This article has been accepted for publication in a future issue of this journal, but has not been

fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2021.3124996, IEEE Access

Date of publication xxxx 00, 0000, date of current version xxxx 00, 0000.
Digital Object Identifier 10.1109/ACCESS.2021.DOI

A Survey of Cyberattack
Countermeasures for Unmanned Aerial
Vehicles
PENG-YONG KONG, (Senior Member, IEEE)
Electrical Engineering and Computer Science Department, Khalifa University, Abu Dhabi, United Arab Emirates.
Corresponding author: P.-Y. Kong (e-mail: pengyong.kong@ku.ac.ae).

ABSTRACT Unmanned aerial vehicle (UAV) has been increasingly used in a wide range of commercial
and civilian applications. As an advanced cyber-physical system, UAVs are exposed to a wide range of
cyberattacks. This paper first surveys existing literature for different cyberattacks. Then, we classify these
attacks based on their attack entry points, which can be radio channels, messages or on-board systems. There
are six classes of UAV cyberattacks, namely channel jamming, message interception, message deletion,
message injection, message spoofing and on-board system attack. In the existing literature, there is no survey
focusing on UAV cyberattack countermeasures. To close this gap, we survey existing countermeasures for
the six attack classes. A comprehensive review of countermeasures is important because countermeasure
may not be exclusive to an attack. Knowing a wide range of existing countermeasures can prepare us
against existing and new cyberattacks. We classify countermeasure into three classes, namely prevention,
detection and mitigation. Prevention countermeasures stop a cyberattack from starting. When prevention
countermeasures fail, detection countermeasures alert UAV operator of an attack. After detecting an attack,
mitigation countermeasures limits the damage. Following the survey, we further discuss the open challenges
in developing countermeasures and propose some potential future research works.

INDEX TERMS Cybersecurity, cyberattack, countermeasure, unmanned aerial vehicle, UAV, drone.

I. INTRODUCTION monitoring, firefighting, journalism, panoramic photography,

An unmanned aerial vehicle (UAV) is an aircraft without aerial videography, etc. There is an increasing interest in
any human pilot, crew or passenger on-board. As such, using UAVs as mobile base stations and relays that can be
UAVs are technically robots that can fly autonomously or rapidly deployed to improve service coverage and quality for
must be controlled remotely by a human operator. UAVs wireless communication networks [2]–[4]. The combination
have been invented originally for military purposes [1], such of UAVs and internet of things (IoT) technology has created
as practicing anti-aircraft strategies, gathering intelligence, numerous innovative use cases [5]. For example, working
killing enemies, destroying hostile targets, etc. With rapid with IoT sensors on the ground, UAVs can help agricultural
technology advancement in the past two to three decades, companies in surveying land and crops, energy companies in
the use of UAVs has been extended beyond military, to many monitoring power lines and operational equipment, as well
civilian and commercial applications. In Germany, the logis- as insurance companies in inspecting properties and assets.
tic company DHL has used UAVs to deliver medicine twice The widespread adoption of UAVs is probably due to
a day to the car-free island of Juist over a 12 km distance. their reasonable cost, ease of maneuver, simple maintenance,
Since 2017, Amazon Air Prime has used UAVs to pickup flexibility of flight route, and ability to serve hard-to-reach
and deliver packages. In 2019, Google’s parent company, locations. A comprehensive survey has been presented in
Alphabet has received from the United State Federal Aviation [6], highlighting a rich set of UAV civilian applications and
Administration an approval, to deliver food using UAVs. related technical challenges. All the popular applications
In addition to package and food delivery, UAVs are used demand that each UAV be a highly sensor-driven cyber-
in wildlife monitoring, disaster response, search and res- physical system. Such system consists of firmware and soft-
cue operation, ambulance service, public surveillance, traffic ware components, capable of performing advanced commu-

VOLUME 9, 2021 1

This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
 This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2021.3124996, IEEE Access

P.-Y. Kong: A Survey of Cyberattack Countermeasures for UAV

nication and computation functions to acquire, transmit and weaknesses, a complex attack tree can identify all possible
process sensor data. As presented in [7]–[9], the increasing attacks. There may be too many potential attacks and dealing
popularity has attracted much attention to UAV cybersecurity with each attack incurs a cost. For cost effectiveness, the
issues. Cybersecurity is a major concern because UAVs may work has further proposed to priority efforts to deal with
handle critical data with serious security implication and only a subset of the most critical attacks. Similar to [13],
UAVs communicate through wireless channels which are not the work [14] has used a tree structure to formalize potential
secure by default [10]. attack pathways, which are also known as attack vectors in
In the context of cybersecurity, we need to ensure confi- the literature and each vector has an ultimate goal of breaking
dentiality, integrity and authenticity of information handled information confidentiality, information integrity or service
by UAVs. In addition, we must ensure availability of service availability. However, for the tree structure in [14], each
used by or offered by UAVs. Such availability of service, node can represent an attack vector, attack agent, attack entry
when combined with confidentiality, integrity and authentic- point, etc. The lack of consistency in tree node definition has
ity of information, are collectively called the UAV cyberse- made it harder to understand. Also, [14] has dealt with only
curity requirements. Cybersecurity threats, risks and vulnera- attacks on wireless communication channels. These channels
bilities are terms which are often used to refer to weaknesses can be between UAV and satellite, UAV and ground control
in the firmware, software and wireless communication chan- station, or two neighboring UAVs.
nels, that may result in a UAV’s failures in satisfying the The work [15] has analyzed three potential UAV cyber-
cybersecurity requirements. Cybersecurity weaknesses are attacks, namely denial-of-service, controller hijacking and
located on an attack surface, which include all potential entry man-in-the-middle. According to [15], denial-of-service is
points for a cyberattack. Cyberattacks are malicious acts of caused by limited on-board resources, controller hijacking is
exploiting the weaknesses to cause failures in fulfilling the caused by inadequate access control and man-in-the-middle
cybersecurity requirements. For simplicity, we use the terms attack is caused by weak information confidentiality. For
“cyberattack” and “attack” interchangeably hereafter in this each of the three attacks, the work has ranked its occurrence
paper. In face of cyberattacks, various countermeasures may probability and impact severity in a range of 1 to 5. Given
be deployed as defense against the malicious acts. such ranking, the paper has proposed a method to identify
In the literature, [11] has identified the different threats, the most critical attack to focus on. Following the method,
risks and vulnerabilities with respect to security, privacy and man-in-the-middle attack should be given a higher priority,
safety within a UAV operating environment. These threats compared to the other two attacks. While such ranking and
include unregulated co-existence of a large number of UAVs prioritization is useful, assigning quantitative values to occur-
in national airspace with commercial aircraft, unauthorized rence probability and impact severity can be subjective and
aerial video capturing over private space, and material smug- may vary significantly among different application scenarios.
gling into prison. In the work, cybersecurity is only one, but
not the main focus. In [12], the authors have investigated the TABLE 1. Comparison with existing surveys
use of UAVs as attack agents in launching cyberattacks in
civilian, military and terrorism domains. In some of these Reference Remark
attacks scenarios, a UAV must first be an attack target for hi- [12] Strong focus on military applications and criminal
use of UAVs. Cover cyberattacks as well as physical
jacking, before the hijacked UAV can be turned into an attack attacks. Include UAV as attacks target as well as
agent. In the investigation, the attack may not be strictly in tool. No classification of countermeasures.
the cyber space, but can also be a physical attack in the sense [16] Classify cyberattacks on large and small UAVs, using
taxonomy modified from that of autonomous terrestrial
that the hijacked UAV is used to deliver harmful material or to vehicles. Conclude attacks on data communication
enable kinetic impact. The work has also presented a number channels can cause severe damage but have not been
of countermeasures to thwart the investigated attacks. Some given much attention.
[17] Classify UAV cyberattacks into three classes, namely
of these countermeasures involve physical mechanisms, such data interception attack, data manipulation attack
as firing a bullet to shot down or deploying a net to capture a and denial-of-service attack. Include a significant
hijacked UAV. number of references which have not been developed
within the context of UAV.
With a clear focus on cyber space and cybersecurity, [13] This paper Focus on countermeasures of cyberattacks. Classify
has used an attack tree to formalize how a cyberattack can countermeasures into three classes, namely prevention,
be carried out as a sequence of atomic attacks, where each detection and mitigation. Analyze countermeasures
and apply them commonly across six types of attacks,
atomic attack focuses only on breaking one of three security namely channel jamming, message interception, message
aspects, which are information confidentiality, information deletion, message injection, message spoofing, and
integrity and service availability. In an attack tree, the root on-board system attack.
node is the ultimate attack objective, and all other node
represents a compromised state. An arc from a child node There are a few exiting surveys on UAV cyberattacks
towards a parent node models a transition to a more compro- as summarized in Table. 1. The work [16] has surveyed
mised state after the success of an atomic attack, that exploits different types of cyberattacks and classified them using a
some cybersecurity weaknesses. By enumerating all possible taxonomy which is modified from that of autonomous terres-
2 VOLUME 9, 2021

This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
 This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2021.3124996, IEEE Access

P.-Y. Kong: A Survey of Cyberattack Countermeasures for UAV

trial vehicles. Also, [16] has concluded that cyberattacks on III, we first present the basis of cyberattack classification and
data communication channels can cause significant damage, group the attacks into six classes. For these attack classes,
but have not been given sufficient attention by the research in Section IV, we survey their countermeasures, and orga-
community. Therefore, data channel attack should deserve a nize them into three categories. Section V highlights open
higher priority compared to other attacks. In another survey, research challenges and present potential future works. This
[17] has classified existing cyberattacks into three classes, paper ends with concluding remarks in Section VI.
namely data interception attack, data manipulation attack and
denial-of-service attack. However, in [17], the reference list II. UAV SYSTEM AND OPERATION MODEL
includes a significant number of existing works which have Based on the operating altitude and flying range, UAVs can
not been developed in the context of UAVs. be classified into three classes as follows:
Compared to cyberattacks, we find it more useful to sur- • Small UAV: Operates at an altitude up to 300 m, and a
vey the countermeasures for these attacks. This is because range of up to 3 km. Weight for small UAV should not
countermeasures may not be cyberattack specific, in the exceed 24 kg.
sense that a countermeasure may be effective against more • Medium UAV: Operates at an altitude above 300 m but
than one kind of attacks. As such, having a comprehensive below 5,500 m, and a range above 3 km but below 200
understanding of the state-of-the-art in countermeasures, can km.
prepare us against any current or newly created cyberattack. • Large UAV: Operates at an altitude above 5,500 m, and
Unfortunately, no existing work has provided a comprehen- a range above 200 km.
sive survey of cyberattacks with a focus on countermeasures.
We focus on civilian and commercial applications. Hence, we
This paper aims to close this gap in the existing literature.
consider only small and medium UAVs that fly at an altitude
While surveying for cyberattack countermeasures, this
of less than 0.5 km for non-tactical operations.
paper focuses on attacks which are launched on UAVs, but
Small and medium UAVs can be further classified based
not using UAVs as attack agents on other UAV or non-
the level of operational autonomy, into two categories as
UAV targets. We focus on cyberattacks but not physical
follows:
attacks, which must use some forms of mechanical contact or
physical tool to seize, trap or catch a targeted UAV. We first • Remotely controlled UAV: This type of UAVs are con-
classify UAV cyberattacks, based on the type of their attack trolled by a human operator from a remote location.
entry point, which can be either radio channel, message The remote operator sends control commands over a
or on-board system. Following this classification, there are wireless communication channel to control the UAV.
six categories of attack, namely channel jamming, message On-board the UAV, the received command is delivered
interception, message deletion, message injection, message to an embedded controller. The controller is aware of
spoofing, and on-board system attack. Given the classifica- the UAV’s internal and external states through various
tion, we survey the existing literature for their countermea- measurements from on-board sensors. Given the state
sures. We organize the countermeasures into three categories, information, the controller translates a command into a
namely prevention, detection and mitigation. We identify set of executable maneuver instructions. In addition to
some countermeasures which are commonly applicable to movement control, a command may simply request the
multiple types of cyberattacks. The main contributions of this UAV to send to the human operator, its state information
paper are summarized as follows: and sensor measurements. In this type of UAVs, the
human control can be direct or indirect. Under direct
• A systematic classification of different types of UAV control, the UAV can change its movement only if there
cyberattacks, based on the types of attack entry point. is a specific command to do so. On the other hand, with
There are six attack categories, namely channel jam- indirect control, the human operator may only specify
ming, message interception, message deletion, message some high level details of a mission such as altitude,
injection, message spoofing, and on-board system at- speed, direction, etc., and does not provide continu-
tack. ous commands. In this case, the on-board controller
• A comprehensive and concise review of countermea- is responsible of translating such a high level mission
sures against UAV cyberattack. We organize these coun- specification into a sequence of control commands.
termeasures into three categories, namely prevention, • Fully autonomous UAV: This type of UAVs requires
detection and mitigation. We emphasize that some coun- human operator to provide only mission objective and
termeasures are not exclusive to a particular cyberattack possibly also way-points. They can make control de-
and thus, can be effective against more than one mali- cisions, react to events and perform flight maneuvers
cious acts. without any human involvement. Such capability re-
• A detailed discussion of open research challenges and quires the UAV to independently and continuously per-
potential future works. ceive its internal and external states using on-board
The rest of this paper is organized as follows. Section II sensors. Based on the perceived states, the embedded
describes the UAV system and operation model. In Section controller will issue intelligent control commands and
VOLUME 9, 2021 3

