항공우주시스템공학회지 (Journal of Aerospace System Engineering)

  • 제17권4호
  • /
  • Pages.133-143
  • /
  • 2023
  • /
  • 1976-6300(pISSN)
  • /
  • 2508-7150(eISSN)
항공우주시스템공학회 (The Society for Aerospace System Engineering)
권호 표지
DOI QR코드

DOI QR Code

DJI UAV 탐지·식별 시스템 대상 재전송 공격 기반 무력화 방식

Replay Attack based Neutralization Method for DJI UAV Detection/Identification Systems

  • 서승오 (한국원자력연구원 보안기술연구실) ;
  • 이용구 (한국원자력연구원 보안기술연구실) ;
  • 이세훈 (한국원자력연구원 보안기술연구실) ;
  • 오승렬 (한국원자력연구원 보안기술연구실) ;
  • 손준영 (한국원자력연구원 보안기술연구실)
  • Seungoh Seo (Security R&D Team, Korea Atomic Energy Research Institute) ;
  • Yonggu Lee (Security R&D Team, Korea Atomic Energy Research Institute) ;
  • Sehoon Lee (Security R&D Team, Korea Atomic Energy Research Institute) ;
  • Seongyeol Oh (Security R&D Team, Korea Atomic Energy Research Institute) ;
  • Junyoung Son (Security R&D Team, Korea Atomic Energy Research Institute)
  • 투고 : 2023.05.31
  • 심사 : 2023.06.23
  • 발행 : 2023.08.31
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

ICT의 발전으로 드론(이하, 무인기(Unmanned Aerial Vehicle, UAV)와 동일)이 대중화됨에 따라, 농업, 건축업 등 다양한 분야에서 드론이 유용하게 사용되고 있다. 그러나, 악의적인 공격자는 고도화된 드론을 통해 국가주요기반시설에 위협을 가할 수 있다. 이에, 불법드론의 위협에 대응하기 위해 안티드론 시스템이 개발되어왔다. 특히, 드론이 브로드캐스트하는 원격 식별 데이터(Remote-ID, R-ID) 데이터를 기반으로 불법드론을 탐지·식별하는 R-ID 기반 UAV 탐지·식별 시스템이 개발되어 세계적으로 많이 사용되고 있다. 하지만, 이러한 R-ID 기반 UAV 탐지·식별 시스템은 무선 브로드캐스트 특성으로 인해 보안에 매우 취약하다. 본 논문에서는 R-ID 기반 UAV 탐지·식별 시스템의 대표적인 예인 DJI 사(社) Aeroscope를 대상으로 보안 취약성을 분석하여, 재전송 공격(Replay Attack) 기반 무력화 방식을 제안하였다. 제안된 무력화 방식은 소프트웨어 프로그램으로 구현되어, 실제 테스트 환경에서 4가지 유형의 공격에 대해 검증되었다. 우리는 검증 결과를 통해 제안한 무력화 방식이 R-ID 기반 UAV 탐지·식별 시스템에 실효적인 무력화 방식임을 입증하였다.

As drones (also known as UAV) become popular with advanced information and communication technology (ICT), they have been utilized for various fields (agriculture, architecture, and so on). However, malicious attackers with advanced drones may pose a threat to critical national infrastructures. Thus, anti-drone systems have been developed to respond to drone threats. In particular, remote identification data (R-ID)-based UAV detection and identification systems that detect and identify illegal drones with R-ID broadcasted by drones have been developed, and are widely employed worldwide. However, this R-ID-based UAV detection/identification system is vulnerable to security due to wireless broadcast characteristics. In this paper, we analyze the security vulnerabilities of DJI Aeroscope, a representative example of the R-ID-based UAV detection and identification system, and propose a replay-attack-based neutralization method using the analyzed vulnerabilities. To validate the proposed method, it is implemented as a software program, and verified against four types of attacks in real test environments. The results demonstrate that the proposed neutralization method is an effective neutralization method for R-ID-based UAV detection and identification systems.

