Simulation of Sensor Spoofing Attacks on Unmanned Aerial Vehicles Using the Gazebo Simulator

TL;DR

This paper demonstrates how to simulate sensor spoofing attacks on UAVs using Gazebo, focusing on LiDAR and GPS vulnerabilities exploited via ROS and MAVLink protocols to test vehicle security in a controlled environment.

Contribution

It introduces a method to simulate sophisticated sensor spoofing attacks on UAVs within Gazebo, addressing a gap in security testing in vehicle simulators.

Findings

Sensor spoofing attacks can be effectively simulated in Gazebo.

Vulnerabilities in ROS and MAVLink enable message injection and parameter manipulation.

Simulated attacks can cause UAV crashes, demonstrating potential security risks.

Abstract

Conducting safety simulations in various simulators, such as the Gazebo simulator, became a very popular means of testing vehicles against potential safety risks (i.e. crashes). However, this was not the case with security testing. Performing security testing in a simulator is very difficult because security attacks are performed on a different abstraction level. In addition, the attacks themselves are becoming more sophisticated, which directly contributes to the difficulty of executing them in a simulator. In this paper, we attempt to tackle the aforementioned gap by investigating possible attacks that can be simulated, and then performing their simulations. The presented approach shows that attacks targeting the LiDAR and GPS components of unmanned aerial vehicles can be simulated. This is achieved by exploiting vulnerabilities of the ROS and MAVLink protocol and injecting malicious processes into an application. As a result, messages with arbitrary values can be spoofed to the corresponding topics, which allows attackers to update relevant parameters and cause a potential crash of a vehicle. This was tested in multiple scenarios, thereby proving that it is indeed possible to simulate certain attack types, such as spoofing and jamming.