This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
 This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2021.3124996, IEEE Access

P.-Y. Kong: A Survey of Cyberattack Countermeasures for UAV

maneuver instructions to various parts of the UAV. message broadcast is called the navigation channel. With
While autonomous UAVs are capable of self-control, the navigation messages received from multiple reference
there may be a provision for human intervention in some points, a UAV can determine its own position coordinate
exceptional cases. For example, the UAV may request using localization techniques, such as triangulation or mul-
for confirmation from a human operator before making tilateration. These navigation reference points can be static
a detour from its original flight mission to avoid an infrastructures on the ground, or earth-orbiting satellites in
unexpected event. the space. Typically, these satellites are part of a global
navigation satellite system (GNSS), such as the global po-
sitioning system (GPS), GLONASS, Galileo and Beidou. A
brief characteristic summary of several GNSS is presented in
Table. 2. Our system model does not demand a specific type
of navigation reference points, but most existing literature
has assumed GPS. On the other hand, Beidou as the newest
GNSS, has attracted increasing interest. Hereafter, navigation
reference point mean an earth-orbiting satellite of a GNSS.

TABLE 2. Comparison of several Global Navigation Satellite Systems

GPS GLONASS Galileo Beidou

Owner United Russia European China
States Union
Altitude 20,180 km 19,130 km 23,222 km 21,150 km
Number of
operational 24 24 24 + 28
satellites 6 backups
Signal 1.563–1.587 1.593–1.610 1.559–1.592 1.561098
transmission 1.215–1.239 1.237–1.254 1.164–1.215 1.589742
frequency 1.164–1.189 1.189–1.214 1.260–1.300 1.20714
FIGURE 1. Unmanned area vehicle (UAV) system and operation model. (GHz) 1.26852
Navigation messages are broadcast in the navigation channel, from external Localization
navigation reference points which can be earth-orbiting satellite or a static precision 0.3 - 5 2-4 0.01 - 1.0 0.1 - 3.6
ground facility. (meter)

In the system model, the ground control station is a facility

Following the description above, we have generalized the for human operators to monitor and control a UAV during its
remotely controlled and the fully autonomous UAV into a operation. The control station may exist in different forms.
single system model as illustrated in Figure 1. In summary, For small-size recreational UAVs, the control station is a
each UAV is a cyber-physical system, which other than the small hand-held device, such as a smart phone, etc. For
unmanned aircraft itself, needs supports from several external commercial cargo-ferrying UAVs, the control center is a self-
elements, such as a wireless communication network, a few contained room with multiple workstations and real-time
navigation reference points, and a ground control station. data feed, functioning like a virtual cockpit. The ground
Despite the fact that UAV is a system, consisting of several control station can be directly connected to a UAV through
components other than the UAV itself, we continue to use a wireless communication link, such as Wi-Fi, Zigbee, Blue-
the term “UAV” to refer to both the whole system as well tooth, proprietary telemetry, or remote controller link, if the
as the aircraft alone, for simplicity hereafter. For a UAV, its UAV’s operation range is within the communication range.
payload includes all cargo and equipment that it carries. For Otherwise, a satellite communication network or other wide-
brevity in the system model, we intentionally do not describe area wireless communication network, such as 5G cellular
a UAV’s payload, because its characteristics can vary signifi- network is required to connect the control station with UAVs.
cantly depending on applications. Although it is not explicitly As depicted in Figure 1, each communication link may
illustrated in Figure 1, the system model does not exclude contain a control channel, a data channel or both a control
UAV-to-UAV communications. In such a case, the peer-to- and a data channel. The control channel is used to transmit
peer communication link between two neighboring UAVs is control commands and other control-related messages. On
the same as the one between a UAV and the ground control the hand, the data channel is used to deliver data, which
station. may include video, images, sensor measurements, position
The navigation reference points are nodes that know coordinates, etc. Through these communication channels, the
their own position coordinates and are equipped with com- ground control station can monitor and dictate the behavior
munication capability. These nodes periodically broadcast of a UAV, as well as exchanging data with the UAV.
their coordinates through navigation message to other nodes, As shown in Figure 1, each unmanned aircraft consists
such as UAVs. The radio channel used for such navigation of a few modules, namely airframe, propulsion system,
4 VOLUME 9, 2021

This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
 This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2021.3124996, IEEE Access

P.-Y. Kong: A Survey of Cyberattack Countermeasures for UAV

energy source, sensor module, communication module and

embedded controller. The sensor module consists of various
sensors and is equipped with capability to pre-process sensor
data. The sensors may include pressure sensor, attitude sen-
sor, inertia measurement unit, gyroscope and accelerometer,
which are essential to safely fly a UAV at a steady speed
and altitude. Depending on applications, some UAVs may
be installed with radar, infrared scanner and camera. The
communication module is responsible of receiving naviga-
tion messages from the external reference points, as well as
connecting UAVs to the ground control station and to other
neighboring UAVs. Through this communication module,
UAVs can receive control commands from and send collected
FIGURE 2. Illustration of a cyberattack on a UAV.
data to the ground control station. The embedded controller
is the central processing unit, that forms the foundation and
hosts the operating system of the UAV. It links different mod-
ules together by supporting inter-module communications.
This controller processes the received navigation messages to A. CHANNEL JAMMING
determine the UAV’s own coordinates, velocity and timing, Channel jamming is a carried out by producing an interfering
which can be provided to the ground control station for radio signal with a power which is significantly higher than
tracking. As the central processing unit, the controller also the power of legitimate signals in a targeted channel. As a
collects and processes real-time data from on-board sensors, result, the legitimate signals are overpowered and will appear
to determine its internal and external state, to stabilize the only as noise at the receivers. By causing such message
aircraft and to perform maneuvers according to commands reception failures, this attack aims to make a communication
from the ground control station. channel unavailable to a receiver. Hence, channel jamming is
a form of denial-of-service attack in the physical layer.
III. CYBERATTACKS Channel jamming is not sophisticated and is probably
A cyberattack is an offensive act with malicious intents that the simplest among all UAV cyberattacks. As illustrated
affect computation and communication functions. While an in Figure 4, it can be launched in the navigation channel,
attacks can result in some incremental failures in cybersecu- control channel and data channel. For attacks on navigation
rity requirements, such failures may not be the ultimate goal channel, the impact is often the loss of navigation messages
of an adversary. As illustrated in Figure 2, through a series of at a targeted UAV. Without navigation messages from GNSS
incremental cybersecurity failures, the adversary may aim to satellites, the UAV will not be able to accurately determine its
ultimately destroy or hijack the UAV, to jeopardize a flight own position, and probably also times. As a result, the UAV
mission, or to simply steal the collected information. As cannot follow a desired flight path and may crash to ground.
such, cyberattack may be a complex multi-stage process. For For attacks on control and data channel, the attack target
example, a cyberattack may consist of three stages, to first can be both a UAV and the ground control station. Jam-
feed a UAV with fake navigation messages leading to a wrong ming control channel can lead to failure in receiving control
calculation of its coordinate. Then, the adversary will jam commands from the ground control station and system state
the control channel to prevent the UAV from from receiving updates from the UAV. Jamming data channel can disrupt
commands from the ground control station. Finally, with fake images, video and data exchange between UAV and the
navigation messages and without control command, the UAV ground control station.
may be disoriented and eventually crash to ground.
In each of the multiple stages, an atomic attack adds a B. MESSAGE INTERCEPTION
further cybersecurity failure and bring the UAV to more com- Message interception is a passive attack, where an eavesdrop-
promised state, which is closer to the malicious ultimate goal. per simply receives through sniffing capture, the messages
We treat the atomic attack at each stage as an independent transmitted in a communication channel. In this attack, the
cyberattack, and classify these attacks based on their attack adversary needs to interpret and understand the intercepted
entry points. As depicted in Figure 2, there are three types of messages. The aims may be as simply as to see what the
attack entry points, namely radio channel, message, and on- targeted UAV is seeing. On top of this, the adversary may
board system. Based on these entry points, with reference to be able to derive other secondary information from the in-
Figure 3, we have grouped cyberattacks into the following six tercepted messages. For example, a leaked video streaming
categories: channel jamming, message interception, message from a UAV may allow the adversary to determine the
deletion, message injection, message spoofing, and on-board concerns or interests of the UAV operator.
system attack. Message interception is a serious breach of information
confidentiality. As illustrated in Figure 4, this attack is typ-
VOLUME 9, 2021 5

This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
 This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2021.3124996, IEEE Access

P.-Y. Kong: A Survey of Cyberattack Countermeasures for UAV

FIGURE 3. Unmanned aerial vehicle (UAV) cyberattack classification.

