Machine Learning and Software Defined Network to secure communications in a swarm of drones

As drones become more and more frequent in industry and perhaps tomorrow in everyday life, the variety and sensitivity of their missions will increase. Securing the communication taking place with the drones and especially in the network of a swarm, is of primary importance to allow a safe integration of Unmanned Aerial Vehicles into air traffic. Drones are subject to a range of attacks, from GPS jamming to application bug exploits. Among these attacks, and irrespective to whether they have already been implemented or not, communication is one of the main contributors, both as a vector and as a target. In this article, we use previous work on security threats concerning drones to identify two main types of attack in a network of drones: intrusion from the outside and network usage from inside. We demonstrate the robustness of the Software Defined Network (SDN) architecture facing most common attacks from the outside. In addition, we propose a traffic injection detection technique and corresponding countermeasures based on SDN flow counters. Finally, we present an innovative machine learning solution based on Random Forest Classifier to address insider attacks, relying solely on flow creation events. We propose two specific features that characterizes the activity in the network. They allow detecting common network attacks such as denial of service, port scanning and brute force and are easily available to the controller. Detection performance of these abnormal behaviors are promising, both in terms of true positive and false negative, and in terms of detection delay. Detection of these common attacks will allow tightening of security in such wireless network by denying further access to the network by rogue nodes.