Share, , Google Plus, Pinterest,


Posted in:

Drone Detection Systems: Intrusion Detection for the Sky

To prevent intruders, organizations install locks and alarm systems on their physical buildings, and implement firewalls and intrusion-detection systems on their networks. With advancements in drone technology, it’s time to start thinking about protecting the airspace, too.

Drones are among the fastest growing technologies available. According to the marketing and investment firm Kleiner Perkins Caufield & Byers, the worldwide market for consumer drones has experienced a 167% jump in sales in just two years. World drone sales have already hit 4.3 million units, and the market is estimated to be worth about $1.7 billion. This holiday season alone, the Federal Aviation Administration estimated that there were as many as one million drones sold in the U.S.

While consumers are showing a strong interest in drones for recreational use, most companies are still exploring hypothetical use cases. Security researchers, meanwhile, have been quick to demonstrate the risks drones pose to organizations. Just in the past year we’ve seen several examples of how drones can be used to steal sensitive data:

  • At Black Hat Asia 2015, security firm SensePost introduced its Snoopy drone, which is designed to hack smartphones and steal data unbeknownst to the user.
  • At DEFCON 2015, David Jordan of Aerial Assault introduced a drone designed to penetrate test networks. The $2,500 device can also collect unencrypted data.
  • Student security researchers in Singapore developed software that can be loaded onto a smartphone that is attached to a drone. The software identifies open Wi-Fi printers, and then establishes a fake access point to intercept documents.

This is just the beginning. With drones becoming increasingly available to a wider consumer base, we are certain to see in the near future, real-life attempts to steal data and eavesdrop on networks. A drone that can carry up to 11 pounds and fly over a mile can be bought on the Internet for less than $2,000. Using a GPS and autopilot, many drones can fly a programmed route without a pilot – so an attacker can be in a completely different location. Drones link physical security with cyber security by offering the possibility to carry snooping devices very close to data centers and networks. The question that remains is how do you prevent such an attack?

Unfortunately, it’s not easy. Given their size, speed and varying shape, drones can be difficult to detect via any single monitoring method. For example, audio detection can be difficult in noisy city areas, and would not recognize silent drones, such as so-called gliders or fixed-wing drones. The drone’s sound alone also does not enable its localization – it could just as well fly legally outside the fence when detected. Cameras would not be able to recognize all shape-changed drones, for example drones that look like birds. Radar is traditionally used to detect aerial vehicles, but it wasn’t designed to detect drone technology and must be modified to be effective.

What corporations need is a drone detection system. Think of it as an intrusion detection system for the sky. A reliable drone detection system uses multiple mechanisms that interact to detect drones based on their noise, shape, movement patterns and frequencies to ensure accuracy. This way, they don’t depend on any single detection method that can be minimally effective under varying conditions.

An effective drone detection system consists of a cloud-based network of sensors that detect drones in real time based on signatures. Various characteristics, such as noise, flying behavior and silhouette are analyzed to determine whether the entity flying through the air space is indeed a drone or a bird, for example. The use of multiple sensors also helps to reduce false alarms.

Drone detection technology still has some maturing to do, but providers are working hard to develop them further. For now, any response to detected drones is performed offline. In the future, however, it is reasonable to expect that a response will be performed through the sensors. In addition, drone detection systems will be integrated with network-based intrusion-detection and prevention systems, and radar will be modified appropriately. Depending on the application field, there are various ways of reacting to a drone alert. Although it is technically possible to shoot a drone down or to interfere with radio and GPS signals using a jammer or a spoofer, this course of action involves a lot of legal uncertainties. An out-of-control drone can damage property or even pose a risk to human life and limb. Besides, the effects of jammers and spoofers are not restricted to the radio and GPS signals of the targeted drone, but also interfere with other devices in the vicinity. However, many anti-drone measures are available that are individually determined by the user and do not involve shooting the drone down. The security staff can for example lead people to safety, block the view, lock doors and gates, search site for dropped objects and search for the pilot. In addition, alert videos provide important documentary evidence and help to analyze the incident and identify the culprit(s).

Organizations can’t wait – nor should they. Drone detection systems are ready for production use now. Organizations must make a proactive investment in protecting their airspace.