard. The flight of drones can be controlled with a remote control by an operator located at the ground station, or fully autonomously by onboard computers. Drones are mostly found in the military. However, over the recent years, they have attracted the interest of industry and civilian sectors. <br></div><div>With the recent advance of sensor and embedded device technologies, various sensors will be embedded in city infrastructure to monitor various city-related information. In this context, drones can be effectively utilized in many safety-critical applications for collecting data from sensors on the ground and transmitting configuration instructions or task requests to these sensors.</div><div> <br></div><div>However, drones, like many networked devices, are vulnerable to cyber and physical attacks.<br></div><div>Challenges for secure drone applications can be divided in four aspects: 1) securing communication between drones and sensors, 2) securing sensor localization when drones locate sensors, 3) providing secure drone platforms to protect sensitive data against physical capture attacks and detect modifications to drone software, and 4) protecting secret keys in drones under white-box attack environments.<br></div><div> <br></div><div>To address the first challenge, a suite of cryptographic protocols is proposed. The protocols are based on certificateless cryptography and support authenticated key agreement, non-repudiation and user revocation. To minimize the energy required by a drone, a dual channel strategy is introduced.<br></div><div>To address the second challenge, a drone positioning strategy and a technique that can filter out malicious location references are proposed.<br></div><div>The third challenge is addressed by a solution integrating techniques for software-based attestation and data encryption.<br></div><div>For attestation, free memory spaces are filled with pseudo-random numbers, which are also utilized to encrypt data collected by the drone like a stream cipher.<br></div>A dynamic white-box encryption scheme is proposed to address the fourth challenge. Short secret key are converted into large look-up tables and the tables are periodically shuffled by a shuffling mechanism which is secure against white-box attackers.

Computer System Security

Drones

white-box encryption

sensor localization

software attestation

Trusted terminal-based systems / Garantera tilltro i terminalbaserade system

Faxö, Elias

January 2011

Trust is a concept of increasing importance in today’s information systems where information storage and generation to a higher extent is distributed among several entities throughout local or global networks. This trend in information science requires new ways to sustain the information security in the systems. This document defines trust in the context of a terminal-based system and analyzes the architecture of a distributed terminal-based system using threat modeling tools to elicit the prerequisites for trust in such a system. The result of the analysis is then converted into measures and activities that can be performed to fulfill these prerequisites. The proposed measures include hardware identification and both hardware and software attestation supported by the Trusted Computing Group standards and Trusted Platform Modules that are included in a connection handshake protocol. The proposed handshake protocol is evaluated against a practical case of a terminal-based casino system where the weaknesses of the protocol, mainly the requirement to build a system-wide Trusted Computing Base, are made evident. Proposed solutions to this problem such as minimization of the Trusted Computing Base are discussed along with the fundamental reason of the problem and the future solutions using the next generation of CPUs and Operating System kernels.

TPM

Trusted systems

Software attestation

Security

TCB

Computer and Information Sciences

Data- och informationsvetenskap

Computer Sciences

Datavetenskap (datalogi)