Black-box Stealthy GPS Attacks on Unmanned Aerial Vehicles

TL;DR

This paper demonstrates that UAVs with GPS and IMU sensors are vulnerable to stealthy false data injection attacks that can cause significant deviations in flight paths without detection, even without system model access.

Contribution

It introduces a general framework for stealthy GPS attacks on UAVs, showing they can be effective under broad conditions without system model knowledge.

Findings

Stealthy attacks can cause large position deviations.

Attacks are possible without system model access.

Incremental exponential stability enables such attacks.

Abstract

This work focuses on analyzing the vulnerability of unmanned aerial vehicles (UAVs) to stealthy black-box false data injection attacks on GPS measurements. We assume that the quadcopter is equipped with IMU and GPS sensors, and an arbitrary sensor fusion and controller are used to estimate and regulate the system's states, respectively. We consider the notion of stealthiness in the most general form, where the attack is defined to be stealthy if it cannot be detected by any existing anomaly detector. Then, we show that if the closed-loop control system is incrementally exponentially stable, the attacker can cause arbitrarily large deviation in the position trajectory by compromising only the GPS measurements. We also show that to conduct such stealthy impactfull attack values, the attacker does not need to have access to the model of the system. Finally, we illustrate our results in a UAV case study.