키워드

과제정보

이 논문은 2023년도 정부(경찰청)의 재원으로 한국연구재단의 지원을 받아 수행된 연구임(No. 2021M3C1C4039580).

참고문헌

  1. Wang, Jian, Yongxin Liu, and Houbing Song, "Counter-Unmanned Aircraft System (s)(C-UAS): State of the Art, Challenges, and Future Trends." IEEE Aerospace and Electronic Systems Magazine, 36.3 (2021), pp. 4-29, 2021  https://doi.org/10.1109/MAES.2020.3015537
  2. KAERI(Korea Atomic Energy Research Institute), "Development of Intelligent Anti-Drone Technology(Based on Drone-cops and Live-Forensics) " Co-Planning of Research Report, KAERI(Korea Atomic Energy Research Institute), Daejeon, 2020 
  3. Solodov, Alexander, et al, "Analyzing the Threat of Unmanned Aerial Vehicles (UAV) to Nuclear Facilities." Security Journal, 31 (2018), pp. 305-324, 2018  https://doi.org/10.1057/s41284-017-0102-5
  4. Belwafi, Kais, et al, "Unmanned Aerial Vehicles' Remote Identification: A Tutorial and Survey." IEEE Access, 10 (2022), pp. 87577-87601, 2022  https://doi.org/10.1109/ACCESS.2022.3199909
  5. Bender, Conner, "DJI Drone IDs are not Encrypted." arXiv preprint, arXiv:2207.10795 (2022), 2022 
  6. DJIDroneIDSpoof, https://github.com/DJISDKUser/metasploit-framework/blob/DJIDroneIDSpoof/modules/auxiliary/dos/wifi/droneid.rb 
  7. ESP8266_DJI_DroneID_Throwie, https://github.com/DJISDKUser/ESP8266_DJI_DroneID_Throwie 
  8. Kerns, Andrew, et al, "Unmanned Aircraft Capture and Control via GPS Spoofing." Journal of Field Robotics, 31.4 (2014), pp. 617-636, 2014  https://doi.org/10.1002/rob.21513
  9. GASPAR, Joao, et al, "Capture of UAVs through GPS Spoofing", 2018 Global Wireless Summit (GWS), IEEE, pp. 21-26, 2018. 
  10. Brad, Haines, "DEFCON 20: Hacker + Airplanes = No Good Can Come Of This", DEFCON 20, 2012 
  11. Costin, Andrei, and Aurelien Francillon, "Ghost in the Air (Traffic): On Insecurity of ADS-B Protocol and Practical Attacks on ADS-B Devices." black hat USA, 1 (2012), pp. 1-12, 2012 
  12. Schafer, Matthias, Vincent Lenders, and Ivan Martinovic, "Experimental Analysis of Attacks on Next Generation Air Traffic Communication." Applied Cryptography and Network Security: 11th International Conference, ACNS 2013, Canada, pp. 253-271, 2013. 
  13. Aeroscope-Mobile-Station, https://store.dji.bg/en/aeroscope-mobile-station.html 
  14. CVE-2022-29945, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29945 
  15. Department 13, "White Paper: Anatomy of DJI's Drone Identification Implementation.", Department 13, Australia, 2017 
  16. Kismet DJI DroneID, https://github.com/kismetwireless/kismet/blob/master/kaitai_definitions_disabled/dot11_ie_221_dji_droneid.ksy 
  17. Drone-ID Receiver for DJI OcuSync 2.0, https://github.com/RUB-SysSec/DroneSecurity 
  18. DJI DroneID RF Analysis, https://github.com/proto17/dji_droneid 
  19. Schiller, Nico, et al, "Drone Security and the Mysterious Case of DJI's DroneID." Network and Distributed System Security Symposium (NDSS), 2023. 
  20. DJI Aeroscope, https://www.dji.com/kr/aeroscope