Design of a novel network intrusion detection system for drone communications

Abstract : This paper proposes an hybrid method based on both a spectral traffic analysis and a robust controller / observer for anomaly estimation inside UAV networks. This method is based on both Lyapunov Krasovskii functional and dynamic behavior of Transmission Control Protocol (TCP) and User Datagram Protocol (UDP). The proposed hybrid method considers, as a preliminary step, a statistical signature of the traffic exchanged in the network. By looking up this signature in a bank of signatures, it is possible to characterize the different anomalies that can be observed in UAV networks. Consequently, the different signatures that we can process, based on the different types of intrusion we generate in the network, are used to select the accurate model for robust control estimation. This selection is conducted by choosing a specific controller / observer among a dedicated bank of models. The first statistical signature extraction of the analyzed traffic is done with a multi-fractal analysis. This solution based on wavelet analysis has been selected because it offers a wide spectral characterization of the entire traffic process. The wavelet-based analysis methodology has been widely used for the last decade for Internet traffic characterization but this is the first time that this tool has been used on a UAV ad hoc network traffic. Moreover, several research studies on network anomaly estimation have been carried out using automatic control techniques. These studies provide methods for designing both observer and command laws dedicated to time delay problems while estimating the anomaly or intrusion in the system. As a first result, the spectral analysis tool has provided clearly distinguishable signatures between the traffics with and without anomalies. Then, the designed controller / observer system has been successfully applied to some relevant practical problems such as ad hoc networks for aerial vehicles and its effectiveness is illustrated by using real traffic traces including Distributed Denial of Service (DDoS) attacks. Our first results show promising perspectives for Intrusion Detection System (IDS) in a fleet of UAVs. Indeed, different types of anomaly have been considered and they are all accurately detected by the intrusion detection process we propose in this paper.
Type de document :
Communication dans un congrès
DASC 2018, 37th AIAA/IEEE Digital Avionics Systems Conference, Sep 2018, Londres, United Kingdom
Liste complète des métadonnées

https://hal-enac.archives-ouvertes.fr/hal-01886536
Contributeur : Laurence Porte <>
Soumis le : lundi 8 octobre 2018 - 22:55:14
Dernière modification le : mercredi 10 octobre 2018 - 14:34:14

Fichier

HAL-ENAC.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : hal-01886536, version 1

Collections

Citation

Ruohao Zhang, Jean-Philippe Condomines, Nicolas Larrieu, Riad Chemali. Design of a novel network intrusion detection system for drone communications. DASC 2018, 37th AIAA/IEEE Digital Avionics Systems Conference, Sep 2018, Londres, United Kingdom. 〈hal-01886536〉

Partager

Métriques

Consultations de la notice

39

Téléchargements de fichiers

35