PiNcH: an Effective, Efficient, and Robust Solution to Drone Detection via Network Traffic Analysis
We propose PiNcH, a methodology to detect the presence of a drone, its current status, and its movements by leveraging just the communication traffic exchanged between the drone and its Remote Controller (RC). PiNcH is built applying standard classification algorithms to the eavesdropped traffic, an...
Gespeichert in:
| Veröffentlicht in: | arXiv.org 2019-12 |
|---|---|
| Hauptverfasser: | , , , |
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | arXiv.org |
| container_volume | |
| creator | Sciancalepore, Savio Omar Adel Ibrahim Oligeri, Gabriele Roberto Di Pietro |
| description | We propose PiNcH, a methodology to detect the presence of a drone, its current status, and its movements by leveraging just the communication traffic exchanged between the drone and its Remote Controller (RC). PiNcH is built applying standard classification algorithms to the eavesdropped traffic, analyzing features such as packets inter-arrival time and size. PiNcH is fully passive and it requires just cheap and general-purpose hardware. To evaluate the effectiveness of our solution, we collected real communication traces originated by a drone running the widespread ArduCopter open-source firmware, currently mounted on-board of a wide range (30+) of commercial amateur drones. We tested our solution against different publicly available wireless traces. The results prove that PiNcH can efficiently and effectively: (i) identify the presence of the drone in several heterogeneous scenarios; (ii) identify the current state of a powered-on drone, i.e., flying or lying on the ground; (iii) discriminate the movements of the drone; and, finally, (iv) enjoy a reduced upper bound on the time required to identify a drone with the requested level of assurance. The effectiveness of PiNcH has been also evaluated in the presence of both heavy packet loss and evasion attacks. In this latter case, the adversary modifies on purpose the profile of the traffic of the drone-RC link to avoid the detection. In both the cited cases, PiNcH continues enjoying a remarkable performance. Further, the comparison against state of the art solution confirms the superior performance of PiNcH in several scenarios. Note that all the drone-controller generated data traces have been released as open-source, to allow replicability and foster follow-up. Finally, the quality and viability of our solution, do prove that network traffic analysis can be successfully adopted for drone identification and status discrimination. |
| doi_str_mv | 10.48550/arxiv.1901.03535 |
| format | Article |
| fullrecord | <record><control><sourceid>proquest_arxiv</sourceid><recordid>TN_cdi_arxiv_primary_1901_03535</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2166880745</sourcerecordid><originalsourceid>FETCH-LOGICAL-a525-18f2ab555daf6c621b66be4491dac6560eb73f7b9a743efe33f2ac7100e332253</originalsourceid><addsrcrecordid>eNotkEtPwzAQhC0kJKrSH8AJS1yb4kfWSbhVfVCkqiDoPXIcW3IpcbGdQv89SctpR7vfrEaD0B0lkzQHII_S_9rjhBaETggHDldowDinSZ4ydoNGIewIIUxkDIAPkHqzG7V6wrLBC2O0ivaox720yuomjrtDjd9d1YaIP9y-jdY1ODo8967ReK5jb-lWRyvxRscf5z_x1svej6eN3J-CDbfo2sh90KP_OUTb5WI7WyXr1-eX2XSdSGCQ0NwwWQFALY1QgtFKiEqnaUFrqQQIoquMm6wqZJZybTTnHa8ySkgnGQM-RPeXt-cGyoO3X9Kfyr6J8txERzxciIN3360Osdy51ncpQ8moEHlOshT4H1UFYHA</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2166880745</pqid></control><display><type>article</type><title>PiNcH: an Effective, Efficient, and Robust Solution to Drone Detection via Network Traffic Analysis</title><source>arXiv.org</source><source>Free E- Journals</source><creator>Sciancalepore, Savio ; Omar Adel Ibrahim ; Oligeri, Gabriele ; Roberto Di Pietro</creator><creatorcontrib>Sciancalepore, Savio ; Omar Adel Ibrahim ; Oligeri, Gabriele ; Roberto Di Pietro</creatorcontrib><description>We propose PiNcH, a methodology to detect the presence of a drone, its current status, and its movements by leveraging just the communication traffic exchanged between the drone and its Remote Controller (RC). PiNcH is built applying standard classification algorithms to the eavesdropped traffic, analyzing features such as packets inter-arrival time and size. PiNcH is fully passive and it requires just cheap and general-purpose hardware. To evaluate the effectiveness of our solution, we collected real communication traces originated by a drone running the widespread ArduCopter open-source firmware, currently mounted on-board of a wide range (30+) of commercial amateur drones. We tested our solution against different publicly available wireless traces. The results prove that PiNcH can efficiently and effectively: (i) identify the presence of the drone in several heterogeneous scenarios; (ii) identify the current state of a powered-on drone, i.e., flying or lying on the ground; (iii) discriminate the movements of the drone; and, finally, (iv) enjoy a reduced upper bound on the time required to identify a drone with the requested level of assurance. The effectiveness of PiNcH has been also evaluated in the presence of both heavy packet loss and evasion attacks. In this latter case, the adversary modifies on purpose the profile of the traffic of the drone-RC link to avoid the detection. In both the cited cases, PiNcH continues enjoying a remarkable performance. Further, the comparison against state of the art solution confirms the superior performance of PiNcH in several scenarios. Note that all the drone-controller generated data traces have been released as open-source, to allow replicability and foster follow-up. Finally, the quality and viability of our solution, do prove that network traffic analysis can be successfully adopted for drone identification and status discrimination.