无人机身份伪装攻击

Background: The increasing deployment of unmanned aerial vehicles (UAVs) for logistics in smart cities presents pressing challenges related to identity spoofing, unauthorized payload transport, and airspace security. Existing drone defense systems (DDSs) struggle to verify both drone identity and payload authenticity in real time, while blockchain-assisted solutions are often hindered by high latency and limited scalability. Methods: To address these challenges, we propose iBANDA, a blockchain- and AI-assisted DDS framework. The system integrates a lightweight You Only Look Once 5 small (YOLOv5s) object detection model with a Snowball-based Proof-of-Stake consensus mechanism to enable dual-layer authentication of drones and their attached payloads. Authentication processes are coordinated through an edge-deployable decentralized application (DApp). Results: The experimental evaluation demonstrates that iBANDA achieves a mean average precision of 99.5%, recall of 100%, and an F1-score of 99.8% at an inference time of 0.021 s, validating its suitability for edge devices. Blockchain integration achieved an average network latency of 97.7 ms and an end-to-end transaction latency of 1.6 s, outperforming Goerli, Sepolia, and Polygon Mumbai testnets in scalability and throughput. Adversarial testing further confirmed resilience to Sybil attacks and GPS spoofing, maintaining a false acceptance rate below 2.5% and continuity above 96%. Conclusions: iBANDA demonstrates that combining AI-based visual detection with blockchain consensus provides a secure, low-latency, and scalable authentication mechanism for UAV-based logistics. Future work will explore large-scale deployment in heterogeneous UAV networks and formal verification of smart contracts to strengthen resilience in safety-critical environments.

The advancement of drones in areas such as logistics and defense has led to increased regulations and security measures by the Federal Aviation Administration (FAA), including the implementation of Remote Identification (RID) to address drone-related challenges. This research focuses on developing an RID system to prevent illegal drone activities by ensuring secure communication through an advanced authentication mechanism, in compliance with the American Society for Testing and Materials (ASTM) F3411 standard. The proposed broadcast-based RID module aims to improve system reliability and effectiveness, particularly in areas with limited internet access, by integrating robust authentication to prevent identity spoofing and unauthorized use. It aligns with FAA regulations while improving drone security and operational efficiency. The integration of Ed25519 and ECDSA-256 within the ESP32 transmitter module offers improved authentication efficiency while maintaining an approximate power consumption of 2.4 W.

No abstract available

Mysterious sightings of Unmanned Aircraft Systems (UAS) over U.S. military facilities, suburban neighborhoods, and commercial airports have intensified scrutiny of drone activity. To increase accountability, the Federal Aviation Administration (FAA) introduced a Remote ID mandate, requiring unmanned aircraft to broadcast their location, operator's location, and identity in real-time. However, current standards leave authentication mechanisms underspecified, enabling spoofing, relay, and replay attacks that can undermine surveillance efforts and potentially disrupt UAS-to-UAS coordination in future deployments. In this paper, we propose TBRD, a practical system for authenticating Remote ID messages in a manner that aligns with existing standards and UAS capabilities. TBRD leverages the TESLA protocol and mobile device TEEs, and introduces a verification mechanism to build a lightweight, mission-scoped authentication system that is both computationally efficient and requires a low communication footprint. We evaluate the performance of TBRD using both an FAA-requirements compatible proof-of-concept implementation for performance metrics and a simulated 4-drone swarm mission scenario to demonstrate its security guarantees under adversarial conditions. Our system provides a 50\% reduction in authentication overhead compared to digital signatures and a 100x reduction in computation time. Our results demonstrate that TBRD can be integrated into current Remote ID infrastructures to provide a scalable, standards-compliant message authentication for both regulatory and operational use cases.

No abstract available

Radio frequency (RF) fingerprints are unique signal distortions resulting from hardware imperfections during manufacturing. These unique characteristics help identify radio devices and mitigate network attacks such as identity spoofing and impersonation. However, advancements in artificial intelligence (AI) have significantly enhanced generative models, enabling RF fingerprint forgery. This paper identifies a security threat enabled by surrogate models, where conditional generative networks produce forgery samples with specified labels, deceiving classifiers into misidentifying the intended identity. Specifically, the generative model crafts perturbations, allowing a transmitter to mimic another device’s fingerprint and mislead receiver identification. Extensive experiments validate the effectiveness of forged fingerprints, demonstrating high spoofing success rates and robustness under diverse SNR conditions and channel fading scenarios. Furthermore, the proposed approach achieves notable performance even in challenging black-box attack settings, leveraging surrogate models to successfully deceive the target classifiers. To minimize the impact on communication quality, a power constraint mechanism is implemented, ensuring that perturbations remain imperceptible and practical for real-world deployment.

Unmanned Aerial Vehicles (UAVs) are poised to play a transformative role across civil, commercial, and military domains, yet their inherent mobility, wireless connectivity, and resource constraints expose them to a spectrum of security threats from impersonation and replay attacks to session hijacking and physical tampering. Traditional Public-Key Infrastructure (PKI) solutions, while robust, incur prohibitive computation, communication, and key-management overheads that conflict with latency and power constraints of lightweight drones. In this paper, we introduce a unified, two-phase lightweight authentication protocol tailored for 6G-enabled UAV networks. During the registration phase, each drone securely establishes a shared secret and pseudo-identity with the base station via a Physically Unclonable Function (PUF) based challenge–response mechanism, eliminating on-device key storage. The authentication & session-key establishment phase then leverages symmetric encryption, fresh nonces, and timestamps to achieve mutual authentication, fresh session-key agreement, and perfect forward secrecy over a minimal two-message exchange. We rigorously prove security properties, i.e., mutual authentication, anonymity, traceability resistance, replay, impersonation, and Denial of service (DoS) resilience, tamper-cloning resistance, and perfect forward secrecy through both informal analysis and formal verification using the SCYTHER tool. Performance comparisons against recent PUF-and PKI-based schemes demonstrate our protocol’s efficiency: only five one-way hashes plus two symmetric encryptions per drone, and a total communication cost of 1,120 bits across two exchanges. These results confirm that our design delivers robust, future-proof security for resource-constrained UAV swarms with minimal overhead.

In recent years, Unmanned Aerial Vehicles (UAVs) have been widely deployed in both military and civilian domains, yet their open and dynamic operational environments pose significant security challenges, particularly in identity authentication and data encryption. To address these issues, this paper proposes a novel security authentication scheme for UAV mobile edge computing (MEC) that integrates Identity-Based Encryption (IBE) and Physical Unclonable Functions (PUF). The scheme leverages the efficiency of IBE in key management and the hardware-level security of PUF to achieve lightweight and robust authentication. It resists physical attacks such as node cloning and side-channel analysis, and enhances resistance against replay and impersonation attacks through a dynamic challenge-response mechanism. Simulation results demonstrate that the scheme maintains low latency and high scalability under varying network loads, making it suitable for resource-constrained UAV networks. This work provides a theoretical and practical foundation for enhancing security in UAV-enabled MEC systems.

Reconfigurable Intelligent Surface (RIS)-assisted Unmanned Aerial Vehicle (UAV) communications face a critical security threat from impersonation attacks, where adversaries impersonate legitimate entities to infiltrate networks to obtain private data or unauthorized access. To combat such security threats, this paper proposes a novel physical layer (PHY-layer) authentication scheme for validating UAV identity in RIS-enabled UAV wireless networks. Considering that most existing works focus on traditional communication systems such as IoT and millimeter wave multiple-input multiple-output (MIMO) systems, there is currently no mature PHY-layer authentication scheme to serve RIS-UAV communication systems. To this end, our scheme leverages the unique characteristics of cascaded channels related to RIS to verify the legitimacy of UAV transmitting signals to the base station (BS). To be more precise, we first use the least squares estimate method and coordinate a descent-based algorithm to extract the cascaded channel feature. Next, we explore a quantizer to quantize the fluctuations of the channel gain that are related to the extracted channel feature. The 1-bit quantizer’s output findings are exploited to generate the authentication decision criteria, which are then tested using a binary hypothesis. The statistical signal processing technique is utilized to obtain the analytical formulations for detection and false alarm probabilities. We also conduct a computational complexity analysis of the proposed scheme. Finally, the numerical results validate the effectiveness of the proposed performance metric models and show that our detection performance can reach over 90% accuracy at a low signal-to-noise ratio (e.g., −8 dB), with a 10% improvement in detection accuracy compared with existing schemes.

The frequency and severity of disasters have increased, necessitating robust monitoring and response systems over the years. Unmanned Aerial vehicles (UAVs), integrated into the Internet of Drones (IoDs), play a crucial role in real-time disaster management. This study proposes a mutual authentication mechanism for UAV networks based on smart cards, which emphasizes security and low computing overhead. Hashes and EX-OR operations guarantee efficient and secure communication, tackling important threats like impersonation, Man-In-the-Middle, identity guessing, etc. Additionally, our Scyther tool and BAN logic simulation ensures that private information is protected when producing a shared key. Results are compared to relatable authentication techniques, and protocol performance exceeds prior research. Emergency data transfer is quicker due to the protocol's minimal computing costs.

This paper proposes a TinyML-based lightweight deep learning model to address the risks of UAV identity forgery and illegal intrusion, enabling real-time identity authentication and abnormal behavior detection at the drone edge. To further optimize computational efficiency, we explore pruning and dynamic sparsity techniques alongside quantization-aware training, reducing FLOPs by 40% without accuracy loss. By combining depthwise separable convolution with an attention mechanism, the proposed network architecture significantly reduces computational complexity while maintaining recognition accuracy. Future work will integrate multimodal data (e.g., acoustic/lidar) to enhance robustness against environmental variations. Experimental results demonstrate that the model achieves 98.7% accuracy in UAV identity authentication tasks, an F1-score of 96.3% for anomaly detection, and a compact size of only 1.2MB, enabling real-time inference on mainstream drone edge computing chips. This research provides an effective lightweight solution for low-altitude economy security, with scalability to diverse regulatory frameworks.

: Aiming at the challenges of low throughput, excessive consensus latency and high communication complexity in the Practical Byzantine Fault Tolerance (PBFT) algorithm in blockchain networks, its application in identity verification for distributed networking of a drone cluster is limited. Therefore, a lightweight blockchain-based identity authentication model for UAV swarms is designed, and a Credit-score and Grouping-mechanism Practical Byzantine Fault Tolerance (CG-PBFT) algorithm is proposed. CG-PBFT introduces a reputation score evaluation mechanism, classifies the reputation levels of nodes in the network, and optimizes the consensus process based on grouping consensus and BLS aggregate signature technology. Experimental results demonstrate that under identical experimental conditions, compared with the PBFT algorithm, CG-PBFT achieves a 250% increase in average throughput, a 70% reduction in average latency, and simultaneous enhancement in security, thus making it more suitable for UAV swarm networks.

Traditional UAV authentication mechanisms rely on centralized architectures, which introduce risk of single points of failure and computationally intensive processes. To address these limitations, we propose a blockchain-based distributed authentication and on-boarding framework that decentralizes credential control, enabling user-centric management. This approach is particularly critical for UAV swarm environment, where high mobility disrupts communication stability and degrades authentication performance. Our framework integrates Hyperledger Identus as a cloud agent, KeyCloak for authorization, and NVIDIA Jetson for edge-device operations, establishing a resilient attributebased authentication system. By leveraging selective attribute disclosure without exposing raw data, the solution aligns with SelfSovereign Identity principles and privacy-by-design mandates. This eliminates dependence on central authorities while ensuring compliance with evolving security standards.

In order to solve the problems of identity solidification, key duration, and lack of anonymity in communications between unmanned aerial vehicles (UAVs) and ground control stations (GCSs), a mutual secure communication scheme named Dynamic Identity and Hybrid Encryption is proposed in this paper. By constructing an identity update mechanism and a lightweight hybrid encryption system, the anonymity and untraceability of the communicating parties can be realized within a resource-limited environment, and threats such as man-in-the-middle (MITM) attacks, identity forgery, and message tampering can be effectively resisted. Dynamic Identity and Hybrid Encryption (DIHE) uses a flexible encryption strategy to balance security and computing cost and satisfies security attributes such as mutual authentication and forward security through formal verification. Our experimental comparison shows that, compared with the traditional scheme, the calculation and communication costs of DIHE are lower, making it especially suitable for the communication environment between UAVs and GCSs with limited computing power, thus providing a feasible solution for secure low-altitude Internet of Things (IoT) communication.

Unmanned aerial vehicles (UAVs) play a critical role in various fields, including logistics, agriculture, and rescue operations. Effective identity authentication and key agreement schemes are vital for UAV networks to combat threats. Current schemes often employ algorithms like elliptic curve cryptography (ECC) and Rivest–Shamir–Adleman (RSA), which are vulnerable to quantum attacks. To address this issue, we propose LIGKYX, a novel scheme combining the quantum-resistant Kyber algorithm with the hash-based message authentication code (HMAC) for enhanced security and efficiency. This scheme enables the mutual authentication between UAVs and ground stations and supports secure session key establishment protocols. Additionally, it facilitates robust authentication and key agreement among UAVs through control stations, addressing the critical challenge of quantum-resistant security in UAV networks. The proposed LIGKYX scheme operates based on the Kyber algorithm and elliptic curve Diffie–Hellman (ECDH) key exchange protocol, employing the HMAC and pre-computation techniques. Furthermore, a formal verification tool validated the security of LIGKYX under the Dolev–Yao threat model. Comparative analyses on security properties, communication overhead, and computational overhead indicate that LIGKYX not only matches or exceeds existing schemes but also uniquely counters quantum attacks effectively, ensuring the security of UAV communication networks with a lower time overhead for authentication and communication.

No abstract available

In post-disaster emergency medical rescue operations, rapidly establishing an adaptive and flexible edge computing (EC) network, balancing data offloading with energy consumption, and ensuring the stable operation of the network have become urgent priorities. To address these challenges, we proposed an unmanned aerial vehicle (UAV)-assisted microservice mobile edge computing (MEC) architecture. The architecture can be rapidly deployed to provide temporary network coverage and EC services in disaster-stricken areas. A transformer-based resource management (TBRM) approach is utilized to optimize data offloading efficiency and reduce energy consumption, thereby maximizing the service time of the architecture. To enhance the security and reliability of the architecture, four microservices are designed to manage the full UAV lifecycle, and UAV identity authentication is implemented through dual digital signature certificates. Large-scale simulation experiments have demonstrated the effectiveness of the architecture in complex rescue scenarios, providing strong technical support for post-disaster medical rescue efforts.

Multiple unmanned aerial vehicles (UAVs) form a UAV cluster, which relies on wireless communication networks to facilitate information interaction among the UAVs. UAV clusters offer enhanced efficiency and fault tolerance, making reliable computing services possible. Compared to terrestrial networks, UAV computing network presents several desirable features, including mobility, availability, and flexibility, affording the potential for seamless global coverage. However, due to the inherent openness of wireless communication networks, UAV computing networks are susceptible to various security attacks. Existing access control mechanisms for UAV computing networks predominantly rely on base stations or central servers. This reliance elevates communication overhead for UAVs and exposes them to potential attacks from adversaries. Therefore, we propose a blockchain-aided distributed secure access control scheme specifically tailored for UAV computing networks, enabling UAVs to autonomously manage and determine identity, attributes, and access policies. To address the communication complexity and scalability concerns associated with blockchains, we integrate committee elections and clustering optimizations into the scheme. Security analysis and performance evaluation demonstrate that the proposed scheme can withstand common external and internal attacks in UAV clusters while ensuring lightweight energy consumption and scalability of UAV computing networks.

In recent years, with the widespread application of UAV swarm, the security problems faced have been gradually discovered, such as the lack of reliable identity authentication, which makes UAVs vulnerable to invasion. To solve these security problems, a lightweight secure communication scheme supporting batch authentication for UAV swarm is proposed. Firstly, a layered secure communication model for UAV swarm is designed. Then, a secure transmission protocol is implemented by using elliptic curves under this model, which not only reduces the number of encryptions but also ensures the randomness and one-time use of the session key. Moreover, a UAV identity authentication scheme supporting batch signature verification is proposed, which improves the efficiency of identity authentication. The experiments show that, when the number of UAVs is 60, the computation cost of the proposed scheme is 0.071 s, and the communication cost is 0.203 s, fully demonstrating the efficiency and practicability of the scheme. Through comprehensive security analysis, the capability of the proposed scheme to resist various attacks is demonstrated.

Many unmanned aerial vehicles (UAVs) require the installation of automatic dependent surveillance‐broadcast (ADS‐B) transponders to facilitate their daily management. However, since ADS‐B transponders do not have a good security mechanism, they introduce problems including impersonation, spoofing, and private changing of the registration number, making UAV surveillance inconvenient. Radio frequency fingerprinting (RFF) recognition is carried out by utilizing the fact that different electronic devices in a given transponder will affect the transmitted signals, resulting in the formation of RFF features that are unique to the transponder and difficult to forge. Therefore, in this work, a deep learning architecture is proposed to classify UAVs based on ADS‐B signals, and a multi‐head self‐attention RFF recognition model is constructed using variational mode decomposition (VMD) of the preamble data and a transformer encoder for validation. The model achieves better results in terms of noise, Doppler shifting, and multipath effect interference. This method demonstrates that the transformer architecture of natural language processing, combined with appropriate data preprocessing methods, can also be used for RFF recognition, and provides advantages in accuracy and robustness (67.83% vs. 64.17%).

