Network intrusion detection system for drone fleet using both spectral analysis and robust controller / observer

Abstract : This paper proposes a robust controller / observer for anomaly estimation inside UAV networks. This method is based on both Lyapunov Krasovkii functional and dynamic behavior of TCP (Transmission Control Protocol). This observer considers, as a preliminary step, a statistical signature of the traffic exchanged in the network. Both observer and spectral signature provide an accurate estimation of the traffic which is used to detect and characterize the different anomalies that can be observed in the UAV network. Consequently, the different signatures that we can process, based on the different types of intrusion we generate in the network, are used to select the accurate model for robust control estimation. This selection is conducted by choosing a specific controller / observer among a dedicated bank of models. The first statistical signature extraction of the analyzed traffic is run with a multi-fractal analysis. This solution based on wavelet analysis has been selected because it offers a wide spectral characterization of the entire traffic process. The wavelet-based analysis methodology has been widely used for the last decade for Internet traffic characterization but this is the first time that this tool has been used on a UAV ad hoc network traffic. Moreover, several research studies on network anomaly estimation have been carried out using automatic control techniques. These studies provide methods for designing both observer and command laws dedicated to time delay problems while estimating the anomaly or intrusion in the system. As a first result, the designed controller / observer system has been successfully applied to some relevant practical problems such as ad hoc networks for aerial vehicles and the effectiveness is illustrated by using real traffic traces including Distributed Denial of Service (DDoS) attacks. Our first results show promising perspectives for Intrusion Detection System (IDS) in a fleet of UAVs. Indeed, different types of anomaly have been considered and they are all accurately detected by the intrusion detection process we propose in this paper.
Type de document :
Pré-publication, Document de travail
2017
Liste complète des métadonnées

Littérature citée [32 références]  Voir  Masquer  Télécharger

https://hal-enac.archives-ouvertes.fr/hal-01652296
Contributeur : Laurence Porte <>
Soumis le : jeudi 14 décembre 2017 - 20:15:02
Dernière modification le : mardi 5 juin 2018 - 14:50:15

Fichier

network.pdf
Fichiers produits par l'(les) auteur(s)

Date de la conférence

Identifiants

  • HAL Id : hal-01652296, version 1

Collections

Citation

Jean-Philippe Condomines, Riad Chemali, Nicolas Larrieu. Network intrusion detection system for drone fleet using both spectral analysis and robust controller / observer. 2017. 〈hal-01652296〉

Partager

Métriques

Consultations de la notice

236

Téléchargements de fichiers

42