</description><identifier>EISSN: 2331-8422</identifier><identifier>DOI: 10.48550/arxiv.1901.03535</identifier><language>eng</language><publisher>Ithaca: Cornell University Library, arXiv.org</publisher><subject>Communications traffic ; Computer Science - Cryptography and Security ; Computer Science - Networking and Internet Architecture ; Firmware ; Hardware ; Lower bounds ; Quality assurance ; Remote control ; Viability</subject><ispartof>arXiv.org, 2019-12</ispartof><rights>2019. This work is published under http://arxiv.org/licenses/nonexclusive-distrib/1.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.</rights><rights>http://arxiv.org/licenses/nonexclusive-distrib/1.0</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>228,230,776,780,881,27902</link.rule.ids><backlink>$$Uhttps://doi.org/10.1016/j.comnet.2019.107044$$DView published paper (Access to full text may be restricted)$$Hfree_for_read</backlink><backlink>$$Uhttps://doi.org/10.48550/arXiv.1901.03535$$DView paper in arXiv$$Hfree_for_read</backlink></links><search><creatorcontrib>Sciancalepore, Savio</creatorcontrib><creatorcontrib>Omar Adel Ibrahim</creatorcontrib><creatorcontrib>Oligeri, Gabriele</creatorcontrib><creatorcontrib>Roberto Di Pietro</creatorcontrib><title>PiNcH: an Effective, Efficient, and Robust Solution to Drone Detection via Network Traffic Analysis</title><title>arXiv.org</title><description>We propose PiNcH, a methodology to detect the presence of a drone, its current status, and its movements by leveraging just the communication traffic exchanged between the drone and its Remote Controller (RC). PiNcH is built applying standard classification algorithms to the eavesdropped traffic, analyzing features such as packets inter-arrival time and size. PiNcH is fully passive and it requires just cheap and general-purpose hardware. To evaluate the effectiveness of our solution, we collected real communication traces originated by a drone running the widespread ArduCopter open-source firmware, currently mounted on-board of a wide range (30+) of commercial amateur drones. We tested our solution against different publicly available wireless traces. The results prove that PiNcH can efficiently and effectively: (i) identify the presence of the drone in several heterogeneous scenarios; (ii) identify the current state of a powered-on drone, i.e., flying or lying on the ground; (iii) discriminate the movements of the drone; and, finally, (iv) enjoy a reduced upper bound on the time required to identify a drone with the requested level of assurance. The effectiveness of PiNcH has been also evaluated in the presence of both heavy packet loss and evasion attacks. In this latter case, the adversary modifies on purpose the profile of the traffic of the drone-RC link to avoid the detection. In both the cited cases, PiNcH continues enjoying a remarkable performance. Further, the comparison against state of the art solution confirms the superior performance of PiNcH in several scenarios. Note that all the drone-controller generated data traces have been released as open-source, to allow replicability and foster follow-up. Finally, the quality and viability of our solution, do prove that network traffic analysis can be successfully adopted for drone identification and status discrimination.</description><subject>Communications traffic</subject><subject>Computer Science - Cryptography and Security</subject><subject>Computer Science - Networking and Internet Architecture</subject><subject>Firmware</subject><subject>Hardware</subject><subject>Lower bounds</subject><subject>Quality assurance</subject><subject>Remote control</subject><subject>Viability</subject><issn>2331-8422</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2019</creationdate><recordtype>article</recordtype><sourceid>BENPR</sourceid><sourceid>GOX</sourceid><recordid>eNotkEtPwzAQhC0kJKrSH8AJS1yb4kfWSbhVfVCkqiDoPXIcW3IpcbGdQv89SctpR7vfrEaD0B0lkzQHII_S_9rjhBaETggHDldowDinSZ4ydoNGIewIIUxkDIAPkHqzG7V6wrLBC2O0ivaox720yuomjrtDjd9d1YaIP9y-jdY1ODo8967ReK5jb-lWRyvxRscf5z_x1svej6eN3J-CDbfo2sh90KP_OUTb5WI7WyXr1-eX2XSdSGCQ0NwwWQFALY1QgtFKiEqnaUFrqQQIoquMm6wqZJZybTTnHa8ySkgnGQM-RPeXt-cGyoO3X9Kfyr6J8txERzxciIN3360Osdy51ncpQ8moEHlOshT4H1UFYHA</recordid><startdate>20191207</startdate><enddate>20191207</enddate><creator>Sciancalepore, Savio</creator><creator>Omar Adel Ibrahim</creator><creator>Oligeri, Gabriele</creator><creator>Roberto Di Pietro</creator><general>Cornell University Library, arXiv.org</general><scope>8FE</scope><scope>8FG</scope><scope>ABJCF</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>HCIFZ</scope><scope>L6V</scope><scope>M7S</scope><scope>PIMPY</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><scope>PTHSS</scope><scope>AKY</scope><scope>GOX</scope></search><sort><creationdate>20191207</creationdate><title>PiNcH: an Effective, Efficient, and Robust Solution to Drone Detection via Network Traffic Analysis</title><author>Sciancalepore, Savio ; Omar Adel Ibrahim ; Oligeri, Gabriele ; Roberto Di Pietro</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-a525-18f2ab555daf6c621b66be4491dac6560eb73f7b9a743efe33f2ac7100e332253</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2019</creationdate><topic>Communications traffic</topic><topic>Computer Science - Cryptography and Security</topic><topic>Computer Science - Networking and Internet Architecture</topic><topic>Firmware</topic><topic>Hardware</topic><topic>Lower bounds</topic><topic>Quality assurance</topic><topic>Remote control</topic><topic>Viability</topic><toplevel>online_resources</toplevel><creatorcontrib>Sciancalepore, Savio</creatorcontrib><creatorcontrib>Omar Adel Ibrahim</creatorcontrib><creatorcontrib>Oligeri, Gabriele</creatorcontrib><creatorcontrib>Roberto Di Pietro</creatorcontrib><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>Materials Science & Engineering Collection</collection><collection>ProQuest Central (Alumni Edition)</collection><collection>ProQuest Central UK/Ireland</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Central</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Engineering Collection</collection><collection>Engineering Database</collection><collection>Publicly Available Content Database</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><collection>Engineering Collection</collection><collection>arXiv Computer Science</collection><collection>arXiv.org</collection><jtitle>arXiv.org</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Sciancalepore, Savio</au><au>Omar Adel Ibrahim</au><au>Oligeri, Gabriele</au><au>Roberto Di Pietro</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>PiNcH: an Effective, Efficient, and Robust Solution to Drone Detection via Network Traffic Analysis</atitle><jtitle>arXiv.org</jtitle><date>2019-12-07</date><risdate>2019</risdate><eissn>2331-8422</eissn><abstract>We propose PiNcH, a methodology to detect the presence of a drone, its current status, and its movements by leveraging just the communication traffic exchanged between the drone and its Remote Controller (RC). PiNcH is built applying standard classification algorithms to the eavesdropped traffic, analyzing features such as packets inter-arrival time and size. PiNcH is fully passive and it requires just cheap and general-purpose hardware. To evaluate the effectiveness of our solution, we collected real communication traces originated by a drone running the widespread ArduCopter open-source firmware, currently mounted on-board of a wide range (30+) of commercial amateur drones. We tested our solution against different publicly available wireless traces. The results prove that PiNcH can efficiently and effectively: (i) identify the presence of the drone in several heterogeneous scenarios; (ii) identify the current state of a powered-on drone, i.e., flying or lying on the ground; (iii) discriminate the movements of the drone; and, finally, (iv) enjoy a reduced upper bound on the time required to identify a drone with the requested level of assurance. The effectiveness of PiNcH has been also evaluated in the presence of both heavy packet loss and evasion attacks. In this latter case, the adversary modifies on purpose the profile of the traffic of the drone-RC link to avoid the detection. In both the cited cases, PiNcH continues enjoying a remarkable performance. Further, the comparison against state of the art solution confirms the superior performance of PiNcH in several scenarios. Note that all the drone-controller generated data traces have been released as open-source, to allow replicability and foster follow-up. Finally, the quality and viability of our solution, do prove that network traffic analysis can be successfully adopted for drone identification and status discrimination.</abstract><cop>Ithaca</cop><pub>Cornell University Library, arXiv.org</pub><doi>10.48550/arxiv.1901.03535</doi><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext |
| identifier | EISSN: 2331-8422 |
| ispartof | arXiv.org, 2019-12 |
| issn | 2331-8422 |
| language | eng |
| recordid | cdi_arxiv_primary_1901_03535 |
| source | arXiv.org; Free E- Journals |
| subjects | Communications traffic Computer Science - Cryptography and Security Computer Science - Networking and Internet Architecture Firmware Hardware Lower bounds Quality assurance Remote control Viability |
| title | PiNcH: an Effective, Efficient, and Robust Solution to Drone Detection via Network Traffic Analysis |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-02T03%3A10%3A08IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_arxiv&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=PiNcH:%20an%20Effective,%20Efficient,%20and%20Robust%20Solution%20to%20Drone%20Detection%20via%20Network%20Traffic%20Analysis&rft.jtitle=arXiv.org&rft.au=Sciancalepore,%20Savio&rft.date=2019-12-07&rft.eissn=2331-8422&rft_id=info:doi/10.48550/arxiv.1901.03535&rft_dat=%3Cproquest_arxiv%3E2166880745%3C/proquest_arxiv%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2166880745&rft_id=info:pmid/&rfr_iscdi=true |