Unmanned aerial vehicles (UAVs) are vulnerable to interception and attacks when operated remotely without a unified and efficient identity authentication. Meanwhile, the openness of wireless communication environments potentially leads to data leakage and system paralysis. However, conventional authentication schemes in the UAV network are centered on the fixed trust boundary, ignoring potential internal threats and failing to flexibly respond to the dynamic requirements of UAV access and identity authentication. Additionally, UAVs are not subjected to periodic repetitive identity authentication, leading to difficulties in controlling access anomalies. Therefore, in this work, we consider a zero-trust framework for UAV network authentication, aiming to achieve UAV identity authentication through the principle of “never trust and always verify.” We introduce a blockchain-assisted zero-trust authentication scheme, namely, BAZAM, designed for multi-UAV wireless networks. In this scheme, UAVs follow a key generation approach using physical unclonable functions (PUFs), and cryptographic technique helps verify registration and access requests of UAVs. The blockchain is applied to store UAVs authentication-related information in immutable storage. Through thorough security analysis and extensive evaluation, we demonstrate the effectiveness and efficiency of the proposed BAZAM.

Unmanned aerial vehicles (UAVs) are highly versatile and cost-effective, making them an attractive option for various applications. In UAV networks, it is essential to implement a digital signature scheme to ensure the integrity and authentication of commands sent to UAVs. Moreover, this digital signature scheme not only maintains the real-time performance of UAVs while executing commands but also protects the identity privacy of the signer. To meet these needs, we propose an efficient threshold attribute-based proxy signature (t-ABPS) scheme that integrates a threshold predicate specifically designed for UAV networks. The formal security proof for the t-ABPS scheme demonstrates its existential unforgeability under selective-attribute and chosen-message attacks (EUF-sA-CMA) in the random oracle model. This scheme also ensures the identity privacy of the signer. Furthermore, we evaluate the computational costs and communication costs associated with the proposed scheme. Our analysis indicates that the t-ABPS scheme is more computationally efficient than other existing attribute-based proxy signature schemes, but it has higher communication costs.

The unmanned aerial vehicle (UAV) network has gained significant attentions in recent years due to its various applications. However, the traffic security becomes the key threatening public safety issue in an emergency rescue system due to the increasing vulnerability of UAVs to cyber attacks in environments with high heterogeneities. Hence, in this paper, we propose a novel anomaly traffic detection architecture for UAV networks based on the software-defined networking (SDN) framework and blockchain technology. Specifically, SDN separates the control and data plane to enhance the network manageability and security. Meanwhile, the blockchain provides decentralized identity authentication and data security records. Beisdes, a complete security architecture requires an effective mechanism to detect the time-series based abnormal traffic. Thus, an integrated algorithm combining convolutional neural networks (CNNs) and Transformer (CNN+Transformer) for anomaly traffic detection is developed, which is called CTranATD. Finally, the simulation results show that the proposed CTranATD algorithm is effective and outperforms the individual CNN, Transformer, and LSTM algorithms for detecting anomaly traffic.

The evolution of future network and control technologies has enabled unmanned aerial vehicles (UAVs) to collaborate across diverse geographical areas and task domains, enhancing task execution efficiency through data and resource sharing. In response to the increasing demand for cross-domain task allocation and operations for UAVs, establishing robust authentication mechanisms within trusted domains has become a critical foundation for ensuring secure cross-domain access. Despite significant progress in UAV identity authentication and cross-domain access, challenges persist, such as cumbersome and inefficient processes, UAV resource limitations, and establishing trust relationships across different domains. To address these challenges, this paper introduces a dual blockchain-assisted trusted authentication scheme for UAVs’ cross-domain access. Our approach utilizes a certificateless signcryption algorithm for lightweight UAV authentication, thereby eliminating the need for certificate management. Then, an efficient credit-based trust model is designed to measure the trustworthiness of data-in-transit and cross-domain entities. Furthermore, blockchain technology is introduced to store the relevant information of UAVs and credibility to assist cross-domain authentication. Theoretical security analysis and extensive simulations have been conducted, demonstrating the effectiveness and efficiency of our proposed scheme.

Unmanned aerial vehicles (UAVs) are operated remotely without the presence of a unified system of identity authentication, and wireless communications in untrusted environments can cause the loss of valuable data carried by UAVs. Traditional UAV authentication mechanisms are centralized approaches, which suffer from a single point of failure problem and may incur high complexity computations. Therefore, it is crucial to establish a distributed authentication mechanism between the ground station controller (GSC) and a UAV. Moreover, in case of UAV swarms, the high mobility of the UAVs affects the stability of UAV communications, which leads to the degradation of the UAV authentication performance. Addressing these challenges, we design a blockchain-based distributed authentication mechanism, known as SwarmAuth, for UAV swarms, where the GSC and UAVs follow a mutual authentication approach using physical unclonable functions (PUFs), and the K-means clustering-based intelligent approach is used to dynamically create location-based clusters. The blockchain helps store UAVs’ authentication information in an immutable storage and the associated smart contracts provide a convenient access control model. The security analysis of SwarmAuth is carried out through both formal and informal proofs considering general attacks. Experimental evaluation shows that SwarmAuth can assure trustworthy communications and improve the network performance.

The rapid development of Unmanned Aerial Vehicle (UAV) swarm technology has led to its increasingly vital role in intelligent transportation, environmental monitoring, and emergency response. However, existing centralized identity authentication mechanisms are susceptible to single points of failure and identity forgery in dynamic environments. While blockchain technology offers a distributed trust architecture, its inherent high storage and computational overhead pose significant challenges for resource-constrained UAV networks. To mitigate these challenges, this paper introduces a novel lightweight and dynamic identity authentication scheme that integrates blockchain with aggregatable subvector commitments (aSVC). This proposed scheme employs aSVC to effectively compress identity states, complemented by efficient batch authentication and asynchronous update mechanisms. Consequently, this approach reduces on-chain storage overhead to a constant level and achieves a statistically significant optimization of the computational complexity for batch authentication, transforming key cryptographic operations from linear dependence on the number of UAVs to a constant level.

As the core subject of IoT applications, IoT devices have faced numerous security challenges. Especially for IoT devices deployed in remote or harsh environments, they are often unattended for long periods, making it difficult to share the sensing data and susceptible to potential physical attacks. While aerial assistance methods represented by unmanned aerial vehicles (UAVs) can solve the problem of data sharing at a low cost, it is necessary to establish a secure channel between ground control stations, UAVs, and IoT devices due to the sensitivity of the sensing data. Recently, Physical Unclonable Function (PUF) has been proven to provide unique identity identification for devices using its tamper-proof feature. In this paper, we propose a lightweight UAV-assisted authentication and key agreement protocol for unattended IoT devices, ensuring secure communication and physical tamper-proof requirements. However, our work does not stop there. We noticed that some existing PUF-based authentication schemes misunderstand the ability of PUF, which leads to these schemes cannot actually provide physical protection. We analyzed the security vulnerabilities of these schemes and proposed rules that should be followed when designing authentication protocols using PUF. In addition, for the first time, we put forward the formal definitions and proof methods for PUF in the formal proof of the security protocol, which avoided the unreasonable initial assumptions adopted in the proof of the existing schemes. We extended Mao-Boyd (MB) logic and comprehensively analyzed the proposed protocol. We also evaluate the performance of the proposed scheme, and the results show that the proposed scheme has certain advantages in communication and computation overhead compared with existing schemes.

Cooperative multi-UAV clusters have been widely applied in complex mission scenarios due to their flexible task allocation and efficient real-time coordination capabilities. The Air Command Aircraft (ACA), as the core node within the UAV cluster, is responsible for coordinating and managing various tasks within the cluster. When the ACA undergoes fault recovery, a handover operation is required, during which the ACA must re-authenticate its identity with the UAV cluster and re-establish secure communication. However, traditional, centralized identity authentication and ACA handover mechanisms face security risks such as single points of failure and man-in-the-middle attacks. In highly dynamic network environments, single-chain blockchain architectures also suffer from throughput bottlenecks, leading to reduced handover efficiency and increased authentication latency. To address these challenges, this paper proposes a mathematically structured dual-chain framework that utilizes a distributed ledger to decouple the management of identity and authentication information. We formalize the ACA handover process using cryptographic primitives and accumulator functions and validate its security through BAN logic. Furthermore, we conduct quantitative analyses of key performance metrics, including time complexity and communication overhead. The experimental results demonstrate that the proposed approach ensures secure handover while significantly reducing computational burden. The framework also exhibits strong scalability, making it well-suited for large-scale UAV cluster networks.

Cross-domain authentication of drones has played an important role in emergency rescue, collaborative missions, and so on. However, the existing cross-domain authentication protocols for drones may cause privacy leakages and stolen-verifier attacks due to the storage of drone information by ground stations, and drones and ground stations are susceptible to capture attacks, which may suffer from impersonation attacks. To address these problems, we propose a lightweight cross-domain authentication protocol based on physical unclonable function (PUF). In the proposed protocol, the control center is not involved in the authentication process, preventing bottleneck problems when multiple drones authenticate simultaneously. Ground stations do not store drone information, effectively safeguarding against privacy leakage and stolen-verifier attacks. PUF is utilized to protect drones from capture attacks. We conduct both informal security analysis and formal security proof to demonstrate the protocol’s security. In terms of performance, compared with relevant schemes, our protocol shows remarkable efficiency improvements. Computationally, it is 5–92% more efficient. Regarding communication overhead, it is 9–68% lower than relevant schemes. For storage, it is 22–48% lower than relevant schemes. We simulated the proposed protocol using a Raspberry Pi 4B, which emulates the computational capabilities of actual UAV and ground stations. During the simulation, a large number of authentication requests were generated. We monitored key performance indicators such as authentication success rate, response time, and resource utilization. To test its security, we simulated common attacks like replay, forgery, and impersonation. The protocol’s timestamps effectively identified and rejected replayed messages. Meanwhile, the PUF mechanism and unique signature scheme foiled our attempts to forge authentication messages. These simulation results, combined with theoretical security proofs, confirm the protocol’s practical viability and security in real-world-like scenarios.

Unmanned Aerial Vehicles (UAVs) are gaining increased popularity in a wide range of domains and applications. As a result, they are also becoming a target of malicious attacks. For example, drone impersonation of military or civilian drones can cause serious security and privacy breaches. There have been some recent contributions that aim to integrate digital certificates as an authentication tool for drones, but such software techniques are often defenseless against physical compromise. In this article, to the best of our knowledge, we are the first to propose a physical layer drone authentication framework to augment existing multifactor authentication schemes leveraging the unintentional Electromagnetic (EM) emissions of the drone’s electronic components. Our solution, Drone-Mag, exploits the inherent non-idealities and imperfections present in drones’ electronic integrated circuits that are introduced during their manufacturing process. Those emissions are hard to mimic or replicate, providing a robust basis for drone authentication. Drone-Mag is a passive, non-interactive, and privacy-preserving authentication solution and does not require software or hardware modifications to available drones. We test the performance of Drone-Mag focusing on the unintentional EM emissions of 23 drones. In particular, we addressed three main tasks: (i) identification of 14 different drones and flight controllers; (ii) authentication of 10 identical (same brand and model) drones; and (iii) rogue drone detection using autoencoders. All the listed tasks achieve a minimum average of 0.97 F1-score, showing the viability and efficiency of the proposed authentication method.

The open nature of wireless communications renders uncrewed aerial vehicle (UAV) communications vulnerable to impersonation attacks, under which malicious UAVs can impersonate authorized ones with stolen digital certificates. Traditional fingerprint-based UAV authentication approaches rely on a single modality of sensory data gathered from a single layer of the network model, resulting in unreliable authentication experiences, particularly when UAVs are mobile and in an open-world environment. To transcend these limitations, this article proposes SecureLink, a UAV authentication system that is among the first to employ cross-layer information for enhancing the efficiency and reliability of UAV authentication. Instead of using single modalities, SecureLink fuses physical-layer radio-frequency (RF) fingerprints and application-layer micro-electromechanical system (MEMS) fingerprints into reliable UAV identifiers via multimodal fusion. SecureLink first aligns fingerprints from channel state information measurements and telemetry data, such as feedback readings of onboard accelerometers, gyroscopes, and barometers. Then, an attention-based neural network is devised for in-depth feature fusion. Next, the fused features are trained by a multisimilarity loss and fed into a one-class support vector machine for open-world authentication. We extensively implement our SecureLink using three different types of UAVs and evaluate it in different environments. With only six additional data frames, SecureLink achieves a closed-world accuracy of 98.61% and an open-world accuracy of 97.54% with two impersonating UAVs, outperforming the existing approaches in authentication robustness and communication overheads. Finally, our datasets collected from these experiments are available on GitHub: https://github.com/PhyGroup/SecureLink

Unmanned Aerial Vehicles (UAVs) operate under strict Size, Weight, and Power (SWaP) constraints, making traditional security mechanisms impractical. Many existing authentication protocols rely on centralized infrastructure, introducing Single Points of Failure (SPoF) and requiring continuous connectivity-unsuitable for decentralized UAV swarms. Moreover, few support the secure addition of new UAVs post-deployment. We propose SPARKS, a lightweight, serverless authentication protocol tailored for UAV swarms. Unlike prior approaches, SPARKS enables dynamic, mutual UAV-to-UAV authentication without central authorities, using only XOR operations, cryptographic hashes, and Physical Unclonable Functions (PUFs). It provides resilience against common attacks, including impersonation and device capture. Security is formally verified using the Tamarin Prover, and performance is validated on resourceconstrained devices (Raspberry Pi 4 and 5). Results demonstrate that SPARKS achieves strong security guarantees and practical efficiency, making it a compelling solution for secure, flexible UAV swarm coordination.

Remote ID (RID) regulations soon applicable world-wide force drones to broadcast plaintext wireless messages providing, among others, their current location. However, malicious drone operators who want to stay stealthy might disclose RID messages carrying out location spoofing attacks, i.e., report forged locations, different from the actual ones. In this paper, we investigate the feasibility of using wireless localization approaches to detect drones carrying out location spoofing attacks. To this aim, we propose GhostBuster, a modular solution for detecting misbehaving RID-enabled drones, and we evaluate its performance via an extensive experimental campaign based on open-source data from actual drone flights. Through the analysis of real data in an area of $1. 5km\times 2.5km$, we show that systems integrating multiple receivers can take advantage of multiple RID messages to verify the location reported by RID-enabled drones with a success rate of 95% up to 364 meters with 12 receivers. We also show that channel conditions play a crucial role in defining the maximum achievable spoofing detection performance.

The rapid expansion of drone operations has catalyzed the development of Uncrewed Aircraft System Traffic Management (UTM) systems, critical for safe and efficient lowaltitude airspace integration. However, UTM's reliance on extensive data exchanges introduces significant security and privacy risks-such as unauthorized identification, data disclosure, and surveillance vulnerabilities-that threaten regulatory compliance and stakeholder trust. This study presents a comprehensive analysis of UTM security and privacy using the PASTA (for cybersecurity) and LINDDUN (for privacy) threat modeling frameworks. Grounded in the Federal Aviation Administration (FAA) and National Aeronautics and Space Administration's (NASA) concepts of operations, our system-of-systems approach integrates business, operational, and technical perspectives into a coherent architecture. Key findings highlight critical vulnerabilities in Remote ID systems and communication networks, including risks of spoofing, GPS jamming, and operator profiling. The analysis proposes targeted mitigation strategies, such as encryption, role-based access control, and privacy-enhancing technologies, to address these threats. Our results support scalable, interoperable, and privacy-conscious UTM implementations aligned with global standards.

Multiple unmanned aerial vehicle (UAV) systems are increasingly used in civilian and military applications. However, due to the open and broadcast nature of wireless communications, the control and non-payload communication (CNPC) between UAVs and ground control stations (GCSs) is vulnerable to physical (PHY) and medium access control (MAC) layer wireless attacks, such as eavesdropping, jamming, and spoofing. In this paper, we investigate the secure remote control (RC) issue in multi-UAV systems from a physical layer security (PLS) perspective. We propose a secure RC mechanism based on John Boyd's OODA loop and introduce cooperative jamming (CJ) from UAVs to safeguard control data from GCS. To quantify the uncertainty of wireless attacks from aerial and terrestrial potential attackers, we first introduce the Nakagami-m fading model and a mixed line-of-sight (LoS) / non-line-of-sight (NLoS) probability model to characterize hostile air-to-ground (A2G) channels. We then derive the conditions for successful attacks including passive/active eavesdropping, jamming and spoofing, and formulate the risks of each attack and the overall CJ efficiency based on secrecy outage probability (SOP). To optimize the trade-off between risk costs and CJ power consumption for various situations, we propose three levels of control schemes (centralized, partially centralized, and distributed) applicable at GCS or UAVs, and design three decision-making methods with differing complexities. Through simulations, we evaluate the performance of the proposed mechanism under a general scenario that provides diverse physical conditions, threat levels, and security requirements.