D. MESSAGE INJECTION
Message injection is a form of cyberattack in which ille-
gitimate messages are created and then, transmitted through
control or data channel. As illustrated in Figure 4, this attack
is not normally launched in navigation channel.
Message injection can be further divided into blind injec-
tion and message replay. In blind injection, the illegitimate
messages are independently created by the attacker without
any consideration of the targeted UAV and its operating
environment. In message replay attack, the illegitimate mes-
sages are created as duplicates of some intercepted messages.
However, message replay attack is different from message in-
terception attack in the sense that such message replay attack
may not require the adversary to understand an intercepted
message before retransmitting the message.
FIGURE 4. Exposure of different attack entry points to different attack classes.
Blind injection is less sophisticated than message replay
attack. Blind injection attack aims to generate addition mes-
sage traffic to overload control and data channel. As a result
of blind injection, legitimate messages are squeezed out of
ically applicable only to both control and data channel, but the communication channel by illegitimate messages [18].
not to navigation channel. This is because the navigation Blind injection can also be used to send excessive requests
messages are openly broadcast with intention to be received to overload a server at the ground control station or the
by everyone. embedded controller on-board a UAV. Overloading on-board
controller can quickly deplete the UAV’s battery. Therefore,
C. MESSAGE DELETION blind injection attacks is a form of denial-of-service attack
Message deletion is a malicious act that discards a message, which is performed above the physical layer. In a computer
which should have been transmitted to its intended receiver. simulation developed by [19], such a denial-of-service attack
This attack is carried out by an adversary which supposes to has been carried out by using up to 30 hostile UAVs, which
relay the message, where the sender and intended receiver are collectively transmit a large number of control messages to a
not within the communication range of each. Compared to targeted UAV or a ground control station.
message interception, message deletion may be less compli- Video replay attack is a specific form of message replay
cated because it does not require the adversary to understand attack when the replayed messages are produced from a
the message, but to simply discard it. captured video stream. A video replay attack can be used
As illustrated in Figure 4, this attack is usually not appli- by an adversary to hide the actual condition of a critical
cable to navigation channel, because the navigation reference infrastructure or facility under surveillance by substituting
points, i.e., satellites can broadcast directly to UAVs. As a the actual live feed of a camera with a previously recorded
result of message deletion in control and data channel, a UAV video. Keep replaying a recorded video which shows a satis-
may not receive commands from the ground control station factory condition, may create an all-good illusion while the
and the control station may not receive video streams from a infrastructure has already been intruded. According to [20],
UAV. By discarding a large number of messages, this attack VideoJak is a free video security assessment tool which can
has the effect of disconnecting UAV and the ground control be used to launch video replay attack on internet protocol (IP)
station in both control and data channel. cameras, that are similar to the video systems used in many
commercially available UAVs.
6 VOLUME 9, 2021

This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
 This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2021.3124996, IEEE Access

P.-Y. Kong: A Survey of Cyberattack Countermeasures for UAV

E. MESSAGE SPOOFING UAV to alter its flight path or to land in a hostile location. In
Message spoofing is the malicious act of producing and addition to these attacks over generic wireless links, there is a
transmitting a fake version of a message, and making them specific type of control message spoofing attack for the case
appear as they are transmitted from a legitimate sender. In of Wi-Fi being used to inter-connect UAV and ground control
this context, the attacker is the illegitimate fake message station. This attack over Wi-Fi is called the de-authentication
sender and it is called the spoofer. As illustrated in Figure 4, attack [26]. In a UAV Wi-Fi network, the aircraft is an access
this attack can be launched in navigation channel, control point and the ground control station is its client. The access
channel and data channel. For navigation channel, the spoofer point periodically broadcasts its identifier. Upon discovering
mimics only the actual navigation reference points, which are an access point based on the identifier, a client can request to
the earth-orbiting satellites of GNSS. For control and data connect to the access point by sending an authentication re-
channel, the spoofer may mimic a UAV as well as the ground quest followed by an association request. Later, the client can
control station. request to be disconnected from the access point by sending a
For message spoofing attacks on navigation channel, the disassociation or de-authentication message to the UAV, i.e.,
aim is to make a UAV believes that it is at a location other the access point. A de-authentication attack is performed on
than where it actually is, or it is at the actual location but at a a UAV by first discovering the UAV’s access point identifier
wrong time. A spoofer performs the attack by first receiving from its broadcast. Then, the attacker finds out the medium
the original navigation message and then, either modifying access control (MAC) address of the ground control station
it or simply holding it for a delay, before retransmitting through wireless sniffing. Subsequently, the attacker sends a
the message at the current or another location. Due to the spoofed de-authentication message to the UAV on behalf of
popularity of GPS, message spoofing is widely known as the control station. As a result, the UAV is disconnected from
GPS spoofing in the literature. According to [21], the spoofed the ground control station pre-maturely. The detailed steps
GPS message should be transmitted at a power as much as 3 of such a de-authentication attack using a free software tool,
times the expected received power of a legitimate navigation called aircrack-ng [27] have been described in [28].
message to suppress it at the targeted UAV. This should not After a successful de-authentication attack, the adversary
a problem to most attackers because legitimate navigation can launch further attacks to mimic the actual ground control
messages from satellites often have a weak power on earth. station to hijack the UAV. One example of such further attack
For example, GPS signals are normally -160 dBW at a is the man-in-the-middle attack, where the adversary pre-
ground-level receiver. The falsified or delayed navigation tends to be both a UAV and the ground control center [29]. In
messages will result in errors when they are used by a UAV such attack, the adversary intercepts the genuine commands
in determining its own position coordinates. The work [22] generated by the control station, replaces the command with
describes the use of GPS spoofing in an effort to hijack a a falsified one before sending it to the UAV, and transmits a
UAV. Examples of navigation message spoofing attack have fake response as if is generated by the UAV to the control sta-
been presented in [23] and [24], where fake GPS messages tion. As such, the adversary may directly command the UAV
have successfully induced an upward drift in the UAV’s without being noticed. The elaborated de-authentication and
perceived locations, and caused the UAV diving in to the man-in-the-middle attack has been automated in SkyJack,
ground. which is a UAV that has been engineered to autonomously
Navigation message (GPS) spoofing attack needs to imi- seek out and then, to take control over any other UAVs within
tates the true messages, rather than just destroying the mes- its Wi-Fi range. The source codes of SkyJack implementation
sage. As suggested in [25], depending on the level of details are publicly available at [30].
in such imitation, GPS spoofing itself can be further divided Data message spoofing attack may exist in various forms
into three classes, namely basic, intermediate and advanced. depending on the types of data being falsified. Falsifying
Basic attacks produce a fake message without paying atten- images taken by a UAV may hide the existence of an object
tion to consistency with the legitimate messages. Intermedi- under surveillance. A falsified coordinate broadcast from
ate attacks synchronize the physical signal characteristics of a UAV may cause the UAV becomes untrackable by the
a fake message with that of the legitimate messages, taking ground control station. In the literature, an example of such
into account signal power, signal arrival angle, etc. Advanced data message spoofing attacks on coordinate broadcast can
attacks not only synchronize a fake message with the legiti- occur in the Automatic Dependent Surveillance Broadcast
mate messages, but also work in coordination with multiple (ADS-B) system [31]. In ADS-B, an aircraft derives its
other spoofers to mimic the presence of multiple external position coordinates based on navigation messages received
reference points of an actual GNSS. Compared to the basic from a GNSS, such as GPS. Then, the aircraft is required
and intermediate attacks, the advanced attacks are meticulous to broadcast its coordinates once per second. Based on the
and ambitious with significant attacking resources. position information, the ground control station and other
For message spoofing attacks on control channel, the aim aircraft can precisely track the aircraft without the need of
is to use falsified control messages to mislead a UAV or using radar. Compared to radar which sweeps for position in-
the control center into performing some acts in favor of an formation every 5 to 12 seconds, ADS-B is more responsive.
adversary. For example, a falsified command may instruct a Through ADS-B, a UAV can achieve situational awareness
VOLUME 9, 2021 7

This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
 This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2021.3124996, IEEE Access

P.-Y. Kong: A Survey of Cyberattack Countermeasures for UAV

and perform self-separation to avoid mid-air collision. The surface. As a result, the UAV will calculate wrongly its drift
occurrence of ADS-B message spoofing attack has been or may not obverse the existence of a ground underneath.
studied in [32]. In this attack, an adversary first acquires the
precise position and velocity information of a targeted UAV IV. COUNTERMEASURES
through its ADS-B messages. Then, the adversary falsifies In the literature, a number of countermeasures have been
similar ADS-B messages from other neighboring UAVs to proposed against various cyberattacks on UAVs. Some of
impose on the targeted UAV, an impression of an upcoming these countermeasures require mechanical systems, such as
mid-air collision. This impression will trigger a collision one that deploys a physical net to catch a straying UAV or
avoidance procedure in the targeted UAV and forces it to alter fires a bullet to shoot down a hijacked UAV, etc. We focus
its flight path into a pre-determined trajectory. A sequence of on the countermeasures that do not require such mechanical
such alterations in flight path can force the targeted UAV into systems. We notice that some countermeasures may not be
a position as dictated by the adversary. exclusive to a particular cyberattack in the sense that each
countermeasure may be applicable to more than one type of
F. ON-BOARD SYSTEM ATTACKS attacks. This is because different attacks may differ in their
As illustrated in Figure 4, this class of attacks target on- attack targets and attack vectors, but may lead to a same
board firmware and software systems, such as the embedded consequence. For example, a control message spoofing attack
controller, sensor modules, operating system, etc., but not and a virus attack are from different categories, but may lead
radio signals, communication channels or transmitted mes- to a same result of a misbehaving UAV.
sages, which are off-board. These attacks can be carried out As illustrated in Figure 5, countermeasures can be classi-
in diverse forms, with different objectives. In some cases, on- fied based on their functional scopes into three categories,
board system attacks are launched to build foundation or to namely prevention, detection, and mitigation. Prevention
provide covert to subsequent attacks. countermeasures try to stop a cyberattack from starting.
An attack may exist in the form of a malicious computer When the prevention countermeasures have failed and an
program, such as a virus or malware implanted in the on- attack has been successfully started, detection countermea-
board software and operating system. Such a virus may sures become important in alerting the UAV operator of such
introduce without being notice, a sequence of small changes attack. After detecting the presence of an attack, mitigation
in rotor speed, that will eventually cause the UAV to lose its countermeasures help in reducing the negative impacts and
lift and then, crash to ground. In [33], the authors have raised limiting the damage. The functional scopes of different coun-
the concern of malware attacks when off-the-shelf Apple and termeasures are illustrated in Figure 6.
Andriod hand-held devices are prevalently used to control
UAV. However, this concern is slightly different from ours, A. PREVENTION
because it deals with the risk of malware invading the hand-
In general, prevention countermeasures work in the following
held devices, but not the UAV. Nevertheless, building on [33],
three methods:
a malware may invade a UAV from the infested hand-held
devices, where the hand-held devices are just stepping stones. • Impose strict system access control such that only au-
A malware may perform as a randomware when it is capable thorized personnel and software agent may establish
of blocking access to a UAV unless a random is paid. contact with a UAV.
If an attacker knows exactly how the UAV’s sensor al- • Protect information confidentiality, integrity and au-
gorithm works, then the attacker can manipulate the UAV’s thenticity such that no fake or erroneous data and com-
environment to generate a certain input to the UAV’s sensor. mand will be accepted.
Such generated sensor input aims to induce a certain UAV • Use only system firmware and software components
behaviors in favor of the attacker. This kind of attack is called without exploitable vulnerabilities.
on-board sensor attack, which exploits predictable responses As shown in Table. 3, not all the three prevention methods
of a UAV with respect to a sensor input. As an example, are applicable to all cyberattacks. For example, as a coun-
[34] has first noted that the accuracy of a micro-electro- termeasure against the sensor attack in [34] and [35], we
mechanical (MEM) gyroscope can deteriorate significantly at need to design and implement the UAV by using only sensors
its resonance frequencies. Given such an exploitable vulnera- with acceptable characteristic within an expected operating
bility, the authors have used simple consumer-grade speakers range. Specifically, in the case of [34], we need to select a
to generate interfering audio signals at the MEM’s resonant suitable gyroscope which is not affected by the surrounding
frequencies, to alter the outputs of a UAV’s gyroscopes, acoustic noise in its typical operating range. But, such a
causing the UAV to lose control and crash to ground. Another countermeasure is not useful for other attacks. Furthermore,
example of sensor attack is called sensor input spoofing on-board system components must be equipped with anti-
attack in [35]. The attack targets optical flow sensor which tampering features, to guard against the opening up of more
measures a UAV’s drift by observing changes in its ground attack entry points. Another example is the use of jam-
plane images. An adversary can influence the ground plane ming resilient transmission schemes, such as direct sequence
image from a distance by projecting light onto the ground spread spectrum and frequency hopping spread spectrum, to
8 VOLUME 9, 2021

This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
 This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2021.3124996, IEEE Access

P.-Y. Kong: A Survey of Cyberattack Countermeasures for UAV

FIGURE 5. Unmanned aerial vehicle (UAV) cyberattack countermeasure classification.

