THE RAPID SPREAD AND GROWING USE OF UNMANNED AERIAL VEHICLES (UAV) BY INDIVIDUALS, THE PRIVATE SECTOR AND TERRORISTS HAS GIVEN WAY TO NUMEROUS DEVELOPING SECURITY CONCERNS. THIS ARTICLE ANALYSES HOW GOVERNMENT, REGULATORS, SECURITY SERVICES, LAW ENFORCEMENT CAN ADDRESS SOME OF THESE CONCERNS. COUNTERING THESE SECURITY THREATS IS COMPLEX AS THE THREATS HAVE TO BE COUNTERED AT DIFFERENT TECHNOLOGICAL LEVELS AND INTENDED USE SUCH AS TERRORIST, CRIMINAL, MILITARY, INTELLIGENCE, SAFETY ETC. TO ENABLE ANALYSIS A FRAMEWORK IS INTRODUCED TO CLASSIFY THE TASKS COMMONLY ASSOCIATED WITH ADDRESSING SECURITY THREATS: INTELLIGENCE, GUARD AND SECURE, OPERATIONS AND LAW ENFORCEMENT. USING THIS FRAMEWORK A BREAKDOWN OF THE INFORMATION NECESSARY TO PERFORM THE DIFFERENT TASKS IS INTRODUCED. WE ANALYSED WHAT INFORMATION NEEDS TO BE GATHERED TO ENABLE THE DEVELOPMENT AND EXECUTION OF COUNTER MEASURES ASSOCIATED WITH THE DIFFERENT TASKS. SPECIAL ATTENTION IS PAID TO HOW DIGITAL FORENSICS ON UAV’S COULD CONTRIBUTE TO THE TASKS OF INTELLIGENCE, GUARD AND SECURE, OPERATIONS AND LAW ENFORCEMENT.
A Look at the Emerging Security Threats to the Aviation IndustryDominic_White
The aviation industry is always at risk of terror attacks and other security threats. Ironically, some recent developments in aviation technology may be putting airlines and passengers in hazardous situations instead of protecting them. Current practices by airline staff are may also be seen by potential criminals as a weakness.
This is from a webinar presented by Embry-Riddle Aeronautical University-Worldwide called “General Aviation Security.” The presenter is Dr. Daniel Benny.
Each week DroneSec releases a summary of the last week's incidents and reports regarding drone security.
This edition is free for public use. To receive similar reports like these, subscripe here: https://dronesec.com/pages/dronesec-notify
To view the Threat Intelligence platform, view more information here: https://dronesec.com/pages/notify
Farnborough International Airshow 2018 case study❈Derek Robinson
Security UAV (drone) integration into the security plan for FIA18. A brief insight into how we operated and the benefits that it provided to the multi-agency control room.
As drones continue to advance in capabilities
and come into wider and wider use by both
legitimate users and by malicious actors, it is
essential that law enforcement, corrections,
security and military professionals increase
their levels of knowledge and preparedness
regarding drone threats, including the art
and science of drone forensics.
Unmanned Aircraft Systems (UAS) pose an increasing threat to the aviation sector due to the rapid proliferation of the technology into civilian hands. UAS can be weaponized by malicious actors, while non-malicious UAS operators may inadvertently interfere with aviation-related activities. There have been numerous aviation-related incidents involving UAS in recent years.
The Need for Drone Forensic Investigation Standardisation (Evangelos Mantas) ...DroneSec
Evangelos Mantas (Infili Intelligence)
Talk Recording: https://www.youtube.com/watch?v=W0ZNpj7QZtM
The Global Drone Security Network (GDSN) is the only event of its kind focusing on Cyber-UAV security, Drone Threat Intelligence, Counter-UAS, and UTM security. Watch the full recording here: https://www.youtube.com/watch?v=vZ6sRr65cSk
Speaker: https://www.linkedin.com/in/evangelos-mantas-0aa82619a/
DroneSec is a cyber-uav security and threat intelligence company who hosted this second series of the GDSN community event.
https://dronesec.com/
The Counter Drone Systems (anti drone) Market Industry is expected to grow from USD 3,965.0 Million in 2022 to USD 8,749.0 Million by 2022, at a CAGR of 18.7% between 2022 and 2032.
Counter Drone Systems Market 2022-2032 - Aviation and Defense Market ReportsDefense Report
Global Counter Drone System market 2022-2032 includes Counter drone technology, commonly referred to as counter-UAS or C-UAS, refers to devices that detect and/or intercept unmanned aircraft systems in flight. As drones become more widely used, counter-UAS technology is continuously developing and changing. Concerns about the threat that drones offer in civilian and military situations have fueled the advancement of C-UAS technology The Table of Content would give the readers a perspective of the coverage of the Global Counter Drone System market 2022-2032.
A Look at the Emerging Security Threats to the Aviation IndustryDominic_White
The aviation industry is always at risk of terror attacks and other security threats. Ironically, some recent developments in aviation technology may be putting airlines and passengers in hazardous situations instead of protecting them. Current practices by airline staff are may also be seen by potential criminals as a weakness.
This is from a webinar presented by Embry-Riddle Aeronautical University-Worldwide called “General Aviation Security.” The presenter is Dr. Daniel Benny.
Each week DroneSec releases a summary of the last week's incidents and reports regarding drone security.
This edition is free for public use. To receive similar reports like these, subscripe here: https://dronesec.com/pages/dronesec-notify
To view the Threat Intelligence platform, view more information here: https://dronesec.com/pages/notify
Farnborough International Airshow 2018 case study❈Derek Robinson
Security UAV (drone) integration into the security plan for FIA18. A brief insight into how we operated and the benefits that it provided to the multi-agency control room.