We present an opportunistic method to comman-deer already-flying UAVs for herding malfunctioning UAVs to safety. Malfunctioning UAVs, which deviate from their path due to a planning or a communication failure, pose a safety risk, and it is important to develop methods for mitigating that risk in various circumstances. Here we focus on the case when the Defender (e.g. the airport authority or provider of service) cannot deploy its own UAVs, and taking down the malfunctioning UAV poses an unacceptable risk to people on the ground. In such a case, we propose that the Defender commandeer other flying UAVs to herd the malfunctioning UAV to safety by temporarily spoofing their state estimate. Leveraging Remote ID (a new FAA requirement for UAVs) and existing methods for spoofing state estimation, the Defender dynamically adapts its herding to the evolving situation, effectively guiding malfunctioning UAVs away from restricted airspace or sensitive zones. Our results, validated through extensive simulations (studying multiple herder and target configurations) and small-scale real-world experiments, demonstrate the efficacy of our approach in mitigating UAV intrusion incidents and enhancing airspace security.

Accurate prediction of drone motion within structured urban air corridors is essential for ensuring safe and efficient operations in Urban Air Mobility (UAM) systems. Although real-world Remote Identification (Remote ID) regulations require drones to broadcast critical flight information such as velocity, access to large-scale, high-quality broadcast data remains limited. To address this, this study leverages a Digital Twin (DT) framework to augment Remote ID spatio-temporal broadcasts, emulating the sensing environment of dense urban airspace. Using Remote ID data, we propose BiDGCNLLM, a hybrid prediction framework that integrates a Bidirectional Graph Convolutional Network (BiGCN) with Dynamic Edge Weighting and a reprogrammed Large Language Model (LLM, Qwen2.5–0.5B) to capture spatial dependencies and temporal patterns in drone speed trajectories. The model forecasts near-future speed variations in surrounding drones, supporting proactive conflict avoidance in constrained air corridors. Results from the AirSUMO co-simulation platform and a DT replica of the Cranfield University campus show that BiDGCNLLM outperforms state-of-the-art time series models in short-term velocity prediction. Compared to Transformer-LSTM, BiDGCNLLM marginally improves the R2 by 11.59%. This study introduces the integration of LLMs into dynamic graph-based drone prediction. It shows the potential of Remote ID broadcasts to enable scalable, real-time airspace safety solutions in UAM.

With the increasing demand for UAV applications driven by the development of the low-altitude economy, real-time monitoring and supervision have become critical for airspace safety. This paper presents a Remote ID-based UAV supervision system, comprising an embedded identification device and a regulatory platform terminal developed with Qt6.The identification module captures Remote ID signals broadcast via Wi-Fi Beacons, extracting key information such as UAV ID, position, speed, altitude, and pilot location. These data are then transmitted to the supervisory platform, which provides real-time visualization, status tracking, trajectory display, and alert functionalities for multiple UAVs. The system architecture, software implementation, and data processing workflow are systematically introduced. Experimental evaluation demonstrates that the system can effectively identify and monitor up to 20 UAVs within a 2 km radius, with stable performance under dynamic conditions. The proposed solution exhibits strong identification accuracy, data reliability, and visualization capabilities, offering a feasible approach for urban low-altitude airspace management. It lays a foundation for future research in intelligent UAV supervision, geofencing integration, violation detection, and coordinated airspace control.

With the rapid development of unmanned aerial vehicles (UAVs), it is paramount to ensure safe and efficient operations in open airspaces. The remote identification (Remote ID) is deemed an effective real-time UAV monitoring system by the federal aviation administration, which holds potentials for enabling inter-UAV communications. This paper deeply investigates the application of Remote ID for UAV collision avoidance while minimizing communication delays. First, we propose a Remote ID based distributed multi-UAV collision avoidance (DMUCA) framework to support the collision detection, avoidance decision-making, and trajectory recovery. Next, the average transmission delays for Remote ID messages are analyzed, incorporating the packet reception mechanisms and packet loss due to interference. The optimization problem is formulated to minimize the long-term average communication delay, where UAVs can flexibly select the Remote ID protocol to enhance the collision avoidance performance. To tackle the problem, we design a multi-agent deep Q-network based adaptive communication configuration algorithm, allowing UAVs to autonomously learn the optimal protocol configurations in dynamic environments. Finally, numerical results verify the feasibility of the proposed DMUCA framework, and the proposed mechanism can reduce the average delay by 32% compared to the fixed protocol configuration.

The remote identification (Remote ID) broadcast capability allows unmanned aerial vehicles (UAVs) to exchange messages, which is a pivotal technology for inter-UAV communications. Although this capability enhances the operational visibility, low delay in Remote ID-based communications is critical for ensuring the efficiency and timeliness of multi-UAV operations in dynamic environments. To address this challenge, we first establish delay models for Remote ID communications by considering packet reception and collisions across both BLE 4 and Wi-Fi protocols. Building upon these models, we formulate an optimization problem to minimize the long-term communication delay through adaptive protocol selection. Since the delay performance varies with the UAV density, we propose an adaptive BLE/Wi-Fi switching algorithm based on the multi-agent deep Q-network approach. Experimental results demonstrate that in dynamic-density scenarios, our strategy achieves 32.1% and 37.7% lower latency compared to static BLE 4 and Wi-Fi modes respectively.

The rapid development of 5G-Advanced (5G-A) and Integrated Sensing and Communication (ISAC) technologies has significantly enhanced IoT (Internet of Things) applications, particularly in low-altitude aircraft monitoring. However, multisource sensor fusion faces challenges due to timestamp misalignment caused by sensor heterogeneity and environmental interference. This paper proposes a low-cost post-processing time synchronization scheme for 5G-A ISAC base stations and dronemounted Remote ID devices. The approach involves: (1) KD-treebased spatial queries with time-threshold screening to isolate the trajectory of unique target; (2) nearest-neighbor-like interpolation is designed for resampling to unify sensor timestamps; and (3) cross-correlation peak analysis to determine precise time offsets. Experimental results conducted by real-world drone flight data from Guangzhou demonstrate that the time offset can be extracted by the proposed method with high accuracy and consistency across the spatial dimensions, outperforming the commonly used method. This scheme facilitates subsequent multi-sensor fusion and provides a reference for real-time multi-source fusion in future drone monitoring, addressing challenges like discontinuous trajectories and multi-target detection in urban environments.

With the rapid growth of the low-altitude economy, UAV deployment in urban settings has become widespread, and safety risks are increasingly prominent. Urban airspaces are often densely built, subject to frequent temporary restrictions, and host UAVs with diverse capabilities, exposing missions to conflicts, regulatory violations, or loss after crash.To address these risks, this paper proposes a “Three-Stage Urban Low-Altitude Safety” framework covering pre-flight, inflight, and post-flight phases forming a closed loop. First, prior to flight, dynamic geo-fencing combined with optimized path planning allows UAVs to adapt quickly when temporary restrictions (e.g., NOTAMs) arise, maintaining compliance and efficiency. We detail a real-time NOTAM/UTM ingestion pipeline and an optimized grid/incremental planner that reduces replan latency from ~3s to ~200 ms. Second, during flight, a detect-and-avoid mechanism using Remote ID and ADS-B is set; in addition to onboard reception, we present a cooperative option with multiple distributed receivers networked across the city to mitigate urban occlusions while keeping end-to-end latency < 500 ms for 1–2 Hz replanning. Third, after flight, an independent retrieval system integrating GNSS, Wi-Fi, BLE and cellular base-station triangulation maintains meter-level localization when GPS is degraded or jammed.We report simulation and field-flight results (50 sorties) with confidence intervals and discuss system-integration challenges (computational overhead for fleets, spectrum/occlusion issues, payload/power trade-offs). The framework shows promise for robust operation in complex urban low-altitude airspaces and offers a technical foundation for integration with UTM/U-Space platforms.

The Remote ID (RID) regulation recently introduced by several aviation authorities worldwide (including the US and EU) forces commercial drones to regularly (max. every second) broadcast plain-text messages on the wireless channel, providing information about the drone identifier and current location, among others. Although these regulations increase the accountability of drone operations and improve traffic management, they allow malicious users to track drones via the disclosed information, possibly leading to drone capture and severe privacy leaks. In this paper, we propose Obfuscated Location disclOsure for RID-enabled drones (OLO-RID), a solution modifying and extending the RID regulation while preserving drones’ location privacy. Rather than disclosing the actual drone’s location, drones equipped with OLO-RID disclose a differentially private obfuscated location. OLO-RID also extends RID messages with encrypted location information, accessible only by authorized entities and valuable to obtain the current drone’s location in safety-critical use cases. We design, implement, and deploy OLO-RID on a Raspberry Pi 3 and release the code of our implementation as open-source. We also perform an extensive performance assessment of the runtime overhead of our solution in terms of processing, communication, memory, and energy consumption. We show that OLO-RID can generate RID messages on a constrained device in less than 0.16 s while also requiring a minimal energy toll on a relevant device (<inline-formula><tex-math notation="LaTeX">$0.0236\%$</tex-math><alternatives><mml:math><mml:mrow><mml:mn>0</mml:mn><mml:mo>.</mml:mo><mml:mn>0236</mml:mn><mml:mo>%</mml:mo></mml:mrow></mml:math><inline-graphic xlink:href="sciancalepore-ieq1-3629749.gif"/></alternatives></inline-formula> of energy for a DJI Mini 2). We also evaluate the utility of the proposed approach in the context of three reference use cases involving the drones’ location usage, demonstrating minimal performance degradation when trading off location privacy and utility for next-generation RID-compliant drone ecosystems.

Remote Identification (RID) regulations recently promulgated worldwide are forcing commercial drones to broadcast wirelessly the location of the pilot in plaintext. However, in many real-world use cases, the plaintext availability of such information leads to privacy issues, allowing the extraction of sensitive information about the pilot and confidential details about the drone's business. To address this issue, this paper proposes SNELL, a RID-compliant solution for selective authenticated pilot location disclosure. Using SNELL, a drone can disclose RID messages providing encrypted information about the pilot's location. At the same time, thanks to the smart integration of Ciphertext-Policy Attribute-Based Encryption (CP-ABE) techniques, the data about the pilot location can be decrypted only by receivers with a set of attributes satisfying an access control policy chosen by the drone at run-time. Thanks to an extensive experimental assessment carried out on a real medium-end drone (Lumenier QAV-R) and a constrained chip (ESP32), we demonstrate that SNELL can fulfil all the requirements imposed by RID and relevant standardization authorities in terms of pilot location update time and message size while also requiring negligible energy toll on RID-compliant drones.

No abstract available

The aviation sector relies on cooperative surveillance systems such as Automatic Dependent Surveillance-Broadcast (ADS-B) and Remote Identification (RID) to enhance safety and efficiency. However, their open, unencrypted communication protocols make them vulnerable to various cyberattacks. This survey examines the current state of knowledge on attacks, detection techniques, and countermeasures for both ADS-B and RID, addressing a gap in the literature by analyzing them side by side. It categorizes attacks, including emerging threats, reviews detection methods from traditional to modern AI-based approaches and discusses existing countermeasures. Furthermore, this paper provides a list of simulation tools and open-access datasets and identifies current research challenges and future directions.

No abstract available

No abstract available

As a crucial component of intelligent transportation systems, Vehicular Ad Hoc Networks (VANETs) are increasingly exposed to severe cybersecurity threats, particularly hybrid attacks such as Denial of Service (DoS), black hole attacks, and Sybil identity spoofing. In high-density traffic environments, Road Side Units (RSUs) often suffer from heavy loads, which limits their responsiveness and accuracy in attack detection. To address this issue, this paper proposes a UAV-assisted intelligent multi-attack detection model. By introducing unmanned aerial vehicles (UAVs) as mobile auxiliary nodes, the model dynamically offloads traffic monitoring and data processing tasks from RSUs, thereby alleviating resource bottlenecks. Building on this, a hybrid detection architecture is designed that combines Convolutional Neural Networks (CNN) and Deep Q-Networks (DQN). The CNN is employed to extract spatiotemporal traffic features, including vehicle port traffic density, node forwarding rate distributions, and identity activity levels, while convolutional filters capture potential abnormal patterns. The DQN further optimizes attack detection through Q-learning-based decision making. The simulation results demonstrate that the proposed method outperforms existing approaches in detecting diverse types of attack, significantly improving detection accuracy and reducing response latency.

A Sybil attack is a type of security threat in which a single malicious user creates multiple fake identities or nodes within a network to disrupt communication or manipulate decision-making. Unmanned aerial vehicles (UAVs) are currently mostly used in agriculture, environmental monitoring, surveillance, and various other applications, leading to potential security threats on the Internet of Flying Things. Existing Sybil attack identification strategies tend to employ cryptographic mechanisms or trust models, which can be computationally intensive and unrealistic in UAV networks that have limited resources. This paper shows a better way to find Sybil attacks by using an algorithm that makes good use of physical layer features, such as the Received Signal Strength Difference (RSSD) and Time Difference of Arrival (TDoA), to create datasets quickly. The algorithm uses a statistical thresholding technique to detect Sybil attacks and to generate a dataset. The dataset was then evaluated using various machine learning models, including J48, OneR, JRip, etc. A higher accuracy of 98support vector machine (SVM) classifier. By utilizing the inherent physical layer properties, our proposed approach improves Sybil identification while reducing computing overhead. The outcomes of the experiment shows how effective our method is since it achieves excellent detection accuracy and robustness against complex Sybil attacks.

The integration of unmanned aerial vehicles (UAVs) with 6G enabled Vehicle-to-Everything (V2X) networks introduces new communication capabilities as well as a significantly expanded attack surface. In this work, we develop a comprehensive NS-3 based simulation environment featuring UAVs, ground vehicles, and base stations connected by mmWave links to emulate realistic 6G scenarios, complemented by selective Wi-Fi safety beacons. We design and implement five custom attack modules: Denial of Service (DoS), sybil, false-data injection, GPS spoofing, and sensor drift alongside a safety message application and a baseline Intrusion Detection System (IDS). Through extensive logging and feature engineering, we construct a labelled dataset that captures flow, channel, and application layer metrics under diverse mobility and threat conditions. A lightweight autoencoder based IDS is then trained and shown to operate in real time for anomaly detection within the UAV-V2X environment. Attack behaviours are analysed via NetAnim visualisations and terminal traces, and the IDS is evaluated for detection reliability and system resilience. Our results highlight distinct vulnerability patterns for ground vehicles versus UAV relays and demonstrate the practicality of deploying an efficient IDS on 6G vehicular nodes. Finally, we export the trained IDS to the Open Neural Network Exchange (ONNX) format and embed it directly into the NS-3 event loop, enabling seamless in situ inference and closing the gap between offline model development and real time network protection.

Roadside units (RSUs) play a vital role in intelligent transportation systems (ITS), working as critical elements in delivering superior Internet of Vehicles (IoV) services. A large service coverage and fast accident information diffusion RSU deployment solution can reliably ensure the ITS’ quality of service. Simultaneously, with the development of the city and the ITS, changes in traffic flow lead to RSU load imbalance, which will reduce the benefit of the original RSU deployment, and it is necessary to adjust RSU locations with minimal cost. Besides, due to the high visibility of the ITS, RSUs are highly susceptible to external attacks, which is commonly overlooked in existing RSU deployment work. Specifically, Sybil attack is one of the most dangerous attacks against ITS, and it can reshape the network state by forging multiple identities, interfering with risk sensing, etc. Motivated by these, we respectively propose the PSO-meme joint heuristic deployment algorithm (PJHDA) and the heuristic RSU multi-objective adaptation adjustment algorithm (HRMA3) to carry out deployment and adaptation adjustment of the city’s RSUs, taking into account the constraint of Sybil attack detection. Numerical results demonstrate that the multi-attribute performance of PJHDA is superior to the existing schemes. Compared with benchmark schemes, the HRMA3 excels in achieving advanced service coverage and load balancing while controlling costs, and both proposed schemes exhibit higher Sybil attack detection rate.

Abstract This study is devoted to the resilient control problem of a mobile sensor network with a Sybil attack and input delay. First, a fixed-time observer is constructed to estimate the state exactly, which makes it possible to calculate the settling time. Then, the delayed system is transformed into a delay-free system by introducing Artstein’s transformation, and a confidence metric is used to tackle the Sybil attack problem, which requires no additional data storage beyond signals. Furthermore, a novel distributed event-triggered fixed-time control scheme is proposed, and a triggering function is developed to generate triggering events asynchronously. Using the presented triggering function, each sensor communicates in discrete time, which is fully continuous-communication free. Several sufficient conditions are obtained, and a rigorous proof is given using Lyapunov stability and fixed-time stability theories. Finally, simulation results are presented to demonstrate the efficiency of the theoretical results such as the flocking context.

No abstract available

Vehicular Ad Hoc Networks (VANETs) enable communication between vehicles and roadside units to improve road safety and traffic efficiency. However, the wireless nature and the constant movement of vehicles make VANETs vulnerable to security threats. Malicious nodes can disrupt the network by spreading false information, which can compromise the reliability of message delivery. A significant threat is the Sybil attack, where attackers create fake identities to deceive legitimate nodes, sending misleading data like false traffic alerts or incorrect directions. This can disrupt traffic management and endanger road safety. Traditional security methods, such as authentication or encryption, are less effective in VANETs due to their dynamic and distributed nature. This study proposes a game-theoretic approach to detect and mitigate Sybil attacks in VANETs. By modeling strategic interactions, our method identifies malicious behavior and minimizes the impact of fake nodes. The proposed system achieves high detection accuracy by analyzing key indicators, including the Angle of Arrival (AoA), Trust Score, Entropy, and Beacon Count. We evaluated the approach using Network Simulator 2 (NS2.34), demonstrating its effectiveness in enhancing network security. This methodology strengthens VANET resilience, ensuring safer and more reliable vehicular communication.

In this paper, a robust enhanced Sybil attack detection scheme is proposed using both the Doppler shift and received signal strength (RSS) as physical layer parameters to identify Sybil nodes in a mobile network. The proposed scheme employs the absolute value of the difference between Doppler shift and RSS values for all pairs of nodes as test statistics, where threshold-based statistical hypothesis testing is performed to detect Sybil nodes. A performance evaluation of the scheme is provided in terms of its true positive rate (TPR) and false positive rate (FPR), and where an approximate expression for both metrics is provided for the particular two-user case. The proposed scheme yields a significant security enhancement compared to its single-attribute Doppler shift- and RSS-based schemes, where the proposed scheme's TPR manifests an increase surpassing 32% and 255%, with respect to the two aforementioned schemes, respectively. The performance evaluation shows the potential of incorporating multiple channel-based features for a robust Sybil attack detection scheme in mobile networks.

In this article, a robust machine learning (ML)-based scheme for Sybil attack detection in mobile networks is proposed. The proposed scheme exploits three physical-layer features, namely, the Doppler shift, received signal strength (RSS), and channel state information (CSI) for identifying Sybil nodes. By employing a Bayesian optimization method, an optimized random forest ML classifier is utilized for the classification phase by exploiting the estimated and processed physical-layer attributes, yielding an efficient node classification and Sybil attack detection in a mobile network. A thorough performance evaluation of the proposed scheme is performed in terms of its receiver operating characteristic (ROC) curve, demonstrating higher node classification accuracy gains. Furthermore, the proposed scheme outperforms its benchmark schemes, namely, the single- and dual-attribute schemes and the three-features hypothesis-based one. Specifically, the proposed scheme improves the true positive rate (TPR) by 12.5% compared to its dual-feature RSS–Doppler shift-based counterpart, and enhances the Doppler shift-, RSS-, and CSI-based single-attribute ones by 216%, 137%, and 36%, respectively, in terms of the TPR.

Vehicular Ad Hoc Networks (VANETs) are a cornerstone of intelligent transportation systems (ITS), enabling decentralized vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communication. However, their dynamic topology and infrastructure less design make VANETs vulnerable to serious security threats. One major threat is the Sybil attack, where a single malicious node creates multiple fake identities to manipulate network behavior and compromise safety critical services. This paper presents a scalable, learning-based Sybil detection framework that models VANETs as time-evolving graphs. Vehicles are characterized using spatio-temporal features derived from beacon messages, including displacement, speed variation, directional change, beacon frequency, trust score, and behavioral similarity score. To enhance detection accuracy, a lightweight similarity-based clustering mechanism is introduced to capture identity correlations without assuming prior knowledge of malicious nodes. An XGBoost classifier is used to learn decision boundaries from a labeled dataset constructed via OMNeT++ simulations. The model achieves over 96% accuracy with less than 4% false positive rate across various traffic densities, demonstrating robust generalization.

The Intelligent Transportation System (ITS) is advancing with enhanced vehicular networks, making security a critical concern. A major threat to these networks is Sybil attacks, where adversaries forge multiple identities to compromise the system. We propose Federated Learning for Sybil Attack Detection in Transportation Systems (FL-SATS), a mechanism leveraging federated learning for detecting Sybil attacks in ITS. FL-SATS employs a unique three-tier model aggregation at the Roadside Unit, Roadside Controller, and Software-Defined Network Controller, achieving high accuracy. Our results show that FL-SATS outperforms traditional methods with a detection accuracy of $\mathbf{9 8. 7 \%}$ in baseline Sybil attacks, and $\mathbf{9 8. 5 \%}$ in highdensity traffic. Moreover, the fuzzy logic-based vehicle selection mechanism optimizes localized training, further reducing detection latency to 20 ms and lowering communication overhead by up to 33% compared to centralized learning approaches. These results establish FL-SATS as a robust solution for securing vehicular communication.

The Vehicular Ad-Hoc Network (VANET) model stands out as a cost-effective and easily deployable solution for traffic management and accident prevention. Within VANET, nodes employ broadcast protocols for disseminating safety information rather than relying on routing protocols. Nonetheless, there exists a vulnerability to malicious activities, such as targeted attacks where a vehicle may intentionally transmit harmful packets to cause harm. Among these, the Sybil attack (SA) poses the most severe threat, wherein the attacker creates multiple identities to impersonate distinct nodes. Detecting and defending against such attacks, particularly when perpetrators operate under genuine identities, presents significant challenges. To mitigate this issue, a deep learning-based intrusion detection system (IDS) has been proposed for effectively identifying SA in VANET. The system employs a clustering algorithm known as Glow Worm Swarm Optimization (Gon SO)-based K-harmonic means (GSOKHM) for vehicle clustering. Subsequently, it utilizes the Floyd-Warshall algorithm (FWA) to designate Cluster Heads (CH) from these clusters. Following CH selection, our advanced CMEHA-CNN algorithm utilizes a combination of Convolutional Neural Network (CNN) and chaotic maps to detect any malicious CH. This entails extracting pertinent features from the CH. Upon confirming the legitimacy of the CH, its information is firmly transmitted to the cloud by means of SHA2-ECC, a fusion of Secure Hashing Algorithm and Elliptic Curve Cryptography. The simulation (NS-2.35) outcomes of our proposed methodology achieves an impressive accuracy rate of 98.9% and ensures a high level of security at 99%, surpassing existing methodologies.

A Vehicular Ad Hoc Network is a set of mobile nodes forming a temporary multi-hop connection with the help of other vehicles and connected to roadside units (RSU) also. The absence of any authority from vehicle to vehicle invites many attackers that modify data, lose data, and degrade the utilization of resources. The vehicles are moving on roads with different velocities and may be possible to follow same direction or choose any other direction. Links between the vehicles are created and break in unpredictable way, which makes pretty challenging. The role of intermediate vehicles on route to forwards the traffic information to receiver. The sybil attack behaviour is a type of active attack that generates multiple identities (IDs) to gain the data from the network and drop it. The attacker node utilizes the network by spoofing the IP or MAC address, which is able to damage the complete network for personal gain. In this article the proposed sybil attack detection and protection using dynamic trust detection and prevention (SyDTDP) in VANET. The SyDTDP is focused on determining the packet loss caused by malicious activity. The article places more emphasis on malicious attacker node detection that is part of the route exploit and drops data in the communication, which decreases the overall performance of the network. The attacker's loss is more than the loss of a channel. The proposed SyDTDP detects attacker nodes and calculates the trust factor for each node, whether that node is an attacker or not. The result section compares the performance of Sybil attack detection using extreme machine learning (SyDVELM) with dynamic trust-based Sybil attack detection and prevention (SyDTDP) and gets the outcome in terms of packet receiving, number of packets captured during Sybil attacker and proposed methods, routing load, and average delay (ms). The results conclude that the proposed dynamic trust performs well in all network parameters as compared to existing security systems. The simulation of the network is done by Network Simulator 2 and deploys the VANET scenario of the attacker, SyDVELM, and the proposed SyDTDP.

In Industrial Wireless Sensor Networks (IWSNs), Sybil attacks compromise network topology and reduce data reliability by forging virtual nodes, leading to degraded network performance and significantly diminished monitoring accuracy. To address these issues, this study aims to propose a high-accuracy and highly robust Sybil attack detection method to overcome the limitations of traditional detection approaches, such as low precision and difficulty in handling ambiguous probability boundaries. The research designs a collaborative detection mechanism that integrates a CNN-BiLSTM-Attention (CBSA) deep learning module with the K-means clustering algorithm. By combining "multidimensional feature extraction via deep learning + clustering-based classification boundary optimization," an end-to-end Sybil attack detection model (CBSA-Kmeans) is constructed.The specific implementation includes four parts:  1. A Convolutional Neural Network (CNN) processes the raw sensor data matrix to extract spatial local patterns and capture abnormal correlation features among nodes.  2. A Bidirectional Long Short-Term Memory network (BiLSTM) processes the feature sequences output by the CNN. The forward LSTM learns the "past-present" temporal dependencies to identify the cumulative effects of attacks, while the backward LSTM models the "present-past" temporal correlations to trace attack origins.  3. An Attention mechanism is introduced to dynamically focus on key time steps corresponding to critical attack features, generating a weighted context vector and outputting attack probability predictions. 4. The K-means clustering algorithm is employed to perform secondary partitioning on the prediction probability space output by the CBSA module. By measuring Euclidean distances, high-density attack clusters and normal data clusters are constructed to form decision regions, thereby optimizing classification boundaries.Through a progressive approach of "spatial feature extraction → temporal dependency modeling and key feature enhancement → probability space clustering optimization," the model achieves attack detection: CNN first performs preliminary spatial feature screening, BiLSTM and Attention collaboratively mine temporal attack features and highlight critical information, and finally, K-means clusters the prediction probabilities to clarify the boundaries between attack and normal data.  Experimental results demonstrate that the CBSA-Kmeans model excels in IWSN Sybil attack detection tasks: it achieves a detection accuracy of 98.2% and a recall rate of 96.7%, representing an improvement of over 12% compared to traditional detection methods. Additionally, the model has minimal negative impact on network performance, increasing IWSN network throughput by 23.5% and reducing data transmission latency by 31.8%, while effectively addressing the ambiguous probability boundary issue present in traditional methods.  In conclusion, the CBSA-Kmeans model achieves high-precision and highly robust detection of Sybil attacks in IWSNs through the synergistic integration of deep learning and clustering algorithms, validating the effectiveness and superiority of this collaborative detection mechanism.  This method provides a practical technical solution for IWSN security protection, ensuring network topology integrity and data transmission reliability while enhancing operational efficiency and monitoring accuracy. It holds significant practical application value for ensuring the secure and stable operation of wireless sensor networks in industrial settings.

Vehicular Ad Hoc Networks (VANETs) play a vital role in enabling Intelligent Transportation Systems (ITS) by allowing communication between vehicles and between vehicles and infrastructure. However, these networks are vulnerable to various attacks that can threaten the integrity and safety of the network. One major attack is the Sybil attack, where malicious actors create multiple fake identities to confuse the network and disrupt normal communication and activities. In this work, we develop a real-time detection framework based on machine learning (ML) that processes data generated in real time from simulations using OMNeT++, Veins, and Simulation Urban Mobility frameworks. Our approach leverages four ML models: Random Forest, Gradient Boosting, XGBoost, and LightGBM, along with a stacking ensemble model to enhance detection accuracy. The proposed models are periodically trained on batches of data collected during the simulation, enabling continuous learning. Adaptive training strategies and a web-based dashboard enable continuous monitoring and effective detection of Sybil attacks. Notably, the simulation successfully replicates realistic Sybil attack scenarios and yields a new labeled dataset, which can support future research in this area. Our results demonstrate that the framework effectively detects Sybil attacks in dynamic vehicle networks, highlighting its potential to enhance security in ITS.

This paper proposes a novel blockchain-based framework for securing vehicular networks against Sybil attacks while maintaining scalability, decentralization, and privacy. The system leverages dynamic Proof of Location (PoL) in a game-theoretic setting, where vehicles self-organize into groups and elect leaders who set PoL parameters based on traffic conditions. We implement a realistic Sybil attack in NS-3 and show that the framework adaptively tunes PoL difficulty, beacon count (NBea), and required witness signatures (NSig) according to vehicular density and trust scores, modeled via a Bayesian–Stackelberg game. Vehicles build communication graphs from PoL interactions and forward them to RSUs, which apply spectral clustering to separate benign from Sybil-controlled groups. Our evaluation highlights the interplay between latency, TPS, and the blockchain trilemma, and across three urban scenarios (dense urban, medium-sized city, and closed test circuit) confirms resilience to Sybil infiltration. Results further show that inter-vehicle distance and communication quality dominate Sybil detectability, while adaptive thresholds sustain high TPS with bounded latency under varying load conditions.

In the Internet of Things (IoT), Sybil attacks pose significant security vulnerabilities that can severely disrupt IoT operations by generating duplicate and fraudulent identities and fake routes. In this paper, we used a Novel Elk Herd Optimizer (EHO) with the help of Trust estimation to detect the Sybil attack in IoT. The model employs combined direct and indirect trust metrics for Sybil detection, strengthening the network's resistance. The EHO algorithm successfully explores and exploits through its optimal trust threshold calculation process, which accurately identifies malicious nodes. Simulation results show that the proposed EHoSAD outperforms the existing baseline approaches.

In the context of the Internet of Vehicles, Sybil Attack, as a form of identity forgery attack, is relatively common. It poses a serious threat to the security of vehicle-mounted ad hoc network (VANET) interactions and greatly affects the public safety situation in areas such as intelligent transportation. Currently, the Sybil attack detection models built based on vehicle-mounted ad hoc networks generally have certain shortcomings, making it difficult to respond to such attacks efficiently and accurately. In view of this, this study innovatively proposed a Transformer-CNN model based on temporal feature fusion, which directly passes the global features processed by the Transformer as input to the CNN module, thereby constructing a serial processing architecture. With the help of this architecture, an effective detection model can be built to accurately identify which attack behaviors with an accuracy rate of up to 97%. Through this experiment, the security of the vehicle ad hoc network during the interaction process has been significantly enhanced. At the same time, it also provides a very valuable reference basis and practical direction for further improving the overall security and reliability of the network.

Independent wireless communication is possible in a "mobile ad hoc network" regardless of any predefined administrative or physical framework. The comprehensive enhancement of services for these networks depends on protecting their interactions. The Sybil attack creates numerous counterfeit identities to disrupt the system's remote functionalities. Implementing a security plan necessitates the establishment of a trust model that delineates the confidence relationships among entities. The trust structure in mobile ad hoc network security has been extensively researched. Mobile ad hoc networks are intrinsically more vulnerable to security breaches than wired networks because of their wireless characteristics. The primary factors contributing to this are energy limitations and security vulnerabilities. A comprehensive methodology has been established to improve the identification of Sybil attacks in MANETs. The system employs two advanced machine learning approaches, Ensemble Regressive Arboretum and AdaBagging, alongside network-feature extraction. Numerous trust models have been developed by integrating AdaBagging and the Ensemble Regressive Arboretum, while most known approaches rely on a singular framework. A Sybil assault transpires when a few numbers of individuals masquerade as numerous peers to obtain unauthorized access to a significant portion of the system. This research employs a machine learning methodology to identify Sybil attacks in MANETs by collecting network metrics such as traffic characteristics, communication patterns, and node activities.

In Wireless Sensor Networks(WSNs), the unknown node coordinates are localized using the anchor nodes known as Node Localization (NL). Nodes equipped with GPS and aware of their location are called Anchor Nodes(ANs), and ANs help to find the location of the Target Nodes (TNs). The nodes that temper with the localization process are called malicious nodes (MNs). Hence, the deployment of all the nodes and their security have always remained one of the main points of concern. In various applications for which position is very crucial, correct location estimation plays a vital requirement. Under these circumstances, it is critical to know the precise location of the sensor nodes. If the node localization is inaccurate, the gathered data may lose its significance or, may influence incorrect conclusions hence making the application worthless and thus leading to the need for various localization techniques to secure the networks. Various attacks such as Sybil attacks and Wormhole attacks aim at disrupting the functionality of location-based applications. A Node Localization (NL) scheme that is secure against Sybil attacks (SA) based on the Distance Vector-Hop(DV-Hop) mechanism (SNLASA), a defense and detection algorithm is introduced to mitigate Sybil attacks (SA) in WSNs. This scheme helps to lower the node Localization Error by almost Error by almost 2-3% and also gives better Localization accuracy than the existing DV-Hop algorithms. Hence, this paper proposed a secure range-based localization technique (SNLASA) against Sybil's attack to defend our network with a better detection rate.

No abstract available

No abstract available

No abstract available

In the face of growing air traffic complexity and the escalating sophistication of cybersecurity threats, the centrality of Automatic Dependent Surveillance-Broadcast (ADS-B) in air traffic control systems is undeniable, necessitating rigorous defense measures for its data due to the elevated security risks that can compromise the safety and efficiency of the airspace. To address these challenges, this paper proposed the Frequency Enhanced Patch Attention Network (FEPAN)-an advanced method built on the Transformer architecture and enriched with a novel frequency-based contextual enhancement specifically designed to expose anomalous patterns and activities within ADS-B data that conventional analyses might miss. Thoroughly tested against expansive ADS-B datasets featuring simulated deceptive maneuvers across diverse flight phases, our FEPAN methodology exhibits superior ability to pinpoint such intricacies with high accuracy, offering an indispensable tool for reinforcing the safeguarding of airspace operations.

