Framework for Discovering GPS Spoofing Attacks in Drone Swarms
This work addresses security vulnerabilities in swarm control algorithms for drone swarms, but the proposed tools are evaluated on a limited set of algorithms and the success rates are moderate.
The paper identifies Swarm Propagation Vulnerabilities (SPVs) in drone swarms caused by GPS spoofing attacks and proposes two fuzzing tools, SwarmFuzzGraph and SwarmFuzzBinary, to find them. SwarmFuzzGraph achieves a 48.8% success rate on one algorithm but fails on others, while SwarmFuzzBinary works across all tested algorithms with comparable success.
Swarm robotics, particularly drone swarms, are used in various safety-critical tasks. While a lot of attention has been given to improving swarm control algorithms for improved intelligence, the security implications of various design choices in swarm control algorithms have not been studied. We highlight how an attacker can exploit the vulnerabilities in swarm control algorithms to disrupt drone swarms. Specifically, we show that the attacker can target a swarm member (target drone) through GPS spoofing attacks, and indirectly cause other swarm members (victim drones) to veer from their course, resulting in collisions. We call these Swarm Propagation Vulnerabilities (SPVs). In this paper, we introduce two fuzzing tools, SwarmFuzzGraph and SwarmFuzzBinary, to efficiently find SPVs in swarm control algorithms. SwarmFuzzGraph uses a combination of graph theory and gradient-guided optimization to find SPVs. Our evaluation on a popular swarm control algorithm shows that SwarmFuzzGraph achieves an average success rate of 48.8% in finding SPVs. However, SwarmFuzzGraph fails to find any SPVs in drone swarms with different topologies. We then propose SwarmFuzzBinary, which uses observation-based seed scheduling and binary search to find SPVs. The evaluation shows that SwarmFuzzBinary's success rate is comparable to SwarmFuzzGraph and work in all tested algorithms.