Skip to Main Content
College Home Page
E C E Home Page

Theses and Dissertations

Identifying Consumer Drones via Encrypted Traffic


  Add to Google Calendar
Date:  Fri, December 16, 2022
Time:  10:00am - 11:00am
Location:  Holmes Hall 389; online available, see below registration info
Speaker:  David Liang, candidate for MS, advisor: Dr. Yingfei Dong

Abstract

While consumer drones have various recreational uses, they have become a low-cost and versatile tool for malicious activities, such as intruding on restricted airspaces, conducting illegal surveillance, and even dispatching explosives or kinetic strikes. To address these threats, properly identifying the concrete type of a consumer drone is the crucial initial step. While most existing drone identification methods leverage radar, acoustic, or image processing, to the best of our knowledge, nearly none of these methods investigate the specific communication patterns of drones for detection and identification. In this thesis, we focus on the drone communication protocol and conduct an in-depth analysis of the encrypted and plaintext drone traffic. We propose a framework for identifying a specific type of drone among a known set of drones by analyzing the encrypted Wi-Fi communication traffic between a drone and its controller. The main idea of this approach is to utilize our understanding of drone communication details to match communication patterns in encrypted traffic to communication patterns in plaintext traffic. Specifically, we introduce the concept of Unique and Non-Varying (UNV) message types and use the patterns of these UNVs as features to build distinct profiles for each drone type. We accumulate a dataset of Wi-Fi traffic traces for three consumer drone types, each using the most popular open-source drone control platform, ArduPilot, with the most popular open-source communication protocol, MAVLink. Then, we conducted a concrete performance evaluation on two proposed classification methods. The first is a scoring-based method using similarity and distance functions, while the second is feature-based and implements machine learning algorithms. Each of these classification methods utilizes the profiles of each drone type.

Bio

David Liang is an M.S. candidate in Electrical Engineering at the University of Hawaiʻi at Mānoa. He obtained his B.S. in Computer Engineering from the University of Hawaiʻi at Mānoa. His current research concentration is in protocol reverse engineering and Wi-Fi traffic classification, and his general research interests include cybersecurity, reverse engineering, and machine learning.

Online available, register for connection info at https://forms.gle/yeGtuLSFYqgbEJg86


Return to Theses and Dissertations