No abstract available

The rapid integration of Unmanned Aerial Vehicles (UAVs) into smart city infrastructures necessitates advanced security measures to ensure their safe and sustainable operation. However, existing Automatic Dependent Surveillance–Broadcast (ADS-B) systems are highly vulnerable to spoofing, data falsification, and cyber threats, which compromises air traffic management and poses significant challenges to UAV security. This paper presents an innovative approach to improving UAV security by introducing a novel steganographic method for ADS-B data protection. The proposed method leverages Fourier transformation to embed UAV identifiers into ADS-B signals, ensuring a high level of concealment and robustness against signal distortions. A key feature of the approach is the dynamic parameter management system, which adapts to varying transmission conditions to minimize distortions and enhance resilience. Experimental validation demonstrates that the method achieves a tenfold reduction in Mean Squared Error (MSE) and Normalized Mean Squared Error (NMSE) compared to existing techniques such as mp3stego while also improving the Signal-to-Noise Ratio (SNR) and Peak Signal-to-Noise Ratio (PSNR) compared to s-tools. The proposed solution ensures compliance with existing ADS-B standards, maintaining seamless integration with air traffic management systems while enhancing cybersecurity measures. By safeguarding UAV communications, the method contributes to the sustainable development of smart cities and supports critical applications such as logistics, environmental monitoring, and emergency response operations. These findings confirm the practical feasibility of the proposed approach and its potential to strengthen UAV security and ADS-B data protection, ultimately contributing to the resilience and sustainability of urban airspace infrastructure.

Automatic Dependent Surveillance-Broadcast (ADS-B) is a critical component of next-generation air traffic management systems. However, its vulnerability to spoofing attacks stems from the broadcast of plaintext messages lacking encryption and authentication, potentially leading to severe consequences. To address this, this paper proposes an LSTM-Transformer Fusion Variational Autoencoder (LTF-VAE) for ADS-B anomaly detection. The key innovations are: (1) The encoder employs a Bidirectional LSTM for local temporal modeling combined with a 3-layer 8-head Transformer for global spatio-temporal modeling. (2) Variational inference is introduced to generate latent space distributions, constraining the model to probabilistically represent normal flight patterns. (3) The decoder utilizes a cascade structure of a single-layer LSTM and a 2-layer Transformer, reconstructing multidimensional flight parameters synchronously via fully connected layers. Experiments demonstrate that the model effectively detects diverse ADS-B anomalies under various attack scenarios, outperforming baseline methods.

ADS-B is a widely used protocol that transmits aircraft’s position, velocity among other data. The protocol is not encrypted leading to the need of validation. A validation algorithm is proposed that makes use of Time Difference of Arrival localization to validate the position and velocity of ADS-B transmitting targets. Nowadays, Air navigation service providers (ANSP) commonly have at least one TDOA localization system in operation, allowing for cost effective implementation. Validation is achieved by using a Particle Filter and hypothesis tests. A novel method is used where the initial density is generated effectively based on the first set of TDOA measurements. Validation is possible when two or more ground stations receive the same ADS-B transmission, therefore the Particle Filter is designed to process such measurements. The algorithm is tested on data provided by Air Traffic Control The Netherlands’ North sea surveillance system. Results show that the validation works and that the algorithm is able to detect spoofing. Based on spoofed ADS-B messages and true TDOA measurements, the real and fake target can be detected when the distance is roughly 750 to 1000 meters (depending on the situation and the various tuning parameters). In addition, validation based on two or more ground stations per measurements has the effect that the validation area is increased, when compared to traditional filters that require 4 ground stations for tracking.

Automatic Dependent Surveillance-Broadcast (ADS-B) is widely deployed in modern aviation to provide accurate positional data for aircraft. However, ADS-B suffers from vulnerabilities due to the lack of encryption and authentication, making it susceptible to spoofing and tampering attacks. This paper proposes an authentication framework for the ADS-B system using Elliptic Curve Cryptography (ECC) and evaluates the security and performance of this system through both simulation and analytical models. The proposed scheme enhances ADS-B security without compromising realtime performance. Simulation results show the effectiveness of the framework, with a modest increase in computational overhead and significant improvements in data integrity and authentication robustness

Space-Based Automatic Dependent Surveillance-Broadcast (ADS-B) is an aircraft surveillance system that equips satellites with ADS-B signal reception devices to monitor aircraft globally. ADS-B is vulnerable to spoofing sources as ADS-B messages are broadcast without cryptographic security mechanisms, a passive aircraft tracking using unscented kalman filter on ADS-B Signals is proposed. The paper establishes models for the space-based ADS-B system, signal processing, and aircraft motion , state and observation equations are given through theoretical analysis. Unscented Kalman filtering is used for aircraft tracking. The correctness and effectiveness of the method are verified through simulations. The study shows that the proposed method has high tracking accuracy and fast convergence speed for aircraft, and the accuracy of end position reaches 0.001km, and the accuracy of end speed reaches 0.036km/s.

Automatic Dependent Surveillance Broadcast (ADS-B) system is widely used in the field of aerial surveillance because of its accuracy and high efficiency. However, ADS-B system is easy to be spoofed and interfered because it broadcasts signals in plaintext format and lacks data encryption and message authentication mechanism. This article conducts research on this issue. Firstly, it analyzes the structure of the ADS-B system and discusses its data anomaly problems. It summarizes that researchers at home and abroad generally approach the solution to data anomaly problems from three directions: encrypting the data link, improving the ADS-B hardware and software, and analyzing from the perspective of the ADS-B data fields. Then, it particularly points out that artificial intelligence algorithms also build models from the perspective of the ADS-B data fields to complete ADS-B track data anomaly detection, including algorithms based on clustering, data reconstruction, and data temporal correlation. Finally, this paper compares the detection precision, recall rate, and F1 score of several deep learning algorithm models based on data time-related, and finds that they all have excellent ADS-B data anomaly detection effects, with detection precision all above 92.2%, recall rate all above 84.9%, and F1 score all above 86.8%.

This paper provides a detailed overview of the Phase Shift Keying (PSK) modulation applied as a new Automatic Dependent Surveillance – Broadcast (ADS-B) feature introduced in the last normative documents DO-260C / ED-102B, developed within the Single European Sky Air Traffic Management (ATM) Research (SESAR) 2020 PJ.14-W2-84d solution. An explanation of the technology, along with objectives, validation exercises, results, conclusions, benefits and recommendations based on the performed work is given.PJ.14-W2-84d was a technological solution validating the new PSK feature for ADS-B, which enables the transmission of additional information through the phase modulation of the current amplitude Pulse Position Modulation (PPM) of ADS-B. This modification avoids the need to change the structure of the current extended squitter message of its assigned spectrum (1090 MHz), maintaining the backwards compatibility of the ADS-B surveillance system.The improvement of this ADS-B version on the transmission bit rate (data rate increases from 112 to 448 raw bits, effectively from 56 to 260) will allow the transference of new data, which could be used for diverse applications: provision of a more detailed weather information, authentication of ADS-B transmissions in order to avoid threats as spoofing, or reduction of the 1090 MHz frequency spectrum congestion, among others. To achieve its targets, the solution followed the specifications of the RTCA and EUROCAE published standards: DO-260C and ED-102B, respectively.This solution was part of research activities carried out within the frame of SESAR 2020 PJ.14-W2 I-CNSS project. This project aimed to develop an integrated suite of CNS solutions meeting the current and future operational requirements of air traffic management in the short, mid and long term. This includes a strengthened security and increased spectrum efficiency. In addition, it aims to ensure their global interoperability, as outlined in the International Civil Aviation Organization (ICAO) Global Air Navigation Plan (GANP).The PJ.14-W2 I-CNSS project aimed to support European and global harmonization of CNS between airlines, Air Navigation Service Providers (ANSP) and industry, as well as interoperability between civil and military aviation.Continuing with the outcomes obtained in this solution and shown in this paper, a new SESAR 3 solution has been created within MITRANO project to study the potential introduction of an authentication algorithm for ADS-B in order to avoid threats such as spoofing. This solution will study if the implementation of this new feature making use of the extra data capacity provided by Phase Shift Keying is feasible, which would provide an additional security layer to ADS-B surveillance system.

This paper addresses the security vulnerabilities in Automatic Dependent Surveillance–Broadcast (ADS–B), a pivotal technology in modern air traffic management. While ADS-B enhances situational awareness and operational efficiency, its reliance on open, unencrypted transmissions renders it susceptible to spoofing, jamming, and eavesdropping. Focusing on anti-spoofing techniques, this paper introduces a novel approach to classifying spoofed versus authentic preamble of ADS-B signals using machine learning methods, including k-Nearest Neighbors (kNN) and Multilayer Perceptron (MLP). We curated a dataset of 255 signal traces under high-noise conditions for the experiment, exploring the effectiveness of steady-state amplitude and transient-state correlation analyses alongside the proposed classifiers. The results reveal that while MLP models achieve promising precision rates of over $\mathbf{9 0 \%}$, optimization and larger datasets are required to meet stringent safety standards. These findings offer a foundation for developing robust, real-time ADSB spoofing detection systems, critical for ensuring aviation safety.

As spoofing attacks on GNSS-based aircraft navigation systems become more common in commercial aviation, independent local- ization methods such as ground-based distributed multilateration are increasingly being adopted for enhanced safety. While previous work has suggested these systems may be susceptible to multi- device spoofing, no successful real-world multilateration spoofing attacks have been documented so far. In this study, we examined the feasibility and potential impact of wireless spoofing on two deployed commercial multilateration systems. Our findings reveal that these systems share vulnerabilities with GNSS-based solutions such as ADS-B, although considerably greater effort is required for a successful attack. Using a testbed with a reception range ex- ceeding 300 km, we evaluated the requirements and constraints for executing such attacks and compared the efficacy of ghost injection, flooding, and trajectory manipulation tactics. These insights can help inform measures to secure existing multilateration systems.

This study aims to enhance the security of high-speed Low Earth Orbit (LEO) communication systems by developing an integrated, multi-layered security framework that addresses the limitations of current aerospace cybersecurity measures. The primary challenge lies in ensuring real-time data confidentiality, integrity, and authenticity in the face of sophisticated quantum and spoofing threats. To overcome these issues, the research contribution is the design and evaluation of a unified framework that combines quantum-resistant encryption using a FACT system with a Quantis USB quantum random number generator, an LSTM encoder-decoder model for real-time anomaly detection in ADS-B messages, and a blockchain-based mechanism for immutable data logging. The methodology involves benchmarking quantum-enhanced AES against traditional encryption schemes, training the LSTM network to detect subtle anomalies in flight data, and assessing blockchain scalability under high transaction loads. Results indicate significant improvements in encryption speed and detection accuracy—demonstrating up to a 30% increase in anomaly detection performance—while also revealing challenges such as increased computational overhead and scalability limitations in blockchain implementation. The framework shows promise for practical applications in satellite communications and air traffic management, though further research is needed to optimize resource consumption and enhance system resilience under extreme operational conditions.

The aim of the study is to develop and evaluate machine learning models for detecting cyber threats in aviation communication and navigation systems. Modern aviation infrastructures, including ADS-B and ACARS protocols, are vulnerable to attacks such as GPS spoofing, DoS, and false message injection. The study uses a combined dataset of 50,000 records, of which 30% simulate attacks and 70% represent normal system operation. The methodology includes the use of Random Forest, SVM, and autoencoder models. After normalisation and dimensionality reduction (to 10 PCA components), the models were trained and tested using 5-fold stratified cross-validation. Random Forest showed the best classification accuracy — 96.4%, with an F1-measure of 94.9%, Recall 95.1% and Precision 94.7%. SVM demonstrated 91.2% accuracy, while autoencoder achieved 92.3% successful attack detection with a false positive rate of no more than 4.1%. According to ROC analysis, the Random Forest model had an AUC = 0.98, and Precision-Recall analysis showed an AP = 0.96. The scientific novelty lies in the systematic comparison of models with and without a teacher in terms of their applicability to real aviation scenarios, taking into account the specifics of protocols and temporal features. The practical significance lies in the possibility of integrating the trained models into air traffic monitoring systems and digital onboard systems for early threat detection, minimising the risk of failures and improving flight safety.

A significant challenge in the domain of anti‐drone warfare is the identification of enemies or own aircraft through the analysis of data broadcast by drones (e.g. ADS‐B). This issue can be conceptualized as an open set recognition (OSR) problem. This paper proposes a DV‐OSR‐QSED framework for the purpose of data visualization‐based OSR (DV‐OSR). Phase‐based 2D high‐importance features are extracted, the DV‐OSR framework is designed and mapped to 2D, and the 5th and 95th quantile selection‐Euclidean distance (QSED) strategy is proposed. Experiments show that by using the proposed framework, the correct classification rate for known and unknown samples is 96.04% and 95.79%, the recall rate and F1 value are 89.00% and 92.27%, and the AUC is 0.9630.

Civil aviation is moving toward intelligent flight control. This shift improves automation and operational efficiency. However, the use of intelligent systems also introduces new challenges for reliability and safety. This study investigates key reliability measures for intelligent flight systems. These include rates of in-flight interruptions and delays. It also examines the maintenance technologies that support these systems. One important trend is the move to data-driven predictive maintenance. This approach uses big data and machine learning. Training for maintenance technicians is also a key factor for overall system reliability. The study also looks at risks from cybersecurity threats. Examples include ADS-B spoofing attacks. Results show that intelligent flight systems in civil aircraft need to combine advanced methods. These methods include reliability and safety co-design, explainable AI (XAI), and digital twin verification platforms. Together, they help create a defense with multiple layers. A key part of this is strict network separation between critical and non-critical areas. Looking ahead, integrated frameworks and cooperation across different fields will be important. This will support further progress in intelligent flight systems toward improved reliability and safety.

With the rapid development of the unmanned aerial vehicles (UAVs) industry, there is increasing demand for UAV surveillance technology. Automatic Dependent Surveillance-Broadcast (ADS-B) provides accurate monitoring of UAVs. However, the system cannot encrypt messages or verify identity. To address the issue of identity spoofing, radio frequency fingerprinting identification (RFFI) is applied for ADS-B transmitters to determine the true identities of UAVs through physical layer security technology. This paper develops an ensemble learning ADS-B radio signal recognition framework. Firstly, the research analyzes the data content characteristics of the ADS-B signal and conducts segment processing to eliminate the possible effects of the signal content. To extract features from different signal segments, a method merging end-to-end and non-end-to-end data processing is approached in a convolutional neural network. Subsequently, these features are fused through EL to enhance the robustness and generalizability of the identification system. Finally, the proposed framework’s effectiveness is evaluated using collected ADS-B data. The experimental results indicate that the recognition accuracy of the proposed ELWAM-CNN method can reach up to 97.43% and have better performance at different signal-to-noise ratios compared to existing methods using machine learning.

Specific Emitter Identification (SEI) is a critical component of the Industrial Internet of Things (IIoT), enabling effective identification and validation of unauthorized communication devices, thereby preventing malicious interference and signal spoofing. However, SEI methods based on deep learning involve significant computational overhead, and SEI methods based on feature engineering require specialized expertise for feature design, limiting their ability to capture complex patterns. In this paper, we propose a data-knowledge dual-driven adaptive feature fusion approach for specific emitter recognition. Specifically, we present an adaptive feature fusion strategy that integrates domain experts’ prior knowledge with the complex feature recognition capability of deep learning models to achieve efficient SEI classifiers. The approach is evaluated using Automatic Dependent Surveillance-Broadcast (ADS-B) data. The experimental results demonstrate that the proposed method achieves a higher level of identification accuracy and lower time complexity.

The proliferation of spoofed signals in Internet of Things (IoT) systems, particularly in air traffic management, poses a significant threat to aviation safety, especially in resource-limited environments where computational efficiency and secure sensor networks are crucial. Current deep learning-based specific emitter identification (SEI) methods often perform pruning and depthwise separable convolution (DSC) in separate stages, neglecting their interdependencies, which results in suboptimal compression and compromised model performance. To address this, we propose a reinforcement learning (RL)-based automated joint compression network (AJCN) for efficient aircraft authentication using automatic dependent surveillance-broadcast (ADS-B) signals. Our approach unifies channel pruning and DSC, guided by a proximal policy optimization (PPO) algorithm to adaptively identify high-quality compression strategies that jointly enhance efficiency and preserve accuracy (Acc). Experiments on the public ADS-B dataset, our pruned network cuts parameters from 0.38M to 0.03M and floating-point operations (FLOPs) from 24.63M to 1.15M with only a 0.68% accuracy loss. On the USRP dataset, it compresses even further—from 0.37M to 0.006M parameters and from 24.62M to 0.63M FLOPs while the accuracy drops by just 0.17%. The code is available at: https://github.com/wdenxw/AJCN.git

There are many applications for secure authentication of unmanned moving vehicles (UMVs). Traditional object appearance-based detection systems might be vulnerable to adversarial optical deception (spoofing). To address this challenge, we crafted a tracking and authentication system resistant to spoofing by equipping both the unmanned moving vehicles and the optical receiver with optical ID tags. A variety of approaches may be used to generate secure optical tags, such as three-dimensional (3D) phase encoded tags or tags utilizing meta materials. The optical tag mounted on the UMVs generates a unique optical signature produced by illuminating the ID tag with a light source. At the receiver, this optical signature is optically encrypted by a proprietary optical key placed within the optical acquisition system to ensure that the signature of the authorized UMVs cannot be reverse engineered. The encrypted signature is then processed by a deep learning network, such as the UNet-ConvLSTM network, within a conditional generative adversarial network (cGAN) framework. This network is trained to authenticate the encrypted unique signature of the tag and track its location simultaneously. We experimentally evaluate the performance of the present method under three environmental conditions, such as normal light, low light, and fog. The results show that, through training for each environment, our model successfully tracks and authenticates the optical ID tags even under degraded environmental conditions. Our system might be a solution for spoof-resistant tracking and authentication of UMVs such as unmanned aerial vehicles, drones, aircraft, satellites, etc. in various applications, including defense and surveillance. To the best of our knowledge, this is the first report on secure authentication and tracking of unmanned moving vehicles with optical ID tags.

