- About Goa'15
- Schedule
- Venue
- Speakers
- Training
- CFP
- Recreation
- Blackshield Awards
- CTF
- Sponsors
- Exhibition
- Job Fair
- CXO Track
- Bugbash
- Goa'15
- About Speakers
- Rahul Sasi
Paper Title
Drone Attacks: How I hijacked a drone
Abstract
The usage of flying drones to do tasks humans cannot do directly is increasing and in near future a lot of task would be performed by drones. It would soon become a necessity to security audit drones, to make sure they are not hijackable. Our talk is focused on analyzing the security of Unmanned drones.
The talk would walk you through things like:
Drones are basically a computer device that can fly. Which can be remotely controlled or programmatically setup. Drones uses multiple bands for communication L-Band [Military, GPS] , S-band [IEEE 802.11] C-band [TV Network and Raw satellite feeds].
DOS Attacks on GPS navigation:
Global navigation satellite systems used for military drones has few known security issues. We would be explaining spoofing attacks on GNS receivers and other related GPS security issues.
DOS Attacks on 802.11 navigation:
One of the major concern about 802.11 is DOS attack. Even when the transmission is protected with WEP/WAP security protocols DOS attacks are still prevalent. We would be demonstrating few possible security issues like EPA based DOS attack etc.We also focus low hanging bugs like unencrypted WLAN, usage of UDP, unencrypted video streaming etc. Performing DOS attacks and making the Drones lose control itself is a big deal, but we would be explaining/demonstrating drone hijack possibilities. Most of the drone has a loaded operating system. It could be a Linux kernel or a customised OS. We would be demonstrating backdoors that understands drone/aviation technology and the consequences of a backdoor.
We will have the following demos live:
- Drone aviations examples.
- DOS attacks on communication protocol.
- Analysing sniffing the communication.
- Drone Hijacking
- Drone backdoors and what all payloads it could have.
Speaker Bio
Rahul Sasi is a Security Engineer at Citrix R&D, and has published multiple security tools, advisories and articles. Rahul is a frequent speaker at security conferences, including BlackHat Europe '12, CanSecwest '13, HITB KL '13, HITB AMS '12, '13, '14, Cocon '11 '12 '13 '14, Nullcon '11 '12 '13 '14, EKoparty '12 '14, G0s '14, HITCON '13, and THN '14. He loves vulnerability research , threat Intelligence and exploitation. His work could be found at Garage4Hackers.com.