message interception attack [36]. Compared to asymmet-

ric cryptography, symmetric cryptography is less computa-
tionally demanding and thus, is more suitable for low-cost
UAVs with limited on-board resources. A challenge in im-
plementing symmetric encryption is secret key distribution.
A symmetric key distribution scheme has been proposed in
[37] for implementation on the radio control channel. The
scheme is unique in the sense that it can be implemented
on commonly available radio modules and does not require
any hardware modification. The key distribution scheme has
adopted Galois Embedded Crypto, and has modified it for im-
FIGURE 6. Functional scopes of different cyberattack countermeasures. plementation using ArduinoLibs Crypto library on resource-
limited Arduino Uno. In the implementation, both the control
station and UAV have a commonly known permanent secret
key Kp , which is pre-programmed in ROM at the factory. At
prevent channel jamming attacks. Such countermeasure is not the start of a new communication session, the control station
generally useful for other attacks, which are not launched in first generates a session key Kc and a random initialization
the physical layer. number Ic . The control station encrypts Kc using Kp and
Despite being grouped within a same class, different pre- then, pre-appends the generated cypher text with Ic to pro-
vention countermeasures may have significantly different duce an encrypted message mc . The control station transmits
realizations. The access control to prevent message dele- mc to the UAV. The UAV extract Ic from mc and decrypts the
tion and virus attacks can be some password-based node received cypher text to obtain Kc . Then, the UAV generates
authentication schemes over generic wireless links. When its own session key Ku and sets its initialization number
the wireless link is Wi-Fi as in the case of de-authentication Iu = 0. The UAV encrypts Ku using Kc and then, pre-
attack described earlier in Section III.E, access control can appends the generated cypher text with Iu to produce an
be done in the form of allowing only devices with pre- encrypted message mu . The UAV sends mu to the control
registered MAC addresses to establish connection with the center. The control center decrypts the received cipher text
UAV, which is a Wi-Fi access point. According to [28], using Kc to obtain Ku . After exchange of acknowledgments,
this is a reliable countermeasure because MAC address is a the control center encrypts all messages to the UAV using
unique hardware identifier assigned to each Wi-Fi interface Ku and Iu , and the UAV encrypts all messages to the control
card. By checking the MAC address, the UAV can accurately center using Kc and Ic . The values of Ic and Iu are increased
filter out an adversary and deny its chance in submitting a by a fixed number after each message.
fake de-authentication message. In addition to access con- Apart from cryptographic encryption, information confi-
trol via MAC address filter, [28] has suggested to prevent dentiality can also be achieved using physical layer security
de-authentication attacks by not broadcasting, but hiding a techniques. In the context of a UAV-aided communication
UAV’s access point identifier. Also, the authentication and system, [38] has proposed to guard against a full-duplex
association messages which are transmitted in clear text by eavesdropper by transmitting in the physical layer, artificial
default, should be encrypted to prevent wireless sniffing, noise signals together with information signals. A scheme
which precedes the attack. has been derived to determine the optimal power allocation
In Table 3, cryptography appears as useful in preventing factor between artificial noise and information signals, such
several cyberattacks. With reference to Figure 3, encrypting that a combination of transmission outage probability and se-
a message can protect its confidentiality and thus, can prevent crecy outage probability is minimized. Also, the scheme can
VOLUME 9, 2021 9

This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
 This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2021.3124996, IEEE Access

P.-Y. Kong: A Survey of Cyberattack Countermeasures for UAV

TABLE 3. Applicability of prevention countermeasures to cyberattacks

Prevention Countermeasures
Cyberattacks Access control Protect information System component selection
Channel Jamming resilient transmission schemes,
Jamming such as direct sequence spread spectrum,
frequency hopping spread spectrum, etc.
Message Protect information confidentiality through
Interception cryptographic encryption [36], [37],
physical layer security scheme [38], [39], etc.
Message Stringent node authentication to admit
Deletion only trusted neighbor as message relay
when the intended receiver is not within
communication range.
Message Verify message authenticity through
Injection cryptographic encryption, to confirm that
the message is indeed originated from a
sender.
Message Stringent node authentication to admit Confirm message integrity through
Spoofing control station using MAC address filter cryptographic encryption [40],
and to avoid broadcast of access point Blockchain [41]–[44], etc.
identifier, to prevent de-authentication
over Wi-Fi wireless link [28].
On-board Stringent node authentication to admit Design and implement a system that uses
System only trusted programs to prevent virus only firmware, software and sensors
Attack and malware attack. which have no exploitable characteristics
or vulnerabilities.

Equip on-board systems with anti-tampering

technology to guard against opening up of
attack entry points.

control the height of a UAV to achieve a desire information the foundation for Blockchain technology. In the literature,
secrecy rate. By exploiting the mobility of a UAV, the work Blockchain that depends heavily on one-way hash function
[39] has proposed to maximize the information secrecy rate has been used to provide UAVs with secure communication
against an eavesdropper on the ground, by jointly optimizing [41]–[43]. A Blockchain-based communication scheme has
the UAV’s trajectory and transmit power over a finite horizon. been proposed in [44], where a group of UAVs collectively
While physical layer security techniques are promising, when build a Blockchain as a verifiable record of past communi-
the eavesdropper is located close to the transmitter, which cation activities. All UAVs in the group has a fair chance to
can be the ground control station or UAV, there is still a add a block to the chain. As a record of activities that have
challenge in achieving a high enough information secrecy happened, the Blockchain may be useful for forensic pur-
rate for meaningful communications. poses, but not to protect confidentiality of a current message
Protecting information confidentiality can also prevent transmission. In the scheme, a sender UAV must first encrypt
message spoofing, which requires first to understand a mes- its message using a one-time symmetric encryption key,
sage before modifying it. In [40], message encryption has transmit the encrypted packet to all UAVs in the Blockchain
been proposed to prevent control message spoofing which group, and seek consensus from the group in confirming
appears in the form of man-in-the-middle attack. In another the integrity of message. The confirmation is consensus-
example, in navigation message spoofing, cryptography can based and is done through simple majority voting. Only
prevent the attack by encrypting all broadcast messages. after such confirmation, the sender UAV will delivery the
However, such a method is normally expensive and has message to its intended receiver, which can be another UAV
been done only for military applications, where the intended or the ground control station. While the work has highlighted
receivers are knows a priori. In the context of GPS, the the use of Blockchain, message confidentiality is actually
encrypted Precise(P)-Code messages can be assessed only by achieved through the symmetric encryption. In a separate
the military while the Coarse/Acquisition(C/A)-Code mes- work, [45] has proposed to use Blockchain for distributed
sages for civilian application are not encrypted. After infor- storage of machine learning data to be used in intelligent
mation confidentiality is breached, encryption can still offer decision making among multiple UAVs.
a second line of defense in preventing message spoofing
with an ability to check for message integrity. Cryptographic B. DETECTION
encryption is also useful in preventing message injection Cyberattacks can be detected through the following two
attack through message authentication, which can verify if methods:
a message is indeed transmitted from a legitimate sender. • Detect the presence of an attack agent. An attack agent
In addition to message encryption, cryptography is also is an element that actually performs the attack or creates
10 VOLUME 9, 2021

This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
 This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2021.3124996, IEEE Access

P.-Y. Kong: A Survey of Cyberattack Countermeasures for UAV

an impact, on behalf of an attacker. Such agent may receiver has not received the message, (b) A UAV claims to
appear in different forms depending on the type of be a source node, but another verified source has reported
attacks. For example, the attack agent for a channel to have forward a message to it, (c) A UAV claims to be a
jamming is a strong interfering radio signal, while the relay and reports that it has not received a message from a
attack agent for a virus attack is a malicious computer verified source node. After a number of increments, the MDR
program. value will exceed a threshold, which indicate the occurs of an
• Detect the presence of anomalies, which may exist in attack. For high detection accuracy, the detection threshold is
on-board resource usage pattern, radio signal, commu- determined based on the posterior belief probability distri-
nication traffic, flight movement, etc. bution given the observations and updated using a learning
Due to the passive nature of an eavesdropper, the attack algorithm. However, this method does not allow a UAV to
agent of message interception is the attacker itself. Such a play multiple roles, such as a data source and a message relay,
passive eavesdropper may not be easily detectable. Neverthe- at a same time. In addition to message deletion, [47] has
less, an eavesdropper may still be detected indirectly using proposed another method to detect data message spoofing, by
secondary information, such as the heat generated by the verifying data consistency from multiple transmitters. Here,
eavesdropper’s electronic circuits. Through a heat seeking the assumption is that in a surveillance applications, multiple
infra-red camera, a UAV may scan its ground coverage area UAVs may be deployed to observe a same events. Therefore,
for any hidden data interceptor. a message spoofing attack can be detected when the data
With reference to Table 4, virus and malware attacks can received from multiple UAVs are not consistent with each
be detected through up-to-date anti-virus scanning software. other.
Therefore, it is crucial to have the latest virus signature Building on [47] and with a similar disruption tolerant
database uploaded to a UAV before its flight mission. Mes- network, the same authors have worked on detecting blind
sage replay attack and message spoofing can be detected by injection attacks in [48]. As a result of blind injection,
observing the presence of replayed and spoofed messages, the number of incoming messages or service requests can
respectively. Detecting such malicious messages can be done suddenly surge to a high value. In [48], blind injection is
through cryptographic algorithms. detected by checking the statistical characteristics of number
Channel jamming attacks can be detected by observing of packets and packet delay jitter. The work assumes the
the presence of an attack agent, i.e. jamming signals in the statistics follow a Gaussian distribution. Then. an attack is
same radio channel. A simple method to detect the jamming detected when the packet count or delay jitter exceeds a
signal’s presence is by monitoring the total received power threshold. The threshold is originally set at 3 times standard
in the frequency channel of interest. A jamming signal is deviation, and is subsequently updated using a support vector
considered presence if the received signal power to noise machine.
power ratio (SNR) is above a threshold. This method requires Without targeting a specific attack type, [49] has proposed
proper selection of the detection threshold, which can affect to detect anomalies in network traffic using different machine
the detection accuracy. Compared to this simple threshold learning algorithms. The algorithm inputs are different net-
method, [46] has suggested to use sum-of-squares of the work traffic features, which include flow duration, number
power ratio as the decision statistic. This is because, com- of packets, maximum and minimum packet sizes, average
pared to non-jamming signals, jamming signals can cause and total packet sizes, standard deviation of packet sizes,
correlated changes in all measured values of the ratio. etc. It has been found that decision tree algorithm performs
A cyberattack often leads to changes in on-board resource the best as compared to logistic regression, linear discrimi-
usage pattern, radio signal, communication traffic, flight nant analysis, K-nearest neighbors algorithm, Gaussian naive
movement, etc. As summarized in Table 4, by observing Bayes algorithm, stochastic gradient descent and K-mean
abnormal variation in these characteristics, we may detect algorithm.
the occurrence of an attack. Since different attack may target Control message spoofing can cause a UAV to move unex-
different aspect of a UAV, the anomalies may appear in pectedly as dictated by a hijacker. On the other hand, naviga-
diverse forms. tion message spoofing can cause a UAV to be disoriented in
Message deletion and blind injection attack can lead to an aimless flight. Hence, we can detect both control and nav-
anomalies in network performance and traffic. Message dele- igation message spoofing by finding anomalies in a UAV’s
tion can cause the packet delivery ratio to drop significantly. flight behaviors and statistics. The work [50] has proposed
Consider a disruption tolerant network with UAVs function- a recursive least square algorithm to compute several flight
ing as relay nodes, [47] has proposed to detect message dele- control statistics, such as roll, pitch, yaw, drag, thrust and lift,
tion by monitoring the packet delivery ratio. The work has to characterize the control dynamics of a flight mission. Then,
defined a parameter, called message dropping rate (MDR). by tracking the real-time values of these statistics, an attack
Each UAV may monitor other UAVs within its neighbor- can detected when there is a significant deviation from the
hood and increase the monitored UAV’s MDR value in the statistics’ typical values. However, this scheme is applicable
following three conditions: (a) A UAV claims to be a relay only for cases where the UAV are repeatedly flying a same
and reports that it has forwarded a message, but the intended flight mission. This is because different flight missions will
VOLUME 9, 2021 11