The explosive growth of wireless devices has made traditional Media Access Control (MAC) or key-based authentication schemes increasingly vulnerable to spoofing. Specific Emitter Identification (SEI) counters this by exploiting hardware-induced Radio Frequency Fingerprints (RFF) to uniquely identify devices at the physical layer, providing inherent antispoofing capability. However, real-world channel impairments multipath fading, Carrier Frequency Offset (CFO) and noise severely distort these fingerprints, so SEI methods that assume ideal channels can see their performance collapse in complex environments. To address this issue, we propose a Dual-Stream Adversarial Disentanglement Network (DADN). One stream encodes device-specific RFF, while the other explicitly models channel distortions; a Gradient Reversal Layer (GRL) plus KL-divergence regularization forces the network to disentangle device and channel factors in feature space, resulting in channel-invariant representations. The supervised loss preserves identity discrimination, while adversarial and KL losses suppress channel coupling. Experiments on an ADS-B dataset under various simulated channels show that DADN outperforms both the baseline and several advanced methods by a large margin, maintaining high accuracy and stability even on unseen channels. These results confirm the effectiveness of the dual-stream disentanglement strategy for robust SEI.

Identifying anomalous flight trajectories of unmanned aerial vehicle (UAV) is crucial in airspace operations, as it can protect UAV from potential safety risks. Meanwhile, it is an important means of monitoring the health of UAV agent. Despite significant progress in this area, many existing methods fail to account for the dynamic interaction of trajectory features. This paper introduces a novel network for anomaly detection of UAV trajectories using a multi-views analysis approach. Firstly, Three-view data is sent to the network, including plane cruises data, take-off context, and geographical context. Secondly, by combining the U-net with multi-head attention mechanisms, the network can effectively integrate and analyze data from multi-views data. This not only enhances the dynamic interactivity of features but also enables precise detection of UAV trajectory anomalies. Finally, we conducted experiments on the Automatic Dependent Surveillance-Broadcast (ADS-B) dataset to validate the effectiveness of this method. Experimental results show ADS-B spoofing attack can be detected through monitoring UAV trajectory anomalies. Our approach of anomalous trajectory detection can detect spoofing attacks with a success rate of 96.7%.

In recent years, deep learning (DL) techniques have been extensively utilized for specific emitter identification through the extraction of RF fingerprints. A significant challenge that DL models face in real-world scenarios is the continuous emergence of new wireless devices, such as unknown drones that suddenly appear in the sky. In these situations, the radio monitoring system must be capable of detecting these unknown devices (open-set recognition) and incrementally updating the DL model’s knowledge using only a few captured samples. This requirement presents two main challenges: 1) Incremental updates from few-shot samples can lead to catastrophic forgetting and overfitting in DL models; 2) Constructing reliable open-set thresholds for new devices with few-shot samples is difficult. To address these challenges, we propose a novel few-shot open-set incremental learning (FSOSIL) framework through meta-learning for RF fingerprint recognition, named Meta–RFF. The core idea of Meta–RFF is to simulate few-shot incremental learning and open-set recognition scenarios by constructing numerous pseudo-FSOSIL tasks and meta-training them. To enhance the open-set recognition capability, we design RF feature augmentation, open loss, and adaptive open-set thresholding modules. The algorithm’s effectiveness is validated on the large-scale aircraft recognition dataset (ADS-B), showing an improvement in closed-set accuracy and open-set AUROC of the new class by approximately 10-20% compared to other algorithms with 1-shot. We also demonstrate the algorithm’s effectiveness in a real-world test bed.

We introduce “TMIoDT,” a pioneering framework aimed at bolstering communication security in the Internet of Drone Things (IoDT) integrated with Open Radio Access Networks (Open RAN), with a specific focus on bushfire monitoring applications. Our novel contributions include the seamless integration of digital twin technology with blockchain to establish a robust trust management system in the IoDT context. This approach addresses the critical vulnerabilities associated with unsecured wireless networks in IoDT, such as data integrity issues and susceptibility to cyber threats. The TMIoDT framework encompasses a mutual authentication mechanism to secure interactions and key exchanges among IoDT entities, including drones and Unmanned Ground Vehicles (UGVs). Furthermore, it leverages blockchain technology for credible trust management and employs digital twins to model UGV servers accurately, enhancing IoDT relationship modeling. An advanced Intrusion Detection System (IDS), utilizing Stacked Variational Autoencoder (SVA) and Attention-based Bidirectional LSTM (ABL), is implemented for anomaly detection, complemented by a blockchain-based transaction writing scheme for secure data verification. Our comprehensive evaluation, utilizing the ToN-IoT and ICIDS-2017 network intrusion datasets, confirms TMIoDT’s effectiveness in significantly improving communication security and reliability in IoDT.

The service delivery has lately witnessed strides in the form of paradigm shifts from conventional logistics to drone‐oriented supply chain to conserve ecosystem. The use of drones or unmanned aerial vehicles (UAVs) for package deliveries offer enhanced accessibility, flexibility, efficiency, speed, safety, and even few environmental gains. However, the drones can come across various security hazards while communicating with ground installations on open channels including physical capture attack, privacy infringement, and so on. Thus, earnest endeavors are needed to fix those security challenges in applications related to drone communications. To address these problems, an efficient authenticated key agreement technique, drone access control scheme for last mile delivery (DAC‐MD) is suggested for user‐drone interactions in IoD environment that help the participating entities in developing a mutually agreed session key for securing subsequent communication interactions. The proposed scheme is proved using automated ProVerif tool as well as analyzed by using formal analysis based on RoR random oracle model. The comparative analysis against recently presented known studies reveals that our scheme not only carries comparable properties in terms of security and privacy, but also low computational and communication costs.

The increasing adoption of Unmanned Aerial Vehicles (UAVs) for both commercial and recreational purposes has raised significant security and privacy concerns. DJI OcuSync 2.0, a proprietary communication protocol used in DJI drones, enables high-definition video transmission and telemetry over dual-frequency bands (2.4 GHz and 5.8 GHz). Detecting and identifying OcuSync signals in a crowded RF environment is crucial for effective drone monitoring and threat mitigation. This study presents an SDR-based detection system utilizing the USRP B210 with a 50 MHz sampling rate to capture OcuSync signals. Signal analysis is performed using Short-Time Fourier Transform (STFT) and Welch’s method for estimating Power Spectral Density (PSD). A Non-Parametric Amplitude Quantization Method (NPAQM) is implemented for dynamic threshold estimation to improve detection sensitivity. The system is tested under varying Signal-to-Noise Ratio (SNR) conditions, demonstrating high detection accuracy and robustness against interference. The proposed system provides a reliable framework for real-time OcuSync signal identification and can be adapted for broader UAV detection applications.

The abuse of drones has raised critical concerns about public security and personal privacy, bringing an urgent requirement for drone recognition. Existing radio frequency (RF)-based recognition methods follow the assumption of the closed set, resulting in the unknown signals being misclassified as known classes. To address this problem, we propose a Signal Semantic-based open Set Recognition (S3R) method in this paper. First, the short-time Fourier transform is introduced to construct the signal spectra, decoupling the drone signals with other interference signals. Then, we design a texture extractor and a position extractor to extract the texture features and position features from the spectra, respectively. The extracted features are further fused and structurally optimized to construct distinguishable signal semantics. Based on the structural characteristics of signal semantics, an outlier analysis-based semantic classifier is proposed, which searches the outliers of each known class in the closed set as the bounding thresholds to detect unknown instances. Finally, the detected unknown instances are further classified into their exact classes by implementing clustering in a new semantic space, where semantics are augmented by introducing basic features from the intermediate layers of the texture extractor. Besides, a real-world spectrogram dataset of commonly-used drones is released, which includes 24 classes and covers 7 brands. Extensive experiments demonstrate that the proposed S3R method outperforms the state-of-the-art methods in terms of accuracy and generalizability for both the closed set and the open set.

Unmanned Aerial Vehicles (UAVs) are being widely deployed for diverse applications, including surveillance, agriculture, logistics, disaster response, etc. Secure communication between a UAV and its ground control station (GCS) is paramount, as vulnerabilities can expose the system to cyber threats. Micro Air Vehicle Link (MAVLink) is a widely used open-source communication protocol that facilitates the exchange of messages between a UAV and a GCS. However, UAV-GCS communication under this protocol is unencrypted, making it vulnerable to eavesdropping and potential data compromise. While prior research has explored encryption mechanisms for MAVLink, most efforts remain theoretical or simulation-based rather than practical implementations. In this paper, we integrate various existing encryption algorithms, viz., Advanced Encryption Standard - Counter mode (AES-CTR), ChaCha20, Speck-CTR, and Rabbit, into MAVLink. We propose a novel cipher, MAVShield, designed to safeguard MAVLink-based communications. We perform a formal security analysis of MAVShield, which includes the study of 24 distinct attacks on the proposed cipher using various statistical test suites, viz., the National Institute of Standards and Technology (NIST) and Diehard test suites. Our analysis demonstrates the robust resistance of MAVShield to differential cryptanalysis. Furthermore, we show that the cipher also successfully thwarts over-the-air Man-in-the-Middle (MITM) and replay attacks. In addition, we thoroughly evaluate the performance of all five algorithms, viz., AES-CTR, ChaCha20, Speck-CTR, Rabbit, and MAVShield, and compare it with that of the standard unencrypted MAVLink protocol in terms of various metrics such as memory usage, battery power consumption, and CPU load, using a real drone testbed. Our performance evaluation demonstrates that MAVShield outperforms all the other encryption algorithms, and is hence a secure and efficient solution for protecting MAVLink-based communications in real-world deployments.

The popularization of uncrewed aerial vehicles (UAVs) has raised critical concerns about public security and personal privacy, necessitating drone recognition technology. Radio frequency (RF)-based monitoring methods are widely used because of their advantage of nonline-of-sight (NLoS). However, most existing RF-based recognition methods have closed-set assumption vulnerabilities. Although several open-set methods have been proposed, they still face robustness deficiencies when video transmission signal (VTS) attenuation conditions are severe or when interference signals are present. To address this challenge, we propose a lightweight open-set drone recognition (LOSDR) method. First, IQ data are transformed into time–frequency spectra via a short-time Fourier transform (STFT). Second, regional block details and global frequency-hopping (FH) patterns are jointly extracted via a flight control signal (FCS) block extractor and pattern extractors. Then, a semantic alignment module, which integrates text embeddings derived from the contrastive language–image pretraining (CLIP) model, and a class decorrelation module with orthogonal constraints are designed to increase the degree of interclass separation and reduce the ambiguity of classification. Additionally, an adaptive dynamic entropy threshold mechanism is used to balance known/unknown decisions under varying noise and interference levels. We construct datasets for three different electromagnetic environments. Extensive experiments conducted on these datasets demonstrate that LOSDR outperforms the state-of-the-art methods in terms of generalizability and accuracy.

Drone-based applications involving real-time video analytics are emerging to serve diverse situational awareness use cases ranging from precision agriculture to disaster response. Hence, there is a need to study robust security measures to ensure the integrity of information and safeguard communication, as well as data transmission in drone video analytics. In this paper, we investigate methods to enhance the security management of drone video analytics in terms of reliability and integrity within realistic settings using testbed resources in the NSF-supported AERPAW infrastructure. Specifically, we study security mechanisms to model and detect threats such as Replay, Packet Injection, and Physical Capture attacks caused by situations in dynamic and potentially adversarial network environments. In addition, we generate balanced datasets through Generative Adversarial Networks (GAN) to address challenges posed by unbalanced datasets that are common when applying machine learning models for attack detection impacting drone video analytics traffic. Our experimental environment in AERPAW involves a setup for secure communication through a MAVLink-based (open-standard) drone communication protocol that uses continuous authentication via digital signatures. Our experiment results compare the efficiency gains achieved through secure MAVLink-based communication with unsecured counterparts, examining factors such as packet encryption, digital signatures, and nonces. Further, our results provide valuable insights into the adaptability of security mechanisms for drone video analytics within realistic environments.

This research introduces a novel framework for autonomous drone swarms, addressing critical challenges in physical-cyber security by integrating advanced computational models, decentralized swarm intelligence, and robust cryptographic protocols. The work is motivated by the increasing reliance on drone swarms for securing critical infrastructure, disaster response, and surveillance, where hybrid physical and cyber threats present significant risks. The study proposes bio-inspired algorithms for adaptive swarm coordination, physics-informed neural networks for real-time collision avoidance, and quantum-inspired optimization models for resource-aware task allocation, further fortified by lattice-based cryptographic protocols to counter quantum-era adversarial threats. The experimental evaluation, conducted through high-fidelity simulations and physical deployments, demonstrates the system’s robustness in mitigating threats, achieving high collision avoidance accuracy, and maintaining communication integrity in diverse scenarios. Results show scalability with up to 100 drones in simulations and 80 drones in physical tests, highlighting bandwidth as a key area for refinement. The findings advance the field by offering a multi-layered security and coordination framework applicable to sensitive real-world settings. This study provides a foundation for enhancing operational reliability in swarm systems and opens avenues for future work in communication optimization, energy modeling, and three-dimensional navigation for complex environments.

This paper aims to introduce a standardized test methodology for drone detection, tracking, and identification systems. It is the aim that this standardized test methodology for assessing the performance of counter-drone systems will lead to a much better understanding of the capabilities of these solutions. This is urgently needed, as there is an increase in drone threats and there are no cohesive policies to evaluate the performance of these systems and hence mitigate and manage the threat. The presented methodology has been developed within the framework of the project COURAGEOUS funded by European Union’s Internal Security Fund Police. This standardized test methodology is based upon a series of standard user-defined scenarios representing a wide set of use cases. At this moment, these standard scenarios are geared toward civil security end users. However, the proposed standard methodology provides an open architecture where the standard scenarios can be modularly extended, providing standard users the possibility to easily add new scenarios. For each of these scenarios, operational needs and functional performance requirements are provided. Using this information, an integral test methodology is presented that allows for a fair qualitative and quantitative comparison between different counter-drone systems. The standard test methodology concentrates on the qualitative and quantitative evaluation of counter-drone systems. This test methodology was validated during three user-scripted validation trials.

The conventional supply chain management has undergone major advancements following IoT-enabled revolution. The IoT-enabled drones in particular have ignited much recent attention for package delivery in logistics. The service delivery paradigm in logistics has seen a surge in drone-assisted package deliveries and tracking. There have been a lot of recent research proposals on various aspects of last-mile delivery systems for drones in particular. Although drones have largely changed the logistics landscape, there are many concerns regarding security and privacy posed to drones due to their open and vulnerable nature. The security and privacy of involved stakeholders needs to be preserved across the whole chain of Supply Chain Management (SCM) till delivery. Many earlier studies addressed this concern, however with efficiency limitations. We propose a Physical Uncloneable Function (PUF)-based secure authentication protocol (PSL-IoD) using symmetric key operations for reliable last-mile drone delivery in SCM. PSL-IoD ensures mutual authenticity, forward secrecy, and privacy for the stakeholders. Moreover, it is protected from machine learning attacks and drone-related physical capture threats due to embedded PUF installations along with secure design of the protocol. The PSL-IoD is formally analyzed through rigorous security assessments based on the Real-or-Random (RoR) model. The PSL-IoD supports 26.71% of enhanced security traits compared to other comparative studies. The performance evaluation metrics exhibit convincing findings in terms of efficient computation and communication along with enhanced security features, making it viable for practical implementations.

