Date of Award

12-2023

Document Type

Thesis

Degree Name

Master of Science (MS)

Department

Electrical Engineering and Computer Science

First Advisor

Sneha Sudhakaran, Ph.D.

Second Advisor

Anand Balu Nellippallil, Ph.D.

Third Advisor

Terrence O’Connor, Ph.D.

Fourth Advisor

Brian Lail

Abstract

In recent years, the surge in popularity of small-scale Unmanned Aerial Vehicles (UAVs), especially Holy Stone models, has raised significant security concerns. This study examines specific Holy Stone drone models, including the HS 175D, HS 430, HS 360S, and HS720, focusing on sub-250g drones exempt from FAA registration and those requiring registration and Remote ID. Despite advancements in drone technology, our research reveals persistent vulnerabilities that could be exploited by malicious actors for illicit purposes, posing a substantial security risk. Our comprehensive analysis involved simulated attacks in identifying and exploiting these vulnerabilities, leading to the successful acquisition of flight logs, images, and videos. We executed a range of denial-of-service attacks, including TCP SYN Flood, TCP SYN Flood, UDP Flood, De-authentication, and Ping of Death, compromising the availability of all drone models involved in this study. Additionally, we discovered access control vulnerabilities that impacted the confidentiality, integrity, and availability of specific drone platforms. This research highlights the vulnerabilities in current drone models and underscores the critical need for robust security measures. We discuss the implications of these vulnerabilities and propose strategies for mitigating the risks posed by these increasingly popular devices.

Comments

Copyright held by author

Share

COinS