This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
 P.-Y. Kong: A Survey of Cyberattack Countermeasures for UAV

VOLUME 9, 2021
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI

This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
TABLE 4. Applicability of detection countermeasures to cyberattacks
Countermeasures
Cyberattacks Presence of attack agent Presence of anomaly
Signal characteristic Communication traffic Flight behavior UAV environment
Channel Detect presence of jamming signals
Jamming through excessive SNR,
sum-of-square of SNR [46], etc.
Message Detect the presence of eavesdropper
Interception using infrared camera to seek out
heat generating electronic circuits.
Message Detect abrupt or unexpected drop
Deletion in message delivery ratio [47], [49].
Message Detect the presence of replayed Detect blind injection through Detect video replay through time
10.1109/ACCESS.2021.3124996, IEEE Access

Injection message through cryptographic surge in incoming messages, and solar shadow inconsistency in
encryption. service requests, etc [48], [49]. video stream [54].
Message Detect the presence of spoofed Detect GPS spoofing by observing Detect inconsistency in data from Detect deviation in flight control Detect inconsistency in location
Spoofing message through failures of anomaly in received signal’s multiple UAVs deployed in a same statistics [50], using solar shadow [55],
message integrity and/or physical characteristics, such as operation [47]. movement statistics [51], aerial images [56],
authenticity checks. signal strength, noise level, location statistics [52], etc. neighbor UAVs’ coordinates [67],
automatic gain control value [57], etc.
signal arrival angle [58], Detect abnormal behaviors using
signal phase-delay [59], etc. a set of rules which checks on
internal system states [53].
Detect GPS spoofing by comparing
received signal against reference
model [62]–[64].
Detect GPS spoofing by observing
general anomaly in raw received
signals using fuzzy logic and
Kalman filter [65].
Detect GPS spoofing by finding
discrepancy between between the
received GPS signals against a
secondary on-board systems [66].
On-board Detect the presence of virus and
System malware using anti-virus scanning
Attacks software with up-to-date virus
signature.

12
 This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2021.3124996, IEEE Access

P.-Y. Kong: A Survey of Cyberattack Countermeasures for UAV

yield different statistics, and require a separate characteriza- received video does not match the expected shadow at a UAV
tion effort. Instead of control statistics, [51] has proposed to location which is calculated from navigation messages.
detect flight anomaly by using movement statistics. Through Other than solar shadow, location consistency for GPS
statistical analysis of flight data, the scheme first establishes a spoofing detection can also be verified using other environ-
flight profile baseline. Then, this baseline is compared against mental features. More specification, the surrounding environ-
a set of simulated hijacking scenarios, where a match in the ment of a UAV must be consistent with the location derived
comparison indicates an attack. In the paper, the proposed using the received navigation messages. For example, if the
scheme is capable of detecting all hijackings where the GPS messages determine that the UAV is flying above a sea,
targeted UAV has been fully compromised and the the flight a picture taken from the UAV must not show it flying above
path has been randomly changed. For other scenarios where a forest. In [56], a method has been proposed to detect GPS
control over hijacked UAV is not consistently asserted by spoofing by using the a camera and a terrain elevation map.
the attacker, the detection may not be successful. The work The method determines an expected video image based the
[52] has proposed an idea to detect flight behavior anomaly UAV’s position which is derived from the GPS messages, and
through deviation in UAV location statistics. Here, location compare that image against the actual image captured by the
statistics are in the form of UAV’s elevation angle and hori- camera.
zontal angle with respect to the ground control station. The In addition to visual based location consistency method
work first builds a standard model for normal UAV behavior described above, there is a rich literature on GPS spoofing
as a regression function of angles. In order to account for detection by checking anomalies in GPS’s radio signal char-
variation in location statistics caused by wind, the standard acteristics. These anomalies are in the form of unusually
model is established using recurrent neural network. At each strong received signal strength and excessively low noise
time instance, the standard model is used to predict a UAV floor levels. Abnormal values may also be observed in auto-
location. The error between the predicted and the actual UAV matic gain control values of GPS receivers [57], arrival angle
location is recorded. When the normalized root mean square of GPS signals [58], signal phase-delay [59], etc. Instead of
of the errors is larger than a threshold, the flight behavior is focusing on a single physical characteristic, [60] has pro-
considered abnormal. posed to consider multiple signal characteristics collectively
Instead of detailed statistics, [53] has proposed to detect using a feedforward artificial neural network (ANN). The
abnormal flight behaviors at a higher level of abstract using ANN input vector consists of signal-to-noise ratio, pseudo
a rule-based method. The work has defined a set of seven range, Doppler shift and carrier phase shift of the GPS signals
potential attack vectors (threats). Each attack vector has been from a number of satellites. The set of training input vec-
transformed into a set of internal system states, where con- tors contain both genuine and spoofed messages, which are
junctive and disjunctive predicates of the state can indicate generated based on actual GPS signal traces at two locations.
the occurrence of an attack. These predicates form the rules Despite such a simple ANN, a detection accuracy of 98% can
and the work has proposed to check these rule following a be achieved with just 2 hidden layers and 3 neurons in each
priority list, where protecting integrity has a higher priority hidden layer. However, these signal’s physical characteris-
than protecting confidential, which has a higher priority than tic detection methods are effective only against basic GPS
protecting availability. In [53], the rule checking can be done spoofing with UAV remains stationary, but not intermediate
on a UAV by its neighbor UAV, or solely on-board where a and advanced attack. Also, these methods are generally not
system component checks on another component. The work reliable in a multipath rich environment, and may require
has defined three types of attackers, namely reckless, random multiple antennas. Typically, a legitimate GPS signal may be
and opportunistic. Evaluation results have shown that the overpowered by the fake GPS signal, but the legitimate signal
proposed method can effectively trade higher false positives still exists. Given this observation, a standalone method that
for lower false negatives in detecting more sophisticated does not require multiple antennas has been proposed in [61].
random and opportunistic attackers. This method detects and tracks any signal correlation peak, in
As a form of message injection, video replay attack can addition to the strongest one. The existence of such a weaker
be detected by finding environmental inconsistency in the correlation peak indicates a GPS spoofing.
video stream. For example, solar shadow of a UAV depends Apart from radio signal characteristics, GPS spoofing can
on the UAV’s location, the sun position and the current time. also be detected by finding anomalies in calculated position
According to [54], an expected solar shadow at a given time coordinates. Generally, these methods calculate a UAV coor-
and UAV location can be determined using an analemmatic dinate from the received navigation messages, and compare
sundial model. Then, a video replay attack is detected if the the calculated coordinates against the coordinates estimated
shadows in the video do not match the expected shadow. Such by a reference model. Then, a GPS spoofing is detected
video analytic approach can also be used to detect navigation when the difference between the two coordinates are large.
message spoofing, which is popular known as GPS spoofing In [62], the reference model is a kinematics state estimator,
in the literature [55]. This is because a mismatch in the solar which takes into account control command and readings
shadow also implies an inconsistency in location. Specifi- from an inertial measurement unit. The method detects a
cally, a GPS spoofing is detected if the solar shadow in a GPS spoofing if the error between the two coordinates is
VOLUME 9, 2021 13

This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
 This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2021.3124996, IEEE Access

P.-Y. Kong: A Survey of Cyberattack Countermeasures for UAV

larger than a threshold. Instead of a threshold, [63] has a C. MITIGATION

similar idea but to detect GPS spoofing by examining the As summarized in Table 5, the impacts and damage incurred
statical distribution of position errors. This is because while by a cyberattack can be reduced through the following five
such errors exist with or without GPS spoofing, the error mitigation methods:
distribution changes in the presence of an attack. The work
• Neutralize the attacker.
has used a support vector machine to learn the abnormality in
• Avoid the attack agent.
such error distributions for accurate detection. However, with
• Provide redundancy.
the use of online learning, the detection become inaccurate
• Exploit uncertainty.
when the attack lasts for a long duration.
• Fail-safe protocol.
The idea of [62] has been adopted by [64], but with a dif- Neutralizing attacker is a unique countermeasure which
ferent state estimator. Compared to a linear transfer function disables a passive eavesdropper by jamming its receiver.
used in [62], the estimator in [64] has applied a combination This is like a channel jamming attack which is launched
of two extended Kalman filters. The benefit of using Kalman by an attack target on the attacker. By overpowering the
filter is that the uncertainty in UAV movements and reference eavesdropper’s radio receiver, it will not be able to sniff the
signals can be incorporated into the decision process. Kalman communication channel for a message. As shown in Table 5,
filter has been used for GPS spoofing detection in [65] but this countermeasure is applicable to message interception,
in a different way. In [65], Kalman filter is not used to message replay attack and message spoofing. This counter-
track uncertainty in the outputs of an estimator because no measure is effective against message replay attack and mes-
estimator is used in this work. Instead of an estimator, [65] sage spoofing because both attacks require the attacker to first
has used a multi-layer tree-structure fuzzy inference process acquire some legitimate messages, to be used in the attacks.
to detect spoofing based on raw navigation signals and in- However, a straightforward channel jamming on the attacker
ertial measurements. Here, Kalman filer is used to account may not be very effective when the attacker is located close to
for uncertainty in the raw measurements; and fuzzy logic is the intended receiver, i.e., the targeted UAV. This is because
adopted to deal with the complex interactions between these the jamming signals may also affect the targeted UAV at
measurements without the need of nonlinear equations. the same time of interfering the eavesdropper. The work
Instead of finding anomalies in GPS signals by compar- [68] has proposed the idea of cooperative jamming, where a
ing against a reference model, [66] has proposed to find friendly UAV is deployed as a jammer close to the location of
such discrepancies by comparing signals from two redundant an eavesdropper. With such cooperative jamming, a scheme
physical systems on-board a UAV. The primary system is has been developed to determine the optimal flight path and
GPS-based which has a high accuracy, but also has a higher transmit power of the friendly UAV jammer, taking into
cost and is potentially more vulnerable to attack. The sec- account the locations of both the eavesdropper and targeted
ondary system may have a lower positioning accuracy, but UAV. This work is built on the physical security technique,
it will provide greater security than that of the GPS-based and information secrecy rate is one of the main performance
system. A GPS spoofing is detected when the difference metrics. While [68] is indeed interesting, it relies on the
between the two systems exceeds a certain threshold for a ability to pinpoint the exact location of an eavesdropper,
certain duration. However, [66] has not clearly stated what which may be difficult to know in practice.
the secondary system can be. Instead of actively transmitting jamming signals, an at-
With reference to Table 4, [55] and [56] described above tacker can also be neutralized by luring it to attack a hon-
can detect GPS spoofing by checking consistency of visual eypot, which is a system whose only value lies in being
images captured by a UAV against the UAV’s supposed envi- attacked. The work [69] has proposed the idea of a Hon-
ronment based on its coordinates which are calculated from eyDrone, which is a portable UAV honeypot to emulate a
received reference messages. Apart from visual images, such number of UAV-specific and UAV-tailored protocols, making
environmental consistency can also be verified by checking a it possible to lure adversaries into attacking it, instead of
UAV’s calculated position against it’s neighbor UAVs’ coor- the original target UAV. The work has argued that such
dinates. More specifically, a GPS spoofing is detected when redirection of an attack is possible as long as the honeypot has
a UAV’s calculated position is not within an acceptable range a stronger signal than the targeted UAV and has been placed
from its immediate UAV neighbors. According to [67], this in a strategic location. In [69], the UAV honeypot operates on
neighbor based coordinate verification can be implemented low-cost Raspberry Pi. By attacking and recording attacks,
using ADS-B system. As described earlier, ADS-B can be the honeypot can shed light into adversaries’ techniques.
used by an aircraft to periodically announce its coordinates. It can be an effective countermeasure to reduce the in-
However, to achieve a position accuracy of around 150 me- fluence of an attack agent by avoiding it. For example, in
ters, this method needs 15 minutes of monitoring time, which channel jamming attack, a UAV may escape from the strong
is long enough for an attacker to hijack a UAV. interfering signals by dynamically switching to another radio
channel. In [70] and [71], a cognitive radio system has been
developed using software-defined radio blocks. The system
14 VOLUME 9, 2021

This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
 VOLUME 9, 2021
TABLE 5. Applicability of mitigation countermeasures to cyberattacks

Countermeasures
Cyberattacks Neutralize attacker Avoid attack agent Provide redundancy Exploit uncertainty Fail-safe protocol
Channel Use cognitive radio to dynamically Against navigation channel Against mobile aerial jamming Pre-determined procedure which
Jamming switch out from the attacked jamming, equip each UAV attack, add uncertainty to UAV controls UAV to autonomously
channels [70], [71]. with multiple receivers, each flight movement and find optimal fly to a safe location [76], to
for a different GNSS. spatial reconfiguration of a self-destruct, etc.
Change flight path to avoid the multiple UAVs formation through
coverage area of an attacker [72]. formulation of multi-player
pursuit-evasion game [75].
Message Launch a channel jamming attack on Change flight path to avoid the
P.-Y. Kong: A Survey of Cyberattack Countermeasures for UAV

Interception the malicious eavesdropper. coverage area of an attacker.

