FANET was coined for flying ad hoc networks, for example, unmanned aerial vehicles (UAVs). This survey paper is an in-depth discussion of the cybersecurity concerns and shortcomings unique to UAVs, as compared to more established mobile ad hoc networks (MANETs). In particular, the paper provides many detailed examples focusing on: “(i) security and privacy threats ..., (ii) security threats in FANETs related to the first four layers of the Open Systems Interconnection (OSI) model, and (iii) security solutions available to address [these unique UAV] threats.” As FANET is a “decentralized flexible network environment [across] both heterogeneous and homogeneous UAVs,” solutions and standards are still evolving.
UAVs and drones are widely used--800 thousand are registered with the Federal Aviation Administration (FAA). While 60 percent are for recreational use, the others are used commercially for search and rescue (SAR), remote monitoring, and other time-critical activities. This long survey is very detailed, with colorful pictorial examples of some of the unique FANET challenges. Threat vectors consist of six connection types and six node types. The authors classify and compare 13 security threads, and discuss how these change over Internet of Drones (IoD), 5G mobile networks, radio waves, wireless local area networks (WLANs), wireless sensor networks (WSNs), and others.
Next, 12 security threads and 31 security solutions with the OSI network layers lead to seven particular routing protocol types with 22 related security solutions. Finally, the authors classify 23 specific security threads based on seven security requirements, and then compare these to 40 proposed security solutions. This extensive discussion also compares six existing standards and their limitations.
The IoD is a network architecture that provides navigation services to drones within controlled air spaces. The paper shows both node-to-node and end-to-end services and applications. In addition, the typical components of an unmanned aircraft system (UAS) include a ground controlling device, a UAV flying component, and various data links. Communication is a critical issue for fast-moving multi-UAV systems. The architectures vary between single ground systems, to satellite communication extensions, to multi-ground systems (handing off control) and even node-to-node (UAV to UAV) communication. These cooperating UAVs have unique security concerns compared to MANETs (basically swarms of communicating mobile devices).
Aside from the variations in deployment configurations, a major portion of the paper deals with FANET security threats. The STRIDE threat model from Microsoft forms a good overview and is valuable for other security issues. STRIDE stands for spoofing identity (authentication), tampering with data (integrity), repudiation (not-repudiation), information disclosure (confidentiality), denial of service (availability), and elevation of privilege (authorization). The survey uses STRIDE as a way to fill in the gaps from other surveys. The threat vectors are then analyzed, such as eavesdropping, replay, impersonating, and jamming.
The paper shines in its examples with nice diagrams. For example, a replay attack is shown where a malicious user listens to an unencrypted data message from a ground system to a UAV. They then replay that message and get the UAV to a different location. This is repeated with man-in-the-middle (MITM), denial-of-service (DoS), backdoor, flooding, and other typical security issues.
The paper discusses these scenarios across the data link layer, network layer, routing protocols, and transport layer. A long section discusses various solutions to these challenges (such as better encryption), followed by how the UAV industry could “implement a clear set of standards across the board.”
This detailed survey is not only valuable to the UAV community, but also to others who deal with similar mobile communication threats.
