Design of a novel network intrusion detection system for drone communications

Abstract : This paper proposes an hybrid method based on both a spectral traffic analysis and a robust controller / observer for anomaly estimation inside UAV networks. This method is based on both Lyapunov Krasovskii functional and dynamic behavior of Transmission Control Protocol (TCP) and User Datagram Protocol (UDP). The proposed hybrid method considers, as a preliminary step, a statistical signature of the traffic exchanged in the network. By looking up this signature in a bank of signatures, it is possible to characterize the different anomalies that can be observed in UAV networks. Consequently, the different signatures that we can process, based on the different types of intrusion we generate in the network, are used to select the accurate model for robust control estimation. This selection is conducted by choosing a specific controller / observer among a dedicated bank of models. The first statistical signature extraction of the analyzed traffic is done with a multi-fractal analysis. This solution based on wavelet analysis has been selected because it offers a wide spectral characterization of the entire traffic process. The wavelet-based analysis methodology has been widely used for the last decade for Internet traffic characterization but this is the first time that this tool has been used on a UAV ad hoc network traffic. Moreover, several research studies on network anomaly estimation have been carried out using automatic control techniques. These studies provide methods for designing both observer and commandlaws dedicated to time delay problems while estimating the anomaly or intrusion in the system. As a first result, the spectral analysis tool has provided clearly distinguishable signatures between the traffics with and without anomalies. Then, the designed controller / observer system has been successfully applied to some relevant practical problems such as ad hoc networks for aerial vehicles and its effectiveness is illustrated by using real traffic traces including Distributed Denial of Service (DDoS) attacks. Our first results show promising perspectives for Intrusion Detection System (IDS) in a fleet of UAVs. Indeed, different types of anomaly have been considered and they are all accurately detected by the intrusion detection process we propose in this paper.
Document type :
Conference papers
Complete list of metadatas

https://hal-enac.archives-ouvertes.fr/hal-01886536
Contributor : Laurence Porte <>
Submitted on : Monday, October 8, 2018 - 10:55:14 PM
Last modification on : Thursday, February 7, 2019 - 4:54:12 PM
Long-term archiving on : Wednesday, January 9, 2019 - 4:29:45 PM

File

HAL-ENAC.pdf
Files produced by the author(s)

Identifiers

Collections

Citation

Ruohao Zhang, Jean-Philippe Condomines, Nicolas Larrieu, Riad Chemali. Design of a novel network intrusion detection system for drone communications. DASC 2018, 37th AIAA/IEEE Digital Avionics Systems Conference, Sep 2018, Londres, United Kingdom. ⟨10.1109/DASC.2018.8569300⟩. ⟨hal-01886536⟩

Share

Metrics

Record views

65

Files downloads

139