Deploy friendly UAV as cooperative

jammer close to the location of
eavesdropper, control fly path
and transmit power of the friendly
UAV to guarantee a minimum secrecy
rate [68].

Redirect attacker to a fake target

by luring it to a honeypot [69].
Message Pre-determined procedure which
Deletion controls UAV to autonomously
fly to a safe location, to
10.1109/ACCESS.2021.3124996, IEEE Access

self-destruct, etc.
Message Launch a channel jamming attack on Change flight path to avoid the
Injection the malicious eavesdropper to coverage area of an attacker.
prevent it from acquiring new
messages for message replay attack.
Message Launch a channel jamming attack on Change flight path to avoid the Against navigation message spoofing, Pre-determined procedure which
Spoofing the malicious eavesdropper to stop coverage area of an attacker. add uncertainty to UAV’s behavior controls UAV to autonomously
the spoofer from getting source through game theory [73], [74]. fly to a safe location, to
messages for spoofing attack. self-destruct, etc.
On-board Against sensor attack, using Pre-determined procedure which
System more than type of sensors controls UAV to autonomously
Attacks for each critical measurement. fly to a safe location, to
self-destruct, etc.

This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI

15
 This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2021.3124996, IEEE Access

P.-Y. Kong: A Survey of Cyberattack Countermeasures for UAV

performs spectrum sensing to detect jamming signals. Upon a on each other. The work [73] has enlisted a combination
positive detection result, given the agility of software-defined of game theory and cooperative localization to mitigate the
radio, the system can switch all communicating UAVs out impact of navigation message spoofing attack. Generally,
from the attacked channel, to another available channel. cooperative location allows a UAV to determine its own
In addition to radio channel switching, we can also avoid position by using only location information from three other
an attacker by exploring alternatives in spatial domain be- UAVs within its vicinity. For such cooperative localization
cause each attacker has only a limited coverage area. Con- to work, the UAV must know its relative distances to the
sider a UAV performing territorial surveillance and facing three cooperative UAVs and these cooperative UAVs must
physical-layer control channel jamming attack. The work know accurately their own position coordinates. As such,
[72] has proposed a scheme that helps the targeted UAV in cooperative localization will fail if one of the cooperative
autonomously finding a new flight path to avoid the coverage neighbors has suffered from navigation message spoofing.
areas of a group of jammers. The authors have assumed that In [73], the authors assume that the spoofer can only attack
the UAV can locate the jammers, and know the transmission one UAV each time. From the UAV operator’s perspective,
strength of the jammers. Also, the UAV is capable of iden- it is desirable for the spoofer to attack the UAV, but none
tifying the boundary between the jammed and non-jammed of its three cooperative neighbors. As such, the attack can
area. The proposed scheme first identifies all candidate flight be nullified because the attacked UAV can get its loca-
paths, which are selected from all quadratic Bezier curves tion accurately determined through cooperative localization,
connecting the UAV’s current position and a candidate end while other UAVs will still get their location determined
point within the non-jammed area. Among the candidate using navigation messages. Here, cooperative localization
flight paths, an optimal path is selected using a reinforcement is applied only on a UAV, because it is significantly more
learning scheme with stochastic approximation. In addition computationally expensive as compared to localization using
to channel jamming, this flight path rerouting can be effective navigation messages. A problem arises if the attacker chooses
against message interception, message injection and message to spoof a UAV which has not been selected to determine its
spoofing. More specifically, we can change a UAV’s flight coordinate using cooperative localization. The work [73] has
path to avoid geting close to eavesdropping attackers. suggested to form a group of five UAVs, where each UAV
Another countermeasure against navigation channel jam- has four cooperative neighbors. Then, a dynamic Stackelberg
ming is to provide redundancy by installing multiple re- game has been formulated to model the interactions between
ceivers, each for a different GNSS. As such, when navigation the spoofer and a UAV. In the game, the spoofer randomly
messages from one GNSS are jammed, the targeted UAV chooses which UAV as the attack target and modifies accord-
can still receive navigation messages from another GNSS. ingly the radio signal characteristics to avoid being detected.
For example, when GPS is jammed, a UAV may receive Solution of the game helps the UAV operator to optimally
navigation messages from GLONASS, Galileo, or Beidou. choose a UAV from its 5-member cooperative group, to get
Such redundancy approach can be effective and cost-efficient its coordinate determined through cooperative localization.
because there are existing off-the-shelf commercial receiver In another game theory based scheme, [74] has modeled
systems capable of receiving multiple types of GNSS signals. the strategic behavior of a UAV in response to attacker’s
Also, it will probably be too expensive for an adversary to attempt to mislead it with a fraudulent and purposefully
simultaneously jam all the different GNSS. Providing redun- crafted navigation message. The work has characterized the
dancy is also an effective mitigation countermeasure against necessary and sufficient conditions of a perfect Bayesian
the sensor attack in [34], especially when its prevention equilibrium of the game. Based on the equilibrium, the UAV
countermeasure has failed. With reference to Table 3, the can either infer its true position, or decide rationally its
component selection approach may not prevent the attack position that minimizes the deviation from its true position.
because, due to physical limitation, there may be no other In addition to defending against navigation message spoofing
choice for a certain type of sensors. In such a case, the as in [73] and [74], game theory has been used in [75]
impacts of such sensor attack can be mitigated by using against channel jamming attack. In [75], the jammer is a UAV
a multi-sensor system, where each critical measurement is trying to attack the radio channel between two communi-
obtained from more than one type of sensors. For example, cating UAVs. A multi-player pursuit-evasion game has been
in addition to MEM gyroscope, a UAV can install a mechan- formulated to find the optimal spatial reconfiguration of the
ical gyroscope and a laser gyroscope. Also, in addition to pair of UAVs to minimize the jamming duration. The game
gyroscope, a UAV can measure its angular velocity using an formulation takes into account uncertainty in the jammer’s
accelerometer and inertia measurement unit. flight direction, in deciding the angular velocities for the pairs
A UAV will receive the full blown impact only if its of communicating UAVs.
behavior is perfectly predictable by the attacker. As such, Recall that control channel jamming will result in a tar-
we may reduce the attack impact by adding uncertainty geted UAV no longer able to receive commands from the
into a UAV’s behavior, making it less predictable. In the ground control station. In the absence of control commands,
literature, game theory provides a framework to model the a UAV may fly aimlessly or crash to ground. As a mitigation
effects of uncertainty in the behaviors of multiple actors, countermeasure, after losing control signals for a specific
16 VOLUME 9, 2021

This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
 This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2021.3124996, IEEE Access

P.-Y. Kong: A Survey of Cyberattack Countermeasures for UAV

period of time, a UAV will go into a lost link state and • Real-time flight mission registry and tracking: De-
execute a fail-safe protocol. This protocol is a pre-determined velop an efficient system for a UAV to register and
procedure which controls a UAV to autonomously perform update its flight path in real-time. As such, we can
a set of instruction to achieve a desired state. A fail-safe detect UAV misbehavior by tracking its movement and
procedure may guide a UAV to return to its home base, to comparing that against the registered flight path. This
fly to a pre-determined location, to self-destruct avoiding detection method requires only a simple comparison and
capture, etc. Practically, a fail-safe protocol is the last resort thus, is not computationally demanding while compared
when all other mitigation countermeasures have failed. In to various existing methods that detect flight misbehav-
[76], this fail-safe protocol is called roll-back or roll-forward, ior through flight control statistics, movement statistics
which returns or forwards the UAV to a safe state. or location statistics (see Table 4).
• Computationally efficient countermeasures: Develop
V. RESEARCH CHALLENGES AND FUTURE WORKS prevention, detection and mitigation countermeasures
Based on the survey above, a lot of works have been done that require only minimal on-board computation re-
in proposing countermeasures against UAV cyberattacks. In sources. This can be achieved by using machine learning
the following, we highlight the main research challenges in or artificial intelligent techniques, which are compu-
developing such countermeasures: tationally intensive only during the training stage. For
example, after deployment, a trained neural network is
• Limited on-board computation resources: Due to size a simple mapping function. In this context, the training
and weight constraints, UAVs are typically not equipped process must be performed off-board, and the training
with powerful computer. The on-board central process- outcomes can be uploaded to a UAV at its base just
ing unit has limited computation power. Therefore, it before the start of a flight mission. Here, the training
is not reasonable to expect a UAV to perform any process may include the use of adversarial machine
complex algorithm or real-time optimization, as part of learning to model the behaviors of some sophisticated
a countermeasure against cyberattacks. attackers, so that a more robust countermeasure can
• High dependence on reliable communications: Re- be developed. When the flight mission takes a long
gardless of fully autonomous or remotely controlled, time and is complex, the neural network may be re-
UAVs are highly dependent on the availability of re- trained during the mission. In such a case, the new train-
liable communication channels and networks. A UAV ing outcomes must be remotely uploaded to the UAV
needs the communication systems to receive commands through wireless communication channels. This implies
or feedback, as well as to transmit its collected data, a dependence between communication requirement and
to its neighbor UAVs and the ground control station. on-board computation requirement. A lower on-board
These feedback and collected data may include envi- computation requirement through off-board training,
ronmental information, flight statistic, received signal may lead to a higher communication requirement to
characteristics, etc, which are essential to attack de- upload the training outcomes. Thus, there is a need to
tection by the UAV itself or its neighbor UAVs and develop a framework to optimally trade-off computation
control station. Hence, it is not feasible to have a highly and communication requirement for a robust counter-
effective countermeasure without the support of reliable measure.
communications. • Lightweight cryptography: Develop lightweight cryp-
• Information security is necessity: Ensuring informa- tographic encryption algorithm for resource limited
tion confidentiality, integrity and authenticity is not an UAVs. As summarized in Table 3, cryptographic en-
option, but a necessity against UAV cyberattacks. Strong cryption is effective in preventing UAV cyberattacks.
information security can prevent almost all cyberat- Compared to asymmetric cryptography, symmetric
tacks which are launched above physical layer, except cryptography, such as the simple one-time padding
some forms of denial-of-service attacks. However, most algorithm is less computationally complex. However,
commercially available off-the-shelf UAVs for civilian symmetric cryptography requires a secure and reliable
applications make use of self-organize private networks, method to distribute the encryption key, which can
such as Wi-Fi, Bluetooth, Zigbee, etc. Compared to be known only by the pair of sender and receiver.
5G cellular networks, these private networks do not While the symmetric encryption itself may be com-
have a strong security protection against illegal con- putationally simple, the key distribution protocol may
nections, malicious control, unauthorized access, and be complex. Compared to a traditional communication
others. Thus, it is a challenge to protect information se- scenario where the sender and receiver are separated by
curity of low-cost UAVs operating in private networks. a distance at fixed locations, UAVs are mobile nodes.
In the literature, not all the critical research challenges Considering communications between a UAV and the
presented above which have been fully addressed. To close ground control station, the UAV may be co-located with
the research gap, we suggest a few potential future research the control station before flying away for a mission.
works as follows: We can exploit this unique scenario in developing an
VOLUME 9, 2021 17

