NO DRONE ZONE

This is a work that my study has been doing. So let's start with the basics, agenda. First I will give you some introduction on how I give you some information on some security concerns and some background information. I will also show you in the context of this report. I will show you some of the solutions that we got from the group. So, Elisa. First, who knows Elisa? The colleagues from Elisa don't know about Elisa. We have three main pillars: we assist the international states on policy making and policy implementation, we work closely with the implementation of policy across the EU, I think it is at the GDPR. We also have some teams which facilitate the capacities, so we have

the CYBAL Europe, the European exercise that is organised every two years, led by the public sector and the international states.

expertise, developing solutions, drafting some recommendations, and providing some independent advice. We have many studies of things in the context of smart infrastructures, such as finance, energy sector, utilities, and other things that have come into the stage. We have training courses and to come to this technical experience, the lab is actually We have extensive research on key topics that concern cybersecurity. We are planning a lot to show and propose scenarios for the next Cyber Europe or raise the awareness of the audience. That can be used in recommendations that we draft through our studies. Okay, Cyber Europe 2016. Okay, so Cyber Europe 2016, my friend, is going to be a map that has actually two phases of

a map. some reconnaissance. The data center was investigating attack and cyber security attack. They used in the second phase, the second flight, the Raspberry Pi, so they made the Pi, which is more related. So the results were to have additional software and exploit to reduce the server temperature. They knew consequently that the ratios of the data center denied the service attack and save. So the first of the rooftop so we have the drone and we can actually also have a first view of the hardware and software of these facilities so have a better understanding and better idea of the actual attack vectors to these facilities of the drone so that these would be key points it was actually that the

Raspberry Pi access point that users got to it the legitimate one this access to Wi-Fi network of the facilities and then attacks further So the attack scenario that we had also in the smart airports is related to the attack scenario that we saw before for Cycle Europe. So recently we've also had another study which was in the context of smart infrastructures and it was about securing smart airports. The actual three attack scenarios draw a big special agreement that we need to communicate aircraft and ground. The aircraft will be channeled through a 3-B the aircraft can position its geolocation to the ground so they can know where the aircraft is. These locations are an authentic, easily accessible, such as interception and

shooting device. So this was an attack on the gate of the prison. So they span the grids and such incidents where they use the drone to take the bodies into the prison. We can also see a graffiti artist that was

that he was very enthusiastic about the drone and he used the drone to actually became his brand actually. He used the DJ Phantom actually to... So we had also some events that were disrupted due to drones. We had events disrupted because a drone crashed into the city and the game was gone. A lot of terrorists such as ISIS that is using drones for reconnaissance for potential targets. and that makes us think that we have many significant infrastructures so, airports, seaports, water transport, transportation, etc. An example of this, which was a penetration testing that was hired for breaking it to do exactly what we saw in the scenario, so, a very penetration technology, and see, actually

it's online, in the video, during the presentation, it's a very interesting video, that

to see how they achieved at the end computers. Ok, so a step back to see drones. The market share of drones is 8% of the market. We expect to come by 2025 dollars revenue. This is a huge amount. We see that this is actually the field that is very famous and is much more for companies. We used that information to implement. Because we focus on the creation and growth, we focus on the big companies out of this specific branch. Some of the tools which are available are also available for the head. On range, they are approximately up to 50 meters, they are directly connected. This is actually the technology for the KVT and cell fans.

This is the connection, as well as some of the technology. GPS and terrain.

a long range we use to have pilot systems so we have a path, we find the flight path so as I said before the majority of this maybe is actually the same and this actually also dates of other access points so we have done some approaches we have done a simplistic approach in our experiment to detect drones and to lengthen the distance in the perimeter there was a more efficient approach in mind which was to use the navigation of the wifi We have a lot of technology for the Wi-Fi positioning, many items, not only drones. We have a geolocation of the drone instead of the drone detection, pattern-based detection. The plane defines the auto patterns that show the drones and through these

patterns we can have a detection through audio. Same applies to the visual detection. Again, we have some patterns that can differentiate drones from flying birds and we can say that this is a drone.

very efficient let's say because they rely a lot on batteries and they can have many problems. The thermal one is also not efficient because it actually uses a thermal sensor in drones but drones are made of plastic so usually not easy to take it. More efficient approach all the other ramps there so we can again see our course of ID, flight per second, distance, some alert data analysis.

We had some key points for our experiment that were that we wanted to use Sperma's notality just to combine it with all that everywhere in time. So, it was actually a good response. So, the first address is closed. There are many sources actually that can give of the branch. Some of my addresses belong to JJL, I think the same. and also the signal strength through some commands to calculate the distance based on the frequency and the metabolism. To do that we use a UI implementation. First, to have some commands on the operating system. We use a database to get all the access points and the signal strength and the frequency in the exact channel and filter also the metabolism.

So we use the formula of distance and have also a possible timeline of growth with the speed of analysis and also if we need to have some action we get further flyer with the drone. So this is a demo that we have prepared to show the application and let me see if I can

So on the left side we have the user setting up the drone and on the right side we have the applications coming for flying objects, for flying drones. We see the user setting up the helicopter, and I'll add a timestamp with the distance in meters. For other drones, the same I left because it's still in the perimeter, so it doesn't carry all fours at once. Ignore this. This way we will see that it will stop giving us So, evaluating this experiment, we saw that we have some advantages and disadvantages. The advantages are that we have a mobile setup. It can be used in the area that we work somewhere in the public. We have an especially good laptop. It was an up-to-date

solution, low cost of the chain, no cost at all. It was just a cost of time to develop an application like this. We also saw this setup was a little bit of a connection to collect data We have a list, we have the immediate alert and the logs also for post analysis. Some disadvantages that we have are: We cannot detect the exact location, we cannot give GPS coordinates back to the user, we cannot draw, we can't find specific brands, we can't find the type of most used brands, so we cover a large market share. They have their autonomous flight and they have a defined path to fly. So, some new efforts have the disadvantages, even more

the advantages on the other side, where we can calculate using some cheap equipment, some Raspberry Pi, some Raspberry Pi enough to say that we have the same approach that will give us back the geolocation of the drones, one of them as a master and the other two as clients. So, the distance from each device would be exactly

GPS and satellite. So, we have the decision of the master side, again, accessing these devices through an SSH connection to the static IP of the master. So, some existing solutions, I would say, are available. So, we can have an indication of the electricity. We can have some file infection accessing the files of the phone and collecting all the information. And some other things, such as the consumption of the device. So, some active defense mechanisms are jamming, so jamming the authenticated control. So, the authenticated engineering approach is in this category. We've seen the activities that they're doing in Egypt to take down drones. And we have seen recently a drone that throws a net, a flying drone, and it falls down.

Some common infatuation, this is a prejudice actually.

for drones, it tends to have a focus on drones by 2019. So some future work and reflexes, more ideas, how to approach and detect more drones. We would like to have collaboration with other people and for sure new ideas that drive us to new scenarios for cyber-dome