Unmanned Aerial Vehicles (UAVs) are increasingly used in real-time surveillance, logistics, and monitoring of infrastructures. Their dependency on open wireless networks, however, leaves them highly susceptible to cyber-attacks in the form of spoofing, jamming, and denial-of-service attacks. Conventional intrusion detection systems (IDS) are ineffective in high-dimensional, real-time UAV data due to low sensitivity and adaptability. Our framework introduces multiple enhancements in both temporal and structural analysis of UAV data when compared to conventional approaches like ConvLSTM or FFCNN. This calls for a dynamic, deep learning-based solution specifically designed for UAV network environments. This paper introduces Clouded Leopard Optimized Quantum Equivariant Convolutional Neural Network-Enhanced Intrusion Detection for Real-Time Drone Network Security (QE-CNN-CLO). Each component made to address a particular intrusion detection challenge in drone networks. The approach starts with RN-Cluster-based SMOTE (RNC-SMOTE) for preprocessing to solve UAV network data class imbalance and noise. This is followed by Return-Aligned Decision Transformer (Re-ADT) for feature engineering through temporally structured, context-aware embeddings generation. The embeddings generated are input into a Quantum Equivariant Convolutional Neural Network (QE-CNN) for intrusion detection, using symmetry-aware feature extraction. Finally, Clouded Leopard Optimization (CLO) optimizes QE-CNN parameters to provide optimal classification performance. Experimental results show unparalleled effectiveness with 99.26% accuracy, 99.10% F1-score, 99.88% precision, and 99.37% recall, outperforming conventional IDS baselines significantly. Under dynamic aerial environments, these components cooperate to provide real-time, adaptive intrusion detection. In conclusion, QE-CNN-CLO offers a robust, real-time, and adaptive intrusion detection system for UAV networks with guaranteed cybersecurity resilience improvement in dynamic aerial environments. This makes QE-CNN-CLO particularly suitable for latency-suitable UAV applications.

The rapid evolution of drone technology has introduced unprecedented challenges in security, particularly concerning the threat of unconventional drone and swarm attacks. In order to deal with threats, drones need to be classified by intercepting their Radio Frequency (RF) signals. With the arrival of Sixth Generation (6G) networks, it is required to develop sophisticated methods to properly categorize drone signals in order to achieve optimal resource sharing, high-security levels, and mobility management. However, deep ensemble learning has not been investigated properly in the case of 6G. It is anticipated that it will incorporate drone-based BTS and cellular networks that, in one way or another, may be subjected to jamming, intentional interferences, or other dangers from unauthorized UAVs. Thus, this study is conducted based on Radio Frequency Fingerprinting (RFF) of drones identified to detect unauthorized ones so that proper actions can be taken to protect the network’s security and integrity. This paper proposes a novel method—a Composite Ensemble Learning (CEL)-based neural network—for drone signal classification. The proposed method integrates wavelet-based denoising and combines automatic and manual feature extraction techniques to foster feature diversity, robustness, and performance enhancement. Through extensive experiments conducted on open-source benchmark datasets of drones, our approach demonstrates superior classification accuracies compared to recent benchmark deep learning techniques across various Signal-to-Noise Ratios (SNRs). This novel approach holds promise for enhancing communication efficiency, security, and safety in 6G networks amidst the proliferation of drone-based applications.

No abstract available

While drone-based civilian services and applications are appearing on the market at a high pace, recent efforts in the security and privacy community mainly focused on drone detection and neutralization when unauthorized invasions occur. Conversely, more attention must be paid to unveiling potential privacy and confidentiality threats to drone users and operators arising from using such a technology. Such threats, emerging from drones’ adoption for entertainment and business operations, are increasingly concerning due to the recently-introduced regulation on the Remote Identification of Unmanned Aircraft (Remote ID (RID)), mandating persistent disclosure of identity and location of the drone at run-time. This paper sheds some light on the aforementioned context, identifying several privacy and confidentiality threats connected to regular drone operations. Such threats originate from the nature of the drones’ ecosystem and actors and are magnified by the adoption of the RID regulation. For all the identified threats, we pinpoint similarities with issues faced in other research domains, potential solutions, and constraints owing to the drone technology, making the solutions conceived therein hardly applicable for drone-based services. The final result is a set of appealing research challenges, calling for joint efforts from Academia and industry.

The growing number of uncrewed aerial vehicles (UAVs) or drones in low altitude airspace has opened a multitude of frontiers in diverse applications such as smart city, disaster management, logistics, and surveillance operations. Nonetheless, the open and dynamic communication landscape leads the Internet of Drones (IoD) environment to many security threats, including forgery, unauthorized access, or physical drone hijacking attacks. One of the pressing challenges is to ensure perfect forward secrecy using symmetric crypto-primitives. Most of the conventional access control schemes rely on costly public key cryptosystems that might not be suitable for a constrained environment. We can spot many lightweight key agreement mechanisms for the IoD environment; however, regrettably, security loopholes render those inappropriate for deployment. In this article, we propose a lightweight access control mechanism for IoD environment leveraging a physically unclonable functions (PUF) based on barrel shifter (BS) architectures. The commutative properties of BS-oriented PUF (BS-PUF) have been exploited to ensure perfect forward secrecy in PDCM-IoD. Moreover, it ensures privacy, revocation of rogue users’ identity, and resistance to known attacks, including physical drone capture threats and forgery attacks. It significantly helps to reduce computational overheads in comparison with other IoD-based schemes. The security features are rigorously analyzed using the real-or-random (RoR)-based random oracle model. Overall, the PDCM-IoD supports a 19.52% increase number of security features. The performance evaluation depicts that PDCM-IoD is highly suitable for an IoD-based resource-deficient ecosystem.

The open nature of the wireless channel makes the drone communication vulnerable to adverse spoofing attacks, and the radio frequency fingerprint (RFF) identification is promising in effectively safeguarding the access security for drones. Since drones are constantly flying in the three dimensional aerial space, the unique RFF identification problem emerges in drone communication that the effective extraction and identification of RFF suffer from the time-varying channel effects and unavoidable jitterings due to the constant flight. To tackle this issue, we propose augmenting the training RFF dataset by regenerating the drone channel characteristics and compensate the fractional frequency offset. The proposed method estimates the Rician K value of the channel and curve-fits the statistical distribution, the Rician channels are regenerated using the sinusoidal superposition method. Then, a probabilistic switching channel is also set up to introduce the Rayleigh channel effects into the training dataset. The proposed method effectively addresses the unilateral channel effects in the training dataset and achieves the balanced channel effect distribution. Consequently, the pre-trained model can extract channel-robust RFF features in drone air-ground channels. In addition, by compensating the fractional frequency offset, the proposed method removes the unstable frequency components and retains the stable integer frequency offset. Then, the stable frequency offset features that are robust to environmental changes can be extracted. The proposed method achieves an average classification accuracy of 97% under spatial and temporal varying conditions.

In order to study secure federated learning for resource-constrained devices such as drones to protect user privacy and data security in drone networks, a blockchain-based secure federated learning scheme for drones is proposed. Currently, researchers focus on transferring models for federated learning after local training using drones, but in reality, drones will be limited in accomplishing local training due to their own resource and arithmetic issues. In this paper, the scheme offloads the training task of the UAV to the local server, and the UAV is only responsible for performing model aggregation and delivery. At the same time, a new consensus algorithm PoE (Proof-of-Energy) is proposed to model the energy and evaluate the arithmetic power of drones, which assigns roles to each drone node within the blockchain network and ensures that the drones effectively participate in the federated learning process. Due to the open and transparent nature of the blockchain, ring signatures are used to replace the traditional signatures in order to protect the private information such as the behavior and identity of each node and the content of block transactions. The experimental results show that the proposed model can ensure that UAVs effectively participate in federated learning. In addition, when there is a poisoning sample to disrupt the training process, the accuracy of the global model can be effectively ensured compared to the traditional scheme.

With the growing use of unmanned aerial vehicles (UAVs) or drones, ensuring secure communication in open-access environments has become essential. While authentication systems based on Elliptic Curve Cryptography (ECC) are widely adopted due to their efficiency and reduced key sizes, further improvements are needed to enhance communication security and computational performance. To address this, we introduce LAPHECC, a lightweight authentication protocol that replaces ECC with Hyperelliptic Curve Cryptography (HECC). HECC is particularly well-suited for resource-limited devices, as it provides stronger security per bit and requires even smaller key sizes than ECC. The protocol incorporates a preregistration stage and employs a Schnorr-based zero-knowledge session key update mechanism to guarantee both forward and backward secrecy. Security evaluations show that LAPHECC delivers minimal computational and communication overhead while ensuring core security properties such as confidentiality, mutual authentication, and resistance to replay and impersonation attacks.

With advanced mobility and widespread accessibility, drones have attracted considerable attention, offering a wide range of applications in both military and civilian domains. Nonetheless, beyond their beneficial applications and potential, drones have given rise to serious security and privacy concerns as they are increasingly exploited for malicious activities such as drug smuggling or pose threats to individuals and public facilities. The emergence of security threats by drones has stimulated the development of countermeasure solutions including drone detection and identification. These solutions enable timely responses against security threats by facilitating the detection of drone presence and verifying their identities. In this paper, we propose more realistic audio-based drone detection and identification approaches using machine learning, which account for the presence of background environment noises, an often overlooked factor in current methods. By incorporating the interdependence between the drone’s audio and the surrounding environmental sounds, we simulate real-world scenarios where drones operate. We use drone datasets that capture these interactions to evaluate detection and identification performance. Mel-frequency cepstral coefficients (MFCC) features and support vector machine (SVM) classifiers with various kernels are employed to investigate the effectiveness of our approach across different environments. Our results demonstrate that our approach ensures reliable drone detection, achieving an accuracy of approximately 0.99 and an F1-score of 0.98 in closed-set experiments, and an accuracy and F1-score of about 0.94 in open-set experiments. For drone identification, we show the feasibility of our approach with an accuracy and F1-score of about 0.96 for only known drone classes and approximately 0.90 for both known and unknown drone classes.

The widespread use of drones in commercial, industrial, military and security applications has led to a growing need for techniques to analyse their signals. Understanding the communication signals of drones is essential for applications such as airspace monitoring, counter-unmanned aerial vehicles technologies and electronic warfare. This defines the topicality of the topic. That is why the purpose of the study focuses on the identification and analysis of DJI drone signals using software defined radio. The research aims to find their frequencies usage, look for the drone activities in spectrogram, record them and characterize modulation types of drones, specifically the DJI Air 3 and Phantom 4. The working methods are based on using HackRF One software defined radio alongside the DragonOS operating system and HackRF Spectral Analyzer, SDR++ and Inspectrum software. Signal identification is performed in controlled urban and non-urban environments, allowing for the examination of telemetry signal. Different signal processing techniques are used including spectral analysis and modulation classification are applied to identify DJI drone ID. By analysing frequency bands, bandwidth requirements, and transmission structures, the study indicates how both drones communicate and adapt to environmental factors such as interference. Main conclusions from this paper are revealing that DJI drones use frequency hopping, orthogonal frequency division multiplexing modulation adapting itself with quadrature phase shift keying, 16 and 64 quadrature amplitude modulation depending on the enviroment. They also use Zadoff-Chu sequencies for synchronizing their drone ID packets. Having in mind this, the signal width and strength also chages based on the urban or no-urban environments that the drone is. 

Securing communications in drone networks is an essential aspect of ensuring good network performance. Data transferred over the Internet of Drones (IoD) Communications, which is rapidly growing, holds crucial information for navigation, coordination, data sharing, and control, and enables the creation of smart services in many sectors. Sixth-generation (6G) mobile systems are anticipated to be impacted by the plethora of IoD. The possibility of malevolent drones intercepting or altering data before it reaches its target is a serious worry. Operations on IoD networks may be hampered by this, and safety issues may arise. Utilizing three security levels, the suggested method solves the issue of malicious drones in the IoD network. The suggested system’s first level allocates a trust value to IoD drones based on behaviors including prior drone behavioral histories, packet losses, and processing delays. This can be accomplished by choosing drones as investigators to monitor the actions of neighboring drones and assess the level of trust value. The second level involves communication protection, which is accomplished by historical communication behavior. The purpose of the final security level is to safeguard the reliability of the data used to calculate trust values. The fundamental topical of our proposed system is to propose and explore a novel tactic for detecting malicious UAVs within the internet of drone framework, using theoretical and simulations models. Because that 6G networks are still now in the developmental stage, the results presented are based on predictive analyses and simulations rather than real-world applications.

With the explosive growth of low-altitude UAV applications, the security threats they pose have prompted countermeasure technology research to become a hotspot. In this paper, a multi-mode jamming scheme based on software radio is proposed for UAV communication and navigation links. The UAV data link is blocked by comb and sweep interference techniques. Combined with generative navigation spoofing technology to achieve navigation link deception, the interference parameters are optimized by introducing the third-generation genetic algorithm to improve the success rate of interference. Based on the software radio, the UAV is tested for jamming, and the experiment shows that: comb jamming and frequency sweeping jamming can cut off the control link, and the navigation deception makes the UAV deviate from the preset path, which realizes the effective jamming of the UAV.

In modern Internet‐of‐Drone (IoD) environments, secure communication between unmanned aerial vehicles (UAVs) and user equipment is essential to protect data privacy and prevent unauthorized access. This paper presents a lightweight three‐factor authentication scheme for UAVs using ElGamal‐based elliptical curve cryptography (ECC‐ElGamal) encryption and physical layer security (PLS). The scheme integrates the device's media access control (MAC) address, user ID, and password for enhanced authentication. Using the MAC address as a security parameter strengthens device‐specific authentication and reduces the risk of impersonation and unauthorized access. To prevent replay attacks and ensure message freshness, timestamps are included in the authentication process. ECC‐ElGamal encryption enables secure communication through session key generation and hash functions, optimizing security and efficiency. Additionally, the scheme employs PLS to protect against eavesdropping and provide location‐based authentication. A novel secret key ( KPLS$$ {K}_{PLS} $$ ) is generated using channel state information (CSI) and is used to encrypt the device's MAC address, ensuring privacy‐preserving authentication. The proposed scheme is designed to minimize computational and communication costs, making it suitable for resource‐constrained UAVs in real‐time IoD environments. Security evaluations and comparative analysis show that the scheme effectively resists known attacks while maintaining robust protection and system efficiency.

The growing integration of drones into civilian, commercial, and defense sectors introduces significant cybersecurity concerns, particularly with the increased risk of network‐based intrusions targeting drone communication protocols. Detecting and classifying these intrusions is inherently challenging due to the dynamic nature of drone traffic and the presence of multiple sophisticated attack vectors such as spoofing, injection, replay, and man‐in‐the‐middle (MITM) attacks. This research aims to develop a robust and interpretable intrusion detection framework tailored for drone networks, with a focus on handling multi‐class classification and model explainability. Initially, the ISOT Drone Anomaly Detection Dataset was used for model training, followed by validation on the UAVIDS‐2025 dataset to assess generalizability. We present a comparative analysis of ensemble‐based machine learning models trained on a labeled dataset comprising benign traffic and nine distinct intrusion types. Comprehensive data preprocessing was performed, including missing value imputation, scaling, and categorical encoding, followed by model training and extensive evaluation using metrics. Random Forest achieved the highest performance with an F1‐macro score of 0.9998 and ROC‐AUC of 1.0000, improving detection performance by over 2%–5% compared to other ensembles. To validate the superiority of the models, statistical tests including Friedman's test, Wilcoxon signed‐rank test with Holm correction, and bootstrapped confidence intervals were applied. Furthermore, explainable AI methods, SHAP and LIME, were integrated to interpret both global and local feature importance, enhancing model transparency and decision trustworthiness. The proposed approach not only delivers near‐perfect accuracy but also ensures interpretability, making it highly suitable for real‐time and safety‐critical drone operations. This work contributes a novel blend of high‐performing classification and explainability to the domain of UAV cybersecurity, offering a promising pathway for secure, transparent deployment of drone‐based systems in complex environments.

Abstract - The SATIG (Self-Adaptive Threat Intelligence Grid) project addresses the growing concern of drone-based threats in military and defense operations. With the increasing use of autonomous drones, there is a rising risk of cyberattacks, spoofing, jamming, and coordinated intrusions that current security systems struggle to manage. The system combines computer vision, anomaly detection, and threat grading. SATIG aims to improve response speed, reduce false positives, and enhance adaptability to unknown threats. The project demonstrates how AI and cooperative decision-making can offer a scalable and intelligent approach to modern drone security. Key Words: Drone security, real-time detection, multi-agent systems, reinforcement learning, anomaly detection, SATIG

No abstract available

With the development of UAV and autonomous driving technology, the accurate acquisition of spatial location information is more and more closely related to people’s production and life. However, because the navigation signal is very weak when it reaches the ground, the signal is vulnerable to interference, and human interference has a destructive effect on navigation applications. Human interference to navigation signals can be divided into two categories: suppression interference and deception interference. This paper first briefly introduces the difference between spoofing and squishing jamming and the types of spoofing jamming, and then analyzes spoofing jamming detection technology and its research status from the perspectives of message encryption identity authentication, spatial processing, signal power detection, signal quality detection, Doppler shift consistency, positioning and navigation results and machine learning. The research direction of multi-technology comprehensive detection is prospected.

