No Hat 2024 - Alessandro Fausto - Not the Drones You're Looking For

NOT THE DRONES YOU'RE LOOKING FOR

In 2018, drones accessing the airspace created safety and security challenges, prompting Civil Aviation Authorities (CAAs) worldwide to initiate rule-making for Unmanned Aircraft Systems (UAS) Remote Identification (RID). UAS-RID policies, finalized in 2022, require drones to periodically broadcast telemetry information, enabling third-party entities to identify and locate drones and their operators. The need for quick and immediately actionable telemetry data led globally to the design of RID protocols where little emphasis was placed on security. Our research analyzed RID protocols' security, focusing on how ground stations receiving telemetry data can be abused by malicious users. We examined DroneID, the proprietary RID protocol from DJI, and Open Drone ID (ODID), the reference implementation of the ASTM F3411 standard used for RID regulations in the US and Europe. For both RID protocols, we reverse-engineered and analyzed the behavior of compliant ground station receivers, revealing novel vulnerabilities.We developed custom software - defined radio tools to perform signal injection with crafted data using the proprietary radio protocol OcuSync. Combining our findings with existing RID weaknesses, we created practical attack scenarios that enable attackers to forge fake drones and operators, spoof identities and locations, and disrupt RID functionalities, potentially causing false alarms in critical air spaces relying on these protocols for drone detection, or preventing real drones and operators from being identified. Recognizing the challenges of creating a universally accepted security solution for RID protocols, we developed mechanisms to detect these attacks, alleviating their impact on existing RID operations.


ALESSANDRO FAUSTO - Security Researcher @Nozomi Networks

Alessandro Fausto got his "laurea" degree in computer engineering in 2006, his II level academic Master cum laude in "Cyber Security and Data Protection" in 2018 and his Ph.D.degree in Electronic and Telecommunication engineering at University of Genoa in 2022. From 2010 he has been ICT Technician of Department of Informatics, Bioengineering, Robotics and Systems Engineering at the University of Genoa.In 2015/16 he was part of the 31th Italian expedition in Antarctica and Winterover DC12 as ICT, radio and telecommunication technician, both at “Concordia” international research station on the Antarctic plateau. From 2022 he has also been a Security Researcher at Nozomi Networks Italia. His main research activity concerns Network Security and Software-Defined Radio.


Links
No Hat - Website: nohat.it
No Hat - X: @nohatcon