Rahul Sasi

Paper Title

Drone Attacks: How I hijacked a drone

Abstract

The usage of flying drones to do tasks humans cannot do directly is increasing and in near future a lot of task would be performed by drones. It would soon become a necessity to security audit drones, to make sure they are not hijackable. Our talk is focused on analyzing the security of Unmanned drones.

The talk would walk you through things like:

1. Drone Aviation technology , the flight movements etc.
2. Drone programming and hardware controls.
3. Drone communication protocols and communication streams.
4. Analysing/Securing drone wireless/gps Communication.
5. Possible methods for drone hijacking
6. • Types of DOS Attacks on Communication protocol
   • Possible methods to Hijack a drone
   • Backdoor Drones [A sample Drone backdoor
7. Steps to ensure safe and secure UAV systems

Drones are basically a computer device that can fly. Which can be remotely controlled or programmatically setup. Drones uses multiple bands for communication L-Band [Military, GPS] , S-band [IEEE 802.11] C-band [TV Network and Raw satellite feeds].

DOS Attacks on GPS navigation:

Global navigation satellite systems used for military drones has few known security issues. We would be explaining spoofing attacks on GNS receivers and other related GPS security issues.

DOS Attacks on 802.11 navigation:

One of the major concern about 802.11 is DOS attack. Even when the transmission is protected with WEP/WAP security protocols DOS attacks are still prevalent. We would be demonstrating few possible security issues like EPA based DOS attack etc.We also focus low hanging bugs like unencrypted WLAN, usage of UDP, unencrypted video streaming etc. Performing DOS attacks and making the Drones lose control itself is a big deal, but we would be explaining/demonstrating drone hijack possibilities. Most of the drone has a loaded operating system. It could be a Linux kernel or a customised OS. We would be demonstrating backdoors that understands drone/aviation technology and the consequences of a backdoor.

We will have the following demos live:

1. Drone aviations examples.
2. DOS attacks on communication protocol.
3. Analysing sniffing the communication.
4. Drone Hijacking
5. Drone backdoors and what all payloads it could have.

Speaker Bio

Rahul Sasi is a Security Engineer at Citrix R&D, and has published multiple security tools, advisories and articles. Rahul is a frequent speaker at security conferences, including BlackHat Europe '12, CanSecwest '13, HITB KL '13, HITB AMS '12, '13, '14, Cocon '11 '12 '13 '14, Nullcon '11 '12 '13 '14, EKoparty '12 '14, G0s '14, HITCON '13, and THN '14. He loves vulnerability research , threat Intelligence and exploitation. His work could be found at Garage4Hackers.com.