Hide and Seek: Privacy-Preserving and FAA-compliant Drones Location Tracing

Alessandro Brighente; Mauro Conti; Savio Sciancalepore

doi:10.1145/3538969.3543784

Hide and Seek: Privacy-Preserving and FAA-compliant Drones Location Tracing

Alessandro Brighente, Mauro Conti, Savio Sciancalepore

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

7 Citations (Scopus)

Abstract

Due to the frequent unauthorized invasions by commercial drones to Critical Infrastructures (CIs), the US-based Federal Avionics Administration (FAA) recently published a new specification, namely RemoteID. Such a rule requires all drones to broadcast information about their identity and location, to allow for immediate invasion attribution and counter-actions. However, the enforcement of such a rule poses severe concerns on drones' operators, especially in terms of location privacy and tracking threats. Indeed, by simply receiving wireless signals, an adversary could know the precise drone location, track it, and infer sensitive information. In this paper, we demonstrate that CI operators can detect timely and efficiently drones invading no-fly zones, without sacrificing drones location privacy. Specifically, we provide two major contributions. First, we propose DiPrID, the first RemoteID-compliant solution enhancing drones location privacy via Differential Privacy. Second, we introduce and evaluate ICARUS, an effective area invasion detection technique capable of identifying invasions by unauthorized drones, even when equipped with DiPrID, with remarkable accuracy and negligible detection delays. Our experiments showed that when drones obfuscate their location by an average distance as large as 31.914 km, ICARUS can detect up to 94.2% of invasions, while false-positives can be mitigated through the help of the FAA.

Original language	English
Title of host publication	Proceedings of the 17th International Conference on Availability, Reliability and Security, ARES 2022
Publisher	Association for Computing Machinery, Inc
ISBN (Electronic)	9781450396707
DOIs	https://doi.org/10.1145/3538969.3543784
Publication status	Published - 23 Aug 2022
Event	17th International Conference on Availability, Reliability and Security, ARES 2022 - Vienna, Austria Duration: 23 Aug 2022 → 26 Aug 2022

Publication series

Name	ACM International Conference Proceeding Series

Conference

Conference	17th International Conference on Availability, Reliability and Security, ARES 2022
Country/Territory	Austria
City	Vienna
Period	23/08/22 → 26/08/22

Bibliographical note

Funding Information:
This work has been partially supported by the INTERSCT project, Grant No. NWA.1162.18.301, funded by Netherlands Organisation for Scientific Research (NWO). The findings reported herein are solely responsibility of the authors.

Publisher Copyright:
© 2022 ACM.

Funding

This work has been partially supported by the INTERSCT project, Grant No. NWA.1162.18.301, funded by Netherlands Organisation for Scientific Research (NWO). The findings reported herein are solely responsibility of the authors.

Keywords

Critical Infrastructure Safety and Security
Intrusion Detection.
Location Privacy
RemoteID
Unmanned Aerial Vehicles

Access to Document

10.1145/3538969.3543784

Cite this

Brighente, A., Conti, M., & Sciancalepore, S. (2022). Hide and Seek: Privacy-Preserving and FAA-compliant Drones Location Tracing. In Proceedings of the 17th International Conference on Availability, Reliability and Security, ARES 2022 Article 134 (ACM International Conference Proceeding Series). Association for Computing Machinery, Inc. https://doi.org/10.1145/3538969.3543784

@inproceedings{669662a4d77a4caa874e0b0f45b63a2b,

title = "Hide and Seek: Privacy-Preserving and FAA-compliant Drones Location Tracing",

abstract = "Due to the frequent unauthorized invasions by commercial drones to Critical Infrastructures (CIs), the US-based Federal Avionics Administration (FAA) recently published a new specification, namely RemoteID. Such a rule requires all drones to broadcast information about their identity and location, to allow for immediate invasion attribution and counter-actions. However, the enforcement of such a rule poses severe concerns on drones' operators, especially in terms of location privacy and tracking threats. Indeed, by simply receiving wireless signals, an adversary could know the precise drone location, track it, and infer sensitive information. In this paper, we demonstrate that CI operators can detect timely and efficiently drones invading no-fly zones, without sacrificing drones location privacy. Specifically, we provide two major contributions. First, we propose DiPrID, the first RemoteID-compliant solution enhancing drones location privacy via Differential Privacy. Second, we introduce and evaluate ICARUS, an effective area invasion detection technique capable of identifying invasions by unauthorized drones, even when equipped with DiPrID, with remarkable accuracy and negligible detection delays. Our experiments showed that when drones obfuscate their location by an average distance as large as 31.914 km, ICARUS can detect up to 94.2% of invasions, while false-positives can be mitigated through the help of the FAA.",

keywords = "Critical Infrastructure Safety and Security, Intrusion Detection., Location Privacy, RemoteID, Unmanned Aerial Vehicles",

author = "Alessandro Brighente and Mauro Conti and Savio Sciancalepore",

note = "Funding Information: This work has been partially supported by the INTERSCT project, Grant No. NWA.1162.18.301, funded by Netherlands Organisation for Scientific Research (NWO). The findings reported herein are solely responsibility of the authors. Publisher Copyright: {\textcopyright} 2022 ACM.; 17th International Conference on Availability, Reliability and Security, ARES 2022 ; Conference date: 23-08-2022 Through 26-08-2022",

