Growing drone use in populated areas poses significant risks that, without additional safeguards, could result in attacks by malicious entities and exploited for use in cyberattacks, terrorism, crime and invasion of privacy, according to a new research report by Ben-Gurion University of the Negev (BGU) and Fujitsu System Integration Laboratories Ltd. researchers.
Computer vision algorithms
The first comprehensive study on “Security and Privacy Challenges in the Age of Drones” evaluates 200 academic and industry techniques designed to detect and disable drones flying in both unrestricted and restricted areas. Its findings coincide with the U.S. government proposal to allow civilian drone flights with new security rules that permit deliveries and other commercial uses in populated areas.
The researchers demonstrated a new physical method to disable drone’s active tracking functionality
To highlight the threat, the researchers demonstrated a new physical method to disable drone’s active tracking functionality, a new technology that was recently introduced by drone manufacturers that is based on computer vision algorithms.
Rise in drone-related security incidents
“The cutting-edge technology and decreasing drone prices made them accessible to individuals and organisations but has created new threats and recently caused an increase in drone-related incidents,” says Ben Nassi, a Ph.D. student in BGU's Department of Software and Information Systems Engineering (SISE) and a researcher at the BGU Cyber Security Research Center. “There are many difficulties that militaries, police departments, and governments are seeking to overcome, as it is a recognised threat to critical infrastructure, operations, and individuals.”
The researchers examined different ways to detect drones in drone-restricted areas including radar, RF Scanners, thermal cameras, sound and hybrids of these methods. However, they believe the biggest challenge is determining the drone’s purpose in non-restricted areas.
Drones challenge security and privacy
“An open-skies policy that allow drones to fly over populated areas pose a significant challenge in terms of security and privacy within society” says Prof. Yuval Elovici, Ben Nassi’s Ph.D. advisor, who is director of the Deutsche Telekom Innovation Labs@BGU; director of the BGU Cyber Security Research Center, SISE faculty member and the Davide and Irene Sala Chair in Homeland Security Research.
The researchers propose methods that enable flying drone identification as well as registration, which is now a U.S. regulationAttackers can also disguise a cyber-attack as legitimate drone pizza delivery by hiding the hardware they use inside the pizza box.
“In an unrestricted area, we believe that there is a major scientific gap and definite risks that can be exploited by terrorists to launch a cyber-attack,” Nassi says. “It is inevitable that drones will become more widespread, but we need to recognise that open-skies policy pose multiple risks and that current solutions are unable to solve as a result of a major scientific gap in this area.”
Flying drone identification
The researchers propose methods that enable flying drone identification as well as registration, which is now a U.S. regulation. This includes dedicated techniques for authenticating drones and their operators. While in their previous study, the researchers demonstrated a new technique to detect a spying drone, new methods to determine the purpose of a nearby drone must be developed.