SwarmFuzz: Discovering GPS Spoofing Attacks in Drone Swarms

Elaine Yao, Pritam Dash and Karthik Pattabiraman, To appear in the proceedings of the IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2023. (Acceptance rate: 20%) [ PDF (coming soon) | Talk ]

Abstract: Swarm robotics, particularly drone swarms, are used in various safety-critical tasks. While a lot of attention has been given to improving swarm control algorithms for improved intelligence, the security implications of various design choices in swarm control algorithms have not been studied. We highlight how an attacker can exploit the vulnerabilities in swarm control algorithms to disrupt drone swarms. Specifically, we show that the attacker can target a swarm member (target drone) through GPS spoofing attacks, and indirectly cause other swarm members (victim drones) to veer from their course, resulting in a collision with an obstacle. We call these Swarm Propagation Vulnerabilities.

In this paper, we introduce SwarmFuzz, a fuzzing framework to capture the attacker’s ability, and efficiently find such vulnerabilities in swarm control algorithms. SwarmFuzz uses a combination of graph theory and gradient-guided optimization to find the potential attack parameters. Our evaluation on a popular swarm control algorithm shows that SwarmFuzz achieves an average success rate of 48.91% in finding the vulnerability, boosts the success rate by 10x, and reduces the runtime by 3x compared to random fuzzing. We also find that swarms of a larger size are more vulnerable to this attack type, for a given spoofing distance.

Comments are closed.