Vulnerabilities in drone networks stem from the reliance on GPS and wireless communication technologies, combined with the lack of robust security mechanisms. This study proposes DroneGuard, a comprehensive cybersecurity framework leveraging supervised machine learning (ML) and explainable artificial intelligence (XAI) to detect intrusions and provide insights into the decision-making process of the security model. We explored various feature selection techniques to design a lightweight model suitable for the resource constraints of drones. Additionally, the synthetic minority oversampling technique (SMOTE) is employed to balance target class distribution and mitigate performance degradation, while randomized search cross-validation (RSCV) aids in selecting optimal hyperparameters for model training. Simulation experiments were conducted using a real-time GPS dataset for autonomous vehicles and a cybersecurity dataset containing variants of Denial of Service (DoS) attacks to evaluate the models’ performance. Comparison with four ML models using essential evaluation metrics validated the robust performance of the decision tree model, which detected spoofed GPS signals and DoS attacks with high accuracy, low-computational complexity, and minimal false alarm rates. Furthermore, the Shapley additive explanation (SHAP) provides intuitive visual explanations of important features contributing to the detection and classification of both GPS spoofing and DoS attacks. Therefore, DroneGuard offers effective and interpretable security solutions for enhanced drone application and adoption.

Unconditional security in quantum key distribution (QKD) relies on authenticating the identities of users involved in key distribution. While classical identity authentication schemes were initially utilized in QKD implementations, concerns regarding their vulnerability have prompted the exploration of quantum identity authentication (QIA) protocols. In this study, we introduce a new protocol for QIA, derived from the concept of controlled secure direct quantum communication. Our proposed scheme facilitates simultaneous authentication between two users, Alice and Bob, leveraging Bell states with the assistance of a third party, Charlie. Through rigorous security analysis, we demonstrate that the proposed protocol withstands various known attacks, including impersonation, intercept and resend and impersonated fraudulent attacks. Additionally, we establish the relevance of the proposed protocol by comparing it with the existing protocols of similar type.

Integrated Sensing and Communication (ISAC) will be one key feature of future 6G networks, enabling simultaneous communication and radar sensing. The radar sensing geometry of ISAC will be multistatic since that corresponds to the common distributed structure of a mobile communication network. Within this framework, micro-Doppler analysis plays a vital role in classifying targets based on their micromotions, such as rotating propellers, vibration, or moving limbs. However, research on bistatic micro-Doppler effects, particularly in ISAC systems utilizing OFDM waveforms, remains limited. Existing methods, including electromagnetic simulations, often lack scalability for generating the large datasets required to train machine learning algorithms. To address this gap, this work introduces an OFDM-based bistatic micro-Doppler model for multi-propeller drones. The proposed model adapts the classic thin-wire model to include bistatic sensing configuration with an OFDM-like signal. Then, it extends further by incorporating multiple propellers and integrating the reflectivity of the drone's static parts. Measurements were performed to collect ground truth data for verification of the proposed model. Validation results show that the model generates micro-Doppler signatures closely resembling those obtained from measurements, demonstrating its potential as a tool for data generation. In addition, it offers a comprehensive approach to analyzing bistatic micro-Doppler effects.

Detecting spoofing attacks to Low-Earth-Orbit (LEO) satellite systems is a cornerstone to assessing the authenticity of the received information and guaranteeing robust service delivery in several application domains. The solutions available today for spoofing detection either rely on additional communication systems, receivers, and antennas, or require mobile deployments. Detection systems working at the Physical (PHY) layer of the satellite communication link also require time-consuming and energy-hungry training processes on all satellites of the constellation, and rely on the availability of spoofed data, which are often challenging to collect. Moreover, none of such contributions investigate the feasibility of aerial spoofing attacks launched via drones operating at various altitudes. In this paper, we propose a new spoofing detection technique for LEO satellite constellation systems, applying anomaly detection on the received PHY signal via autoencoders. We validate our solution through an extensive measurement campaign involving the deployment of an actual spoofer (Software-Defined Radio) installed on a drone and injecting rogue IRIDIUM messages while flying at different altitudes with various movement patterns. Our results demonstrate that the proposed technique can reliably detect LEO spoofing attacks launched at different altitudes, while state-of-the-art competing approaches simply fail. We also release the collected data as open source, fostering further research on satellite security.

Drone Remote Identification (RID) plays a critical role in low-altitude airspace supervision, yet its broadcast nature and lack of cryptographic protection make it vulnerable to spoofing and replay attacks. In this paper, we propose a consistency verification-based physical-layer authentication (PLA) algorithm for drone RID frames. A RID-aware sensing and decoding module is first developed to extract communication-derived sensing parameters, including angle-of-arrival, Doppler shift, average channel gain, and the number of transmit antennas, together with the identity and motion-related information decoded from previously authenticated RID frames. Rather than fusing all heterogeneous information into a single representation, different types of information are selectively utilized according to their physical relevance and reliability. Specifically, real-time wireless sensing parameter constraints and previously authenticated motion states are incorporated in a yaw-augmented constant-acceleration extended Kalman filter (CA-EKF) to estimate the three-dimensional position and motion states of the drone. To further enhance authentication reliability under highly maneuverable and non-stationary flight scenarios, a data-driven long short-term memory-based motion estimator is employed, and its predictions are adaptively combined with the CA-EKF via an error-aware fusion strategy. Finally, RID frames are authenticated by verifying consistency in the number of transmit antennas, motion estimates, and no-fly-zone constraints. Simulation results demonstrate that the proposed algorithm significantly improves authentication reliability and robustness under realistic wireless impairments and complex drone maneuvers, outperforming existing RF feature-based and motion model-based PLA schemes.

In this paper, we investigate the utilization of the angle of arrival (AoA) as a feature for robust physical layer authentication (PLA). While most of the existing approaches to PLA focus on common features of the physical layer of communication channels, such as channel frequency response, channel impulse response or received signal strength, the use of AoA in this domain has not yet been studied in depth, particularly regarding the ability to thwart impersonation attacks. In this work, we demonstrate that an impersonation attack targeting AoA based PLA is only feasible under strict conditions on the attacker's location and hardware capabilities, which highlights the AoA's potential as a strong feature for PLA. We extend previous works considering a single-antenna attacker to the case of a multiple-antenna attacker, and we develop a theoretical characterization of the conditions in which a successful impersonation attack can be mounted. Furthermore, we leverage extensive simulations in support of theoretical analyses, to validate the robustness of AoA-based PLA.

Unmanned aerial vehicles (UAV), an emerging architecture that embodies flying ad-hoc networks, face critical privacy and security challenges, mainly when engaged in data-sensitive missions. Therefore, message authentication is a crucial security feature in drone communications. This paper presents a Blockchain-based Efficient, and Trusted Authentication scheme for UAV communication, BETA-UAV, which exploits the inherent properties of blockchain technology concerning memorability and is immutable to record communication sessions via transactions using a smart contract. The smart contract in BETA-UAV allows participants to publish and call transactions from the blockchain network. Furthermore, transaction addresses are proof of freshness and trustworthiness for subsequent transmissions. Furthermore, we investigated their ability to resist active attacks, such as impersonation, replaying, and modification. In addition, we evaluate the gas costs associated with the functions of the smart contract by implementing a BETA-UAV on the Ethereum public blockchain. A comparison of the computation and communication overheads shows that the proposed approach can save significant costs over traditional techniques.

The rapid proliferation of Internet of Things (IoT) devices across domains such as smart homes, industrial control systems, and healthcare networks has significantly expanded the attack surface for cyber threats, including botnet-driven distributed denial-of-service (DDoS), malware injection, and data exfiltration. Conventional intrusion detection systems (IDS) face critical challenges like privacy, scalability, and robustness when applied in such heterogeneous IoT environments. To address these issues, we propose SecureDyn-FL, a comprehensive and robust privacy-preserving federated learning (FL) framework tailored for intrusion detection in IoT networks. SecureDyn-FL is designed to simultaneously address multiple security dimensions in FL-based IDS: (1) poisoning detection through dynamic temporal gradient auditing, (2) privacy protection against inference and eavesdropping attacks through secure aggregation, and (3) adaptation to heterogeneous non-IID data via personalized learning. The framework introduces three core contributions: (i) a dynamic temporal gradient auditing mechanism that leverages Gaussian mixture models (GMMs) and Mahalanobis distance (MD) to detect stealthy and adaptive poisoning attacks, (ii) an optimized privacy-preserving aggregation scheme based on transformed additive ElGamal encryption with adaptive pruning and quantization for secure and efficient communication, and (iii) a dual-objective personalized learning strategy that improves model adaptation under non-IID data using logit-adjusted loss. Extensive experiments on the N-BaIoT dataset under both IID and non-IID settings, including scenarios with up to 50% adversarial clients, demonstrate that SecureDyn-FL consistently outperforms state-of-the-art FL-based IDS defenses.

We investigate the problem of sybil (fake account) detection in social networks from a graph algorithms perspective, where graph structural information is used to classify users as sybil and benign. We introduce the novel notion of user resistance to attack requests (friendship requests from sybil accounts). Building on this notion, we propose a synthetic graph data generation framework that supports various attack strategies. We then study the optimization problem where we are allowed to reveal the resistance of a subset of users with the aim to maximize the number of users which are discovered to be benign and the number of potential attack edges (connections from a sybil to a benign user). Furthermore, we devise efficient algorithms for this problem and investigate their theoretical guarantees. Finally, through a large set of experiments, we demonstrate that our proposed algorithms improve detection performance notably when applied as a preprocessing step for different sybil detection algorithms. The code and data used in this work are publicly available on GitHub https://github.com/aSafarpoor/AAMAS2025-Paper/tree/main

Unmanned aerial vehicles (UAVs) depend on untrusted software components to automate dangerous or critical missions, making them a desirable target for attacks. Some work has been done to prevent an attacker who has either compromised a ground control station or parts of a UAV's software from sabotaging the vehicle, but not both. We present an architecture running a UAV software stack with runtime monitoring and seL4-based software isolation that prevents attackers from both exploiting software bugs and stealthy attacks. Our architecture retrofits legacy UAVs and secures the popular MAVLink protocol, making wide adoption possible.

UAVs are increasingly deployed in critical applications and rely on 5G networks for long-range command-and-control (C2) connectivity. As the C2 channel is safety-critical, disruptions or manipulation of this communication channel may lead to loss of control, mission failure, or safety incidents. The architectural complexity of 5G standalone (SA) introduces logical attack surfaces that may affect such applications, yet the impact of logical vulnerabilities in the 5G architecture on UAV command-and-control carried over cellular infrastructure has received little attention. In this work, we develop a reproducible testbed that emulates 5G SA and integrates a UAV C2 channel using MAVLink over the 5G User Plane through Open5GS and UERANSIM. We define three threat models (rogue UE in the same slice and DNN, insider with access to the N4 interface, compromised gNodeB) and implement representative attacks. Our evaluation shows that a rogue UE can inject C2 commands and force the UAV to land; an insider can tear down PDU sessions via PFCP and trigger UAV failsafe; a compromised gNodeB can alter MAVLink navigation commands and redirect the UAV. The results demonstrate that logical attacks on the 5G architecture can compromise UAV C2 without breaking air-interface encryption, revealing cross-layer vulnerabilities between cellular infrastructure and UAV communication protocols. We provide a threat-model framework, experimental evidence, and mitigations (MAVLink signing, integrity protection on N3 and N4 interfaces) for operators and system designers deploying UAVs over 5G.

In recent years, drone delivery, which utilizes unmanned aerial vehicles (UAVs) for package delivery and pickup, has gradually emerged as a crucial method in logistics. Since delivery drones are expensive and may carry valuable packages, they must maintain a safe distance from individuals until user-drone mutual authentication is confirmed. Despite numerous authentication schemes being developed, existing solutions are limited in authentication distance and lack resilience against sophisticated attacks. To this end, we introduce SyncGait, an implicit gait-based mutual authentication system for drone delivery. SyncGait leverages the user's unique arm swing as he walks toward the drone to achieve mutual authentication without requiring additional hardware or specific authentication actions. We conducted extensive experiments on 14 datasets collected from 31 subjects. The results demonstrate that SyncGait achieves an average accuracy of 99.84\% at a long distance ($>18m$) and exhibits strong resilience against various spoofing attacks, making it a robust, secure, and user-friendly solution in real-world scenarios.

With the growing reliance on the vulnerable Automatic Dependent Surveillance-Broadcast (ADS-B) protocol in air traffic management (ATM), ensuring security is critical. This study investigates emerging machine learning models and training strategies to improve AI-based intrusion detection systems (IDS) for ADS-B. Focusing on ground-based ATM systems, we evaluate two deep learning IDS implementations: one using a transformer encoder and the other an extended Long Short-Term Memory (xLSTM) network, marking the first xLSTM-based IDS for ADS-B. A transfer learning strategy was employed, involving pre-training on benign ADS-B messages and fine-tuning with labeled data containing instances of tampered messages. Results show this approach outperforms existing methods, particularly in identifying subtle attacks that progressively undermine situational awareness. The xLSTM-based IDS achieves an F1-score of 98.9%, surpassing the transformer-based model at 94.3%. Tests on unseen attacks validated the generalization ability of the xLSTM model. Inference latency analysis shows that the 7.26-second delay introduced by the xLSTM-based IDS fits within the Secondary Surveillance Radar (SSR) refresh interval (5-12 s), although it may be restrictive for time-critical operations. While the transformer-based IDS achieves a 2.1-second latency, it does so at the cost of lower detection performance.

Unmanned aerial vehicles (UAVs) are widely applied in multiple fields, which emphasizes the challenge of obtaining UAV flight information to ensure the airspace safety. UAVs equipped with automatic dependent surveillance-broadcast (ADS-B) devices are capable of sending flight information to nearby aircrafts and ground stations (GSs). However, the saturation of limited frequency bands of ADS-B leads to interferences among UAVs and impairs the monitoring performance of GS to civil planes. To address this issue, the integration of the 5th generation mobile communication technology (5G) with ADS-B is proposed for UAV operations in this paper. Specifically, a hierarchical structure is proposed, in which the high-altitude central UAV is equipped with ADS-B and the low-altitude central UAV utilizes 5G modules to transmit flight information. Meanwhile, based on the mobile edge computing technique, the flight information of sub-UAVs is offloaded to the central UAV for further processing, and then transmitted to GS. We present the deterministic model and stochastic geometry based model to build the air-to-ground channel and air-to-air channel, respectively. The effectiveness of the proposed monitoring system is verified via simulations and experiments. This research contributes to improving the airspace safety and advancing the air traffic flow management.

Wireless networks are highly vulnerable to spoofing attacks, especially when attackers transmit consecutive spoofing packets. Conventional physical layer authentication (PLA) methods have mostly focused on single-packet spoofing attack. However, under consecutive spoofing attacks, they become ineffective due to channel evolution caused by device mobility and channel fading. To address this challenge, we propose a channel prediction-based PLA framework. Specifically, a Transformer-based channel prediction module is employed to predict legitimate CSI measurements during spoofing interval, and the input of channel prediction module is adaptively updated with predicted or observed CSI measurements based on the authentication decision to ensure robustness against sustained spoofing. Simulation results under Rayleigh fading channels demonstrate that the proposed approach achieves low prediction error and significantly higher authentication accuracy than conventional benchmark, maintaining robustness even under extended spoofing attacks.

In response to the evolving challenges posed by small unmanned aerial vehicles (UAVs), which possess the potential to transport harmful payloads or independently cause damage, we introduce MMAUD: a comprehensive Multi-Modal Anti-UAV Dataset. MMAUD addresses a critical gap in contemporary threat detection methodologies by focusing on drone detection, UAV-type classification, and trajectory estimation. MMAUD stands out by combining diverse sensory inputs, including stereo vision, various Lidars, Radars, and audio arrays. It offers a unique overhead aerial detection vital for addressing real-world scenarios with higher fidelity than datasets captured on specific vantage points using thermal and RGB. Additionally, MMAUD provides accurate Leica-generated ground truth data, enhancing credibility and enabling confident refinement of algorithms and models, which has never been seen in other datasets. Most existing works do not disclose their datasets, making MMAUD an invaluable resource for developing accurate and efficient solutions. Our proposed modalities are cost-effective and highly adaptable, allowing users to experiment and implement new UAV threat detection tools. Our dataset closely simulates real-world scenarios by incorporating ambient heavy machinery sounds. This approach enhances the dataset's applicability, capturing the exact challenges faced during proximate vehicular operations. It is expected that MMAUD can play a pivotal role in advancing UAV threat detection, classification, trajectory estimation capabilities, and beyond. Our dataset, codes, and designs will be available in https://github.com/ntu-aris/MMAUD.

With the impressive achievements of chatGPT and Sora, generative artificial intelligence (GAI) has received increasing attention. Not limited to the field of content generation, GAI is also widely used to solve the problems in wireless communication scenarios due to its powerful learning and generalization capabilities. Therefore, we discuss key applications of GAI in improving unmanned aerial vehicle (UAV) communication and networking performance in this article. Specifically, we first review the key technologies of GAI and the important roles of UAV networking. Then, we show how GAI can improve the communication, networking, and security performances of UAV systems. Subsequently, we propose a novel framework of GAI for advanced UAV networking, and then present a case study of UAV-enabled spectrum map estimation and transmission rate optimization based on the proposed framework to verify the effectiveness of GAI-enabled UAV systems. Finally, we discuss some important open directions.