This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
 This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2021.3124996, IEEE Access

P.-Y. Kong: A Survey of Cyberattack Countermeasures for UAV

efficient key distribution protocol. As an example, we message (GPS) spoofing attack has the most number of
may use a physically secure channel, such as a quantum proposed countermeasures. Also, cryptographic encryption is
communication channel to transfer a sufficiently long effective in preventing almost all types of attacks launched
encryption key to a UAV when it is at the control above physical layer, except some forms of denial-of-service
station. Then, this key will be used in one-time-padding attacks. As the last resort countermeasure, existing fail-safe
encryption of all messages during the flight mission. protocols are important but are not fool-proof. Based on the
The encryption key will be replenished when the UAV survey, we have identified a number of remaining research
returns to the control station at its base. challenges in developing UAV cyberattack countermeasures,
• Robust fail-safe protocol: Develop a fail-safe protocol and have proposed a number of potential future research
which is robust against a combination of control chan- works.
nel jamming and navigation message spoofing attack.
It has been described earlier that after losing control REFERENCES
channel due to jamming, a UAV may activate its fail- [1] Kendra L. B. Cook, “The silent force multiplier: The history and role of
safe protocol to fly autonomously to a pre-determine UAVs in warfare,” IEEE Aerospace Conference, pp. 1-7, March 2007.
location. However, a navigation message spoofing may [2] Mohammad Mozaffari, Walid Saad, Mehdi Bennis, Young-Han Nam, and
Merouane Debba, “A tutorial on UAVs for wireless networks: Applica-
lead the autonomously flying UAV to a wrong location, tions, challenges, and open problems,” IEEE Communications Surveys &
as dictated by the adversary. In such an extreme case, Tutorials, vol. 21, no. 3, pp. 2334-2360, third quarter 2019.
a robust fail-safe procedure should be able to work [3] Azade Fotouhi, Haoran Qiang, Ming Ding, Mahbub Hassan, Lorenzo
Galati Giordano, Adrian Garcia-Rodriguez, and Jinhong Yuan, “Survey
without navigation messages. This can be achieved by on UAV cellular communications: Practical aspects, standardization ad-
making the UAV capable of orientating itself by using vancements, regulation, and security challenges,” IEEEE Communication
only information from its environment. For example, Surveys & Tutorials, vol. 21, no. 4, pp. 3417-3442, fourth quarter 2019.
[4] Yong Zeng, Rui Zhang, and Teng Joon Lim, “Wireless communications
UAV can find its direction based on the orientation of with unmanned aerial vehicles: Opportunities and challenges,” IEEE Com-
sun, moon, and stars, as well as the strength of earth munications Magazine, vol. 54, no. 6, pp. 36-42, may 2016.
magnetic field. [5] Naser Hossein Motlagh, Tarik Taleb, and Osama Arouk, “Low-altitude
• Provide redundancy through swarm of uncorrelated unmanned aerial vehicles-based Internet of Things services: Comprehen-
sive survey and future perspectives,” IEEE Internet Things Journal, vol. 3,
UAVs: Develop an efficient configuration of a UAV no. 6, pp. 899-922, December 2016.
swarm to provide redundancy. In the literature, a UAV [6] Hazim Shakhatreh, Ahmad H. Sawalmeh, Ala Al-Fuqaha, Zuochao Dou,
swarm has been used as a solution to overcome limi- Eyad Almaita, Issa Khalil, Noor Shamsiah, Abdallah Khreishah, and
Mohsen Guisani, “Unmanned aerial vehicles (UAVs): A survey on civil
tation in on-board resources where each UAV takes a applications and key research challenges,” IEEE Access, vol. 7, pp. 48572-
share of computation load in collaboration with other 48634, April 2019.
UAVs in achieving a same objective. As an alternative [7] Kim Hartmann and Keir Giles, “UAV exploitation: A new domain for
cyber power,” International Conference on Cyber Conflict, pp. 205-221,
to this collaborative arrangement, we propose to inves- May 2016.
tigate a UAV swarm as a way to provide uncorrelated [8] Ethan M. Puchaty and Daniel A. DeLaurentis, “A performance study of
redundancy. To be uncorrelated, neighboring UAVs may UAV-based sensor networks under cyber attack,” International Conference
on System of Systems Engineering, pp. 214-219, June 2011.
operate in different communication channels, carry dif- [9] Eman Shaikh, Nazeeruddin Mohammad, and Shahabuddin Muhammad,
ferent messages and use different flight paths. As such, “Model checking based unmanned aerial vehicle (UAV) security analysis,”
when a UAV has been compromised in an attack, not all International Conference on Communications, Signal Processing, and
their Applications (ICCSPA), pp. 1-6, March 2021.
information is leaked and not all communication links
[10] Edwin Vattapparamban, Ismail Guvenc, Ali I. Yurekli, Kemal Akkaya, and
are lost. Selcuk Uluagac, “Drones for smart cities: Issues in cybersecurity, privacy,
and public safety,” International Wireless Communications and Mobile
VI. CONCLUSIONS Computing Conference (IWCMC), pp. 1-6, September 2016.
[11] Riham Altawy and Amr M. Youssef, “Security, privacy, and safety aspects
Unmanned aerial vehicle (UAV) will occupy our airspace in of civilian drones: A survey,” ACM Transactions on Cyber-Physical Sys-
an increasing number to support a wide range of commercial tems, vol.‘1, no. 2, pp. 7:1-25, November 2016.
and civilian application. As an advanced cyper-physical sys- [12] Jean-Paul Yaacoub, Hassan Noura, Ola Salman, and Ali Chehab, “Security
analysis of drones systems: Attacks, limitations, and recommendations,”
tem, UAVs are targets of cyberattacks. We have identified ex- Internet of Things, vol. 11, no. 100218, pp. 1-38, May 2020.
isting UAV cyberattacks and classified them based on the at- [13] Bharat B Madan, Manoj Banik, and Doina Bein, “Securing unmanned au-
tack entry points, into six classes, namely channel jamming, tonomous systems from cyber threats,” Journal of Defense Modeling and
Simulation: Applications, Methodology, Technology, pp. 1-17, February
message interceptions, message deletion, message injection, 2016.
message spoofing and on-board system attack. We have fur- [14] Ahmad Y. Javaid, Weiqing Sun, Vijay K. Devabhaktuni, and Mansoor
ther surveyed existing literature for countermeasures against Alam, “Cyber security threat analysis and modeling of an unmanned aerial
vehicle system,” IEEE Conference on Technology for Homeland Security
the attacks. We have classified the countermeasures into three (HST), pp. 585-590, November 2012.
classes, namely prevention, detection and mitigation. Such [15] Vyacheslav Kharchenko and Volodymyr Torianyk, “Cybersecurity of the
classification is useful because a countermeasure may not be internet of drones: Vulnerabilities analysis and IMECA based assessment,”
exclusive to a attack class and thus, can be more broadly IEEE International Conference on Dependable Systems, Services and
Technologies (DESSERT), pp. 364-369, May 2018.
applicable against other attacks which may not be what it [16] Leela Krishna C. G. and Robin R. Murphy, “A review on cybersecurity vul-
was originally developed for. We have noticed that navigation nerabilities for unmanned aerial vehicles,” IEEE International Symposium

18 VOLUME 9, 2021

This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
 This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2021.3124996, IEEE Access

P.-Y. Kong: A Survey of Cyberattack Countermeasures for UAV

on Safety, Security and Rescue Robotics (SSRR), pp. 194-199, October on Wireless Communications and Signal Processing (WCSP), pp. 1-6,
2017. October 2017.
[17] Mohsen Riahi Manesh and Naima Kaabouch, “Cyber attacks on unmanned [39] Guangchi Zhang, Qingqing Wu, Miao Cui, and Rui Zhang, “Securing UAV
aerial system networks: Detection, countermeasure, and future research communications via trajectory optimization,” IEEE Global Communica-
directions,” Computers & Security, vol. 85, pp. 386-401, August 2019. tions Conference (Globecom), pp. 1-6, December 2017.
[18] Fernando Augusto Garcia Muzzi, Paulo Rogerio de Mello Cardoso, Daniel [40] Nils Miro Rodday, Ricardo de O. Schmidt, and Aiko Pras, “Exploring
Fernando Pigatto, and Kalinka Regina Lucas Jaquie Castelo Branco, security vulnerabilities of unmanned aerial vehicles,” IEEE/IFIP Network
“Using botnets to provide security for safety critical embedded systems Operations and Management Symposium (NOMS), pp. 993-994, April
- A case study focused on UAVs,” Journal of Physics Conference Series, 2016.
vol. 633, no. 1, no. 012053, September 2015. [41] Isaac J. Jensen, Daisy Flora Selvaraj, and Prakash Ranganathan,
[19] Ahmad Y. Javaid, Weiqing Sun, and Mansoor Alam, “ UAVSim: A “Blockchain technology for networked swarms of unmanned aerial ve-
simulation testbed for unmanned aerial vehicle network cyber security hicles (UAVs),” IEEE International Symposium on A World of Wireless,
analysis,” IEEE Globecom Workshops, pp. 1432-1436, December 2013. Mobile and Multimedia Networks (WoWMoM), pp. 1-7, June 2019.
[20] VideoJak, [online] http://videojak.sourceforge.net [42] Parimal Mehta, Rajesh Gupta, and Sudeep Tanwar, “Blockchain envi-
[21] Liang He, Wei Li, Chengjun Guo, Ruizhao Niu, “Civilian unmanned aerial sioned UAV networks: Challenges, solutions, and comparisons,” Computer
vehicle vulnerability to GPS spoofing attacks,” International Symposium Communications, vol. 151, pp. 518-538, February 2020.
on Computational Intelligence and Design, pp. 212-215, December 2014. [43] Ivan García-Magarino, Raquel Lacuesta, Muttukrishnan Rajarajan, and
[22] Sait Murat Giray, “Anatomy Of unmanned aerial vehicle hijacking with Jaime Lloret, “Security in networks of unmanned aerial vehicles for
signal spoofing,” International Conference on Recent Advances in Space surveillance with an agent-based approach inspired by the principles of
Technologies (RAST), pp. 795–800, August 2013. Blockchain,” Ad Hoc Networks, vol. 86, pp. 72-82, April 2019.
[23] Todd Humphreys, “Statement on the vulnerability of civil unmanned aerial [44] Elias Ghribi, Tala Talaei Khoei, Hamed Taheri Gorji, Prakash Ran-
vehicles and other systems to civil GPS spoofing,” Submission to the ganathan, and Naima Kaabouch, “A secure Blockchain-based communi-
Subcommittee on Oversight, Investigations, and Management of the House cation approach for UAV networks,” IEEE International Conference on
Committee on Homeland Security, University of Texas at Austin, July Electro Information Technology (EIT), pp. 411-415, July 2020.
2012. [45] Ammar Ahmed Khan, Muhammad Mubashir Khan, Kashif Mehboob
[24] Andrew J. Kerns, Daniel P. Shepard, Jahshan A. Bhatti, and Todd E. Khan, Junaid Arshad, and Farhan Ahmad, “A blockchain-based decen-
Humphreys, “Unmanned aircraft capture and control via GPS spoofing,” tralized machine learning framework for collaborative intrusion detection
Journal of Field Robotics, vol. 31, no. 4 pp. 617–636, July 2014. within UAVs,” Computer Networks, vol. 196, no. 4, pp. 108217, September
2021.
[25] Tae-Hee Kim, Cheon Sig Sin, and Sanguk Lee, “Analysis of effect of
spoofing signal in GPS receiver,” International Conference on Control, [46] Daniele Borio and Ciro Gioia, “Real-time jamming detection using the
Automation and Systems (ICCAS) pp. 2083-2087, October 2012. sum-of-squares paradigm,” International Conference Localization GNSS
(ICL-GNSS), pp. 1-6, June 2015.
[26] Michael Hooper, Yifan Tian, Runxuan Zhou, Bin Cao, Adrian P. Lauf,
[47] Hichem Sedjelmaci, Sidi Mohammed Senouci, and Mohamed-Ayoub
Lanier Watkins, William H. Robinson, and Wlajimir Alexis, ”Securing
Messous, “How to detect cyberattacks in unmanned aerial vehicles net-
commercial WiFi-based UAVs from common security attacks,” IEEE Mil-
work?” IEEE Global Communications Conference (GLOBECOM), pp. 1-
itary Communications Conference (MILCOM), pp. 1213–1218, November
6, December 2016.
2016.
[48] Hichem Sedjelmaci, Sidi Mohammed Senouci, and Nirwan Ansari, “A
[27] Aircrack-ng, [online] https://www.aircrack-ng.org
hierarchical detection and response system to enhance security against
[28] Daojing He, Sammy Chan, and Mohsen Guizani, “Communication secu-
lethal cyber-attacks in UAV networks.” IEEE Transactions on Systems,
rity of unmanned aerial vehicles,” IEEE Wireless Communications, vol. 24,
Man, and Cybernetics: Systems, vol. 48, no. 9, pp.1594-1606, September
no. 4, pp. 134-139, August 2017.
2018.
[29] Ottilia Westerlund and Rameez Asif, “Drone hacking with Raspberry-Pi [49] Rakesh Shrestha, Atefeh Omidkar, Sajjad Ahmadi Roudi, Robert Abbas,
3 and WiFi Pineapple: Security and privacy threats for the Internet-of- and Shiho Kim, “Machine-learning-enabled intrusion detection system for
Things,” International Conference on Unmanned Vehicle Systems-Oman cellular connected UAV networks,” Electronics, vol. 10, no. 1549. pp. 1-
(UVS), pp. 1-10, February 2019. 28, June 2021.
[30] SkyKack. [online] https://github.com/samyk/skyjack [50] Zachary Birnbaum, Andrey Dolgikh, Victor Skormin, Edward O’Brien,
[31] Martin Strohmeier, Matthias Schafer, Vincent Lenders, and Ivan Mar- and Daniel Muller, “Unmanned aerial vehicle security using recursive
tinovic, “Realities and challenges of nextgen air traffic management: parameter estimation,” International Conference on Unmanned Aircraft
The case of ADS-B,” IEEE Communications Magazine, vol. 52, no. 5, Systems (ICUAS), pp. 692-701, May 2014.
pp. 111–118, May 2014. [51] Jason McNeely, Michael Hatfield, Abir Hasan, and Nusrat Jahan, “Detec-
[32] Pietro Pierpaoli, Magnus Egerstedt, and Amir Rahmani, “Altering UAV tion of UAV hijacking and malfunctions via variations in flight data statis-
flight path by threatening collision,” IEEE/AIAA Digital Avionics Systems tics,” IEEE International Carnahan Conference on Security Technology
Conference (DASC), pp. 4A4:1-10, September 2015. (ICCST), pp. 1-8, October 2016.
[33] Katrina Mansfield, Timothy Eveleigh, Thomas H. Holzer, and Shahryar [52] Ke Xiao, Jianyu Zhao, Yunhua He, Chaofei Li, and Wei Cheng, “Abnormal
Sarkani, “Unmanned aerial vehicle smart device ground control station cy- behavior detection scheme of UAV using recurrent neural networks,” IEEE
ber security threat model,” IEEE International Conference on Technology Access, vol. 7, pp. 110292-110305, August 2019.
for Homeland Scurity (HST), pp. 722-728, November 2013. [53] Robert Mitchell and Ing-Ray Chen, “Adaptive intrusion detection of ma-
[34] Yunmok Son, Hocheol Shin, Dongkwan Kim, Youngseok Park, Juhwan licious unmanned air vehicles using behavior rule specifications,” IEEE
Noh, Kibum Choi, Jungwoo Choi, and Yongdae Kim, “Rocking drones Transactions on Systems, Man and Cybernetic: Systems, vol. 44. no. 5,
with intentional sound noise on gyroscopic sensors,” USENIX Conference pp. 503-604, May 2014.
on Security Symposium, pp. 881-896, August 2015. [54] Lin Wu and Xiaochun Cao, “Geo-location estimation from two shadow
[35] Drew Davidson, Hao Wu, and Robert Jellinek, Thomas Ristenpart, ad trajectories,” IEEE Conference on Computer Vision and Pattern Recogni-
Vikas Singh, “Controlling UAVs with sensor input spoofing attacks,” tion (CVPR), pp. 585–590, June 2010.
USENIX Workshop on Offensive Technologies (WOOT), pp. 1-11, August [55] Imran N. Junejo and Hassan Foroosh, “GPS coordinates estimation and
2016. camera calibration from solar shadows,” Computer Vision and Image
[36] Jessica A. Steinmann, Radu F. Babiceanu, and Remzi Seker, ”UAS secu- Understanding, vol. 114, no. 9, pp. 991–1003, September 2010.
rity: Encryption key negotiation for partitioned data,” Integrated Commu- [56] Brandon T. Carroll, “Using motion fields to estimate video utility and de-
nications Navigation and Surveillance Conference (ICNS), April 2016. tect GPS spoofing,” Master of Science Thesis, Brigham Young University,
[37] Michal Podhradsky, Calvin Coopmans, and Nathan Hoffer, “Improving United State of America, 2012.
communication security of open source UAVs: Encrypting radio control [57] Dennis M. Akos, “Who’s afraid of the spoofer? GPS/GNSS spoofing
link,” International Conference on Unmanned Aircraft Systems (ICUAS), detection via automatic gain control (AGC),” Navigation 59, vol. 4,
pp. 1153-1159, June 2017. pp. 281–290, October 2012.
[38] Chenxi Liu, Tony Q. S. Quek, and Jemin Lee, “Secure UAV communi- [58] Paul Y. Montgomery, Todd E. Humphreys, and Brent M. Ledvina,
cation in the presence of active eavesdropper,” International Conference “Receiver-autonomous spoofing detection: Experimental results of a

VOLUME 9, 2021 19

This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
 This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2021.3124996, IEEE Access

P.-Y. Kong: A Survey of Cyberattack Countermeasures for UAV

multi-antenna receiver defense against a portable civil GPS spoofer,” ION

International Technical Meeting pp. 124-130, January 2009.
[59] J. Magiera and R. Katulski “Detection and Mitigation of GPS Spoofing
Based on Antenna Array Processing,” Journal of Applied Research and
Technology, vol. 13, no. 1, pp. 45-47, February 2015.
[60] Mohsen Riahi Manesh, Jonathan Kenney, Wen Chen Hu, Vijaya Kumar
Devabhaktuni, and Naima Kaabouch, “Detection of GPS spoofing attacks
on unmanned aerial systems,” IEEE Annual Consumer Communications
and Networking Conference (CCNC), pp. 1-6, January 2019.
[61] Aanjhan Ranganathan, Hildur Olafsdottir, and Srdjan Capkun, “SPREE: A
spoofing resistant GPS receiver,” ACM Conference on Mobile Computing
and Networking (MOBICOM), pp. 348–360, October 2016.
[62] Qiang Zou, Sunan Huang, Feng Lin, and Ming Cong,“Detection of GPS
spoofing based on UAV model estimation,” IEEE Conference on Industrial
Electronics Society (IECON), pp. 6097-6102, October 2016.
[63] G. Panice, S. Luongo, G. Gigante, D. Pascarella, C. Di Benedetto, A.
Vozella, and A. Pescape, “A SVM-based detection approach for GPS
spoofing attacks to UAV,” International Conference on Automation and
Computing (ICAC), pp. 1-11, September 2017.
[64] Sun Leyuan, Huang Wende, Zhou Yifan, Wang Yueke, and Yang Jun,
“GPS spoofing detection of unmanned aerial vehicles by dynamics iden-
tification,” IEEE CSAA Guidance, Navigation and Control Conference
(CGNCC), pp. 1-6, August 2018.
[65] Kathleen A. Kramer and Stephen C. Stubberud, “Fuzzy evidence accrual
for GPS navigation protection of UAVs,” IEEE AESS European Conf.
Satellite Telecommunications (ESTEL), pp. 1-7, October 2012.
[66] Michelle S. Faughnan, Brian J. Hourican, G. Collins MacDonald, Megha
Srivastava, John-Patrick A. Wright, Yacov Y. Haimes, Eva Andrijcic,
Zhenyu Guo, and James C. White, “Risk analysis of unmanned aerial vehi-
cle hijacking and methods of its detection,” IEEE Systems and Information
Engineering Design Symposium (SIEDS), pp. 145-150, April 2013.
[67] Kai Jansen, Matthias Schafer, Daniel Moser, Vincent Lenders, Christina
Popper, and Jens Schmitt, “Crowd-GPS-Sec: Leveraging crowdsourcing
to detect and localize GPS spoofing attacks,” IEEE Symposium on Security
and Privacy (SP), pp. 1-14, May 2018.
[68] Hoon Lee, Subin Eom, Junhee Park, and Inkyu Lee, “UAV-aided secure
communications with cooperative jamming,” IEEEE Transactions on Ve-
hicular Technology, vol. 67, no. 10, pp. 9385-9392, October 2018.
[69] Jorg Daubert, Dhanasekar Boopalan, Max Muhlhauser, and Emmanouil
Vasilomanolakis, “HoneyDrone: A medium-interaction unmanned aerial
vehicle honeypot,” IEEE/IFIP Network Operations and Management Sym-
posium (NOMS), pp. 1-6, April 2018.
[70] Hector Reyes and Naima Kaabouch, “Improving the reliability of un-
manned aircraft system wireless communications through cognitive radio
technology,” Communications and Network, vol. 5, no. 3, pp. 225-230,
August 2013.
[71] Hector Reyes, Nickolas Gellerman, and Naima Kaabouch “A cognitive
radio system for improving the reliability and security of UAS/UAV
networks,” IEEE Aerospace Conference, pp. 1-9, March 2015.
[72] Ronnie Johansson, Peter Hammar, and Patrik Thoren, “On simulation-
based adaptive UAS behavior during jamming,” Workshop on Research,
Education and Development of Unmanned Aerial Systems (RED-UAS),
pp. 78-83, October 2017.
[73] Abdelrahman Eldosouky, Aidin Ferdowsi, and Walid Saad, “Drones in
distress: A game-theoretic countermeasure for protecting UAVs against
GPS spoofing,” IEEE Internet of Things Journal, vol. 7, no. 4, pp. 2840-
2854, April 2020.
[74] Tao Zhang and Quanyan Zhu, “Strategic defense against deceptive civilian
GPS spoofing of unmanned aerial vehicles,” International Conference on
Decision and Game Theory for Security, pp . 213-233, October 2017.
[75] Sourabh Bhattacharya and Tamer Basar, “Game-theoretic analysis of an
aerial jamming attack on a UAV communication network,” American
Control Conference, pp. 818-823, June 2010.
[76] Seana Hagerman, Anneliese Andrews, and Stephen Oakes, “Security
testing of an unmanned aerial vehicle (UAV),” IEEE Cybersecurity Sym-
posium (CYBERSEC), pp. 1-6, April 2016.

20 VOLUME 9, 2021

This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/