year = "2022",

month = aug,

day = "23",

doi = "10.1145/3538969.3543784",

language = "English",

series = "ACM International Conference Proceeding Series",

publisher = "Association for Computing Machinery, Inc",

booktitle = "Proceedings of the 17th International Conference on Availability, Reliability and Security, ARES 2022",

address = "United States",

}

Brighente, A, Conti, M & Sciancalepore, S 2022, Hide and Seek: Privacy-Preserving and FAA-compliant Drones Location Tracing. in Proceedings of the 17th International Conference on Availability, Reliability and Security, ARES 2022., 134, ACM International Conference Proceeding Series, Association for Computing Machinery, Inc, 17th International Conference on Availability, Reliability and Security, ARES 2022, Vienna, Austria, 23/08/22. https://doi.org/10.1145/3538969.3543784

Hide and Seek: Privacy-Preserving and FAA-compliant Drones Location Tracing. / Brighente, Alessandro; Conti, Mauro; Sciancalepore, Savio.
Proceedings of the 17th International Conference on Availability, Reliability and Security, ARES 2022. Association for Computing Machinery, Inc, 2022. 134 (ACM International Conference Proceeding Series).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Hide and Seek

T2 - 17th International Conference on Availability, Reliability and Security, ARES 2022

AU - Brighente, Alessandro

AU - Conti, Mauro

AU - Sciancalepore, Savio

N1 - Funding Information: This work has been partially supported by the INTERSCT project, Grant No. NWA.1162.18.301, funded by Netherlands Organisation for Scientific Research (NWO). The findings reported herein are solely responsibility of the authors. Publisher Copyright: © 2022 ACM.

PY - 2022/8/23

Y1 - 2022/8/23

N2 - Due to the frequent unauthorized invasions by commercial drones to Critical Infrastructures (CIs), the US-based Federal Avionics Administration (FAA) recently published a new specification, namely RemoteID. Such a rule requires all drones to broadcast information about their identity and location, to allow for immediate invasion attribution and counter-actions. However, the enforcement of such a rule poses severe concerns on drones' operators, especially in terms of location privacy and tracking threats. Indeed, by simply receiving wireless signals, an adversary could know the precise drone location, track it, and infer sensitive information. In this paper, we demonstrate that CI operators can detect timely and efficiently drones invading no-fly zones, without sacrificing drones location privacy. Specifically, we provide two major contributions. First, we propose DiPrID, the first RemoteID-compliant solution enhancing drones location privacy via Differential Privacy. Second, we introduce and evaluate ICARUS, an effective area invasion detection technique capable of identifying invasions by unauthorized drones, even when equipped with DiPrID, with remarkable accuracy and negligible detection delays. Our experiments showed that when drones obfuscate their location by an average distance as large as 31.914 km, ICARUS can detect up to 94.2% of invasions, while false-positives can be mitigated through the help of the FAA.

AB - Due to the frequent unauthorized invasions by commercial drones to Critical Infrastructures (CIs), the US-based Federal Avionics Administration (FAA) recently published a new specification, namely RemoteID. Such a rule requires all drones to broadcast information about their identity and location, to allow for immediate invasion attribution and counter-actions. However, the enforcement of such a rule poses severe concerns on drones' operators, especially in terms of location privacy and tracking threats. Indeed, by simply receiving wireless signals, an adversary could know the precise drone location, track it, and infer sensitive information. In this paper, we demonstrate that CI operators can detect timely and efficiently drones invading no-fly zones, without sacrificing drones location privacy. Specifically, we provide two major contributions. First, we propose DiPrID, the first RemoteID-compliant solution enhancing drones location privacy via Differential Privacy. Second, we introduce and evaluate ICARUS, an effective area invasion detection technique capable of identifying invasions by unauthorized drones, even when equipped with DiPrID, with remarkable accuracy and negligible detection delays. Our experiments showed that when drones obfuscate their location by an average distance as large as 31.914 km, ICARUS can detect up to 94.2% of invasions, while false-positives can be mitigated through the help of the FAA.

KW - Critical Infrastructure Safety and Security

KW - Intrusion Detection.

KW - Location Privacy

KW - RemoteID

KW - Unmanned Aerial Vehicles

UR - http://www.scopus.com/inward/record.url?scp=85137000602&partnerID=8YFLogxK

U2 - 10.1145/3538969.3543784

DO - 10.1145/3538969.3543784

M3 - Conference contribution

AN - SCOPUS:85137000602

T3 - ACM International Conference Proceeding Series

BT - Proceedings of the 17th International Conference on Availability, Reliability and Security, ARES 2022

PB - Association for Computing Machinery, Inc

Y2 - 23 August 2022 through 26 August 2022

ER -

Hide and Seek: Privacy-Preserving and FAA-compliant Drones Location Tracing

Abstract

Publication series

Conference

Bibliographical note

Funding

Keywords

Access to Document

Other files and links

Fingerprint

Cite this