As drones continue to advance in capabilities
and come into wider and wider use by both
legitimate users and by malicious actors, it is
essential that law enforcement, corrections,
security and military professionals increase
their levels of knowledge and preparedness
regarding drone threats, including the art
and science of drone forensics.
Unmanned Aircraft Systems (UAS) pose an increasing threat to the aviation sector due to the rapid proliferation of the technology into civilian hands. UAS can be weaponized by malicious actors, while non-malicious UAS operators may inadvertently interfere with aviation-related activities. There have been numerous aviation-related incidents involving UAS in recent years.
The Need for Drone Forensic Investigation Standardisation (Evangelos Mantas) ...DroneSec
Evangelos Mantas (Infili Intelligence)
Talk Recording: https://www.youtube.com/watch?v=W0ZNpj7QZtM
The Global Drone Security Network (GDSN) is the only event of its kind focusing on Cyber-UAV security, Drone Threat Intelligence, Counter-UAS, and UTM security. Watch the full recording here: https://www.youtube.com/watch?v=vZ6sRr65cSk
Speaker: https://www.linkedin.com/in/evangelos-mantas-0aa82619a/
DroneSec is a cyber-uav security and threat intelligence company who hosted this second series of the GDSN community event.
https://dronesec.com/
The Counter Drone Systems (anti drone) Market Industry is expected to grow from USD 3,965.0 Million in 2022 to USD 8,749.0 Million by 2022, at a CAGR of 18.7% between 2022 and 2032.
Counter Drone Systems Market 2022-2032 - Aviation and Defense Market ReportsDefense Report
Global Counter Drone System market 2022-2032 includes Counter drone technology, commonly referred to as counter-UAS or C-UAS, refers to devices that detect and/or intercept unmanned aircraft systems in flight. As drones become more widely used, counter-UAS technology is continuously developing and changing. Concerns about the threat that drones offer in civilian and military situations have fueled the advancement of C-UAS technology The Table of Content would give the readers a perspective of the coverage of the Global Counter Drone System market 2022-2032.
Mohammad AlghamdiUtah State UniversityENGL-2010Safety in Avi.docxgilpinleeanna
Mohammad Alghamdi
Utah State University
ENGL-2010
Safety in Aviation Transportation
Facts
• The Wright Brothers (1903), were the first to complete the first ever assisted take off, pioneering the age of powered and controlled air travel. The first extensive use of heavier than air engine powered planes was seen a decade later in the First World War.
• During the 1920s and 1930s, advancements in air transport saw the first commercial airliner, the Douglas DC-3, transport passengers safely.
When the Second World War was taking place, most cities were building airports, and the popularity of air transport increased after the war
• Air transport over the years has come to be referred to as the safest way to travel. During the Second World War, fatalities by aircraft crash increased sharply. After the war, approximately 300 crashes were reported per year until 1980. That is equivalent to about 2000 deaths per year.
• The years from 1970 saw a steady decline in aircraft accidents due to enhancements in technology and safety procedures. For example, in 1973, the FAA in the USA introduced the screening of passengers and their luggage. Since the year 2000, there have been averagely 164 aircraft crashes per year resulting in 1061 deaths (Kirk). According to the IATA, more than 3.5 billion people flew safely on 37.6 million flights in 2015. According to B3A, in the same year, 122 aircraft crashes occurred worldwide leading to 898 deaths.
• 2016 was the safest year to travel by air. Only five fatal aircraft incidences were reported. These include the Egyptian flight that crashed into the Mediterranean in May leading to 66 deaths and the Brazilian LaMia jet carrying a popular football team in November killing 71 people. to70, an international air transport consultancy firm based in the Hague reported that only 271 deaths by plane crash occurred in 2016 (Calder)
• Data collected by professor Ian Savage of the department of economics at Northwestern University shows that regarding deaths per billion passenger miles traveled, air travel accounts for 0.07 deaths. This is a small value as compared to other modes of transport. Motorcycles are the most unsafe with 212.57 deaths followed by cars at 7.28 deaths per one billion passenger miles traveled.(Morris)
• Aircraft accidents are rare as compared to other forms of transport but on occurrence seem relatively fatal. This fatality is then exaggerated by the media creating an assumption that air transport is more dangerous than it is(Hope)
Definitions
• Aircraft accident- according to B3A is an event involving an aircraft carrying at least six people including the crew that was damaged enough to be removed from service.
• Passenger miles- a unit of transportation measurement determined by multiplying the number of unlinked passenger trips by the average length of their trips.
• Turbulence- the state of being violently disturbed or agitated.
• Radar- a system that detects distan ...
Drone-Proofing Critical Infrastructure with Anti-Drone Systems.pdfNovoQuad
In critical establishments like defense bases, government buildings, and public hubs like airports and stadiums where the crowd is beyond control, counter-drone technology isn’t just an alternative; it’s a mandate.
The Role of Anti-Drone Systems in Ensuring Public SafetyNovoQuad
The need for anti-drone for law enforcement now is more substantial than ever, and to prove this, here’s how drones pose a threat to public gatherings.
Defense against Drones- Understand Challenges and Solutions.pdfNovoQuad
Unmanned aerial vehicles (UAVs) or drones, as they’re commonly known, have become increasingly powerful, affordable, and readily available. Defense against drones is an ongoing challenge, demanding constant evolution and innovation in integrated counter-drone solutions.
Securing National Events with Anti-Drone TechnologyNovoQuad
In national events, anti-drