Empirical Analysis of MAVLink Protocol Vulnerability for Attacking Unmanned Aerial Vehicles

Recently, unmanned aerial vehicles (UAVs), or the so-called drones, have been used in various applications. In particular, UAVs are used for rescue systems, disaster detection, and military purposes, as well as for leisure and commercial purposes. UAVs that are controlled over networks by ground control stations (GCS) can provide various services with expanded activity area. It is thus of critical importance to investigate the vulnerability of the drone system. In this paper, we focus on UAVs controlled by GCS over networks. We analyze the vulnerability of the micro-air-vehicle communication (MAVLink) protocol, which is one of the most widely adopted communication protocols for GCS-based control of UAVs. Then, by exploiting the vulnerability of the MAVLink protocol, we propose an attack methodology that can disable an ongoing mission of a UAV. Our empirical study confirms that the proposed attack can stop the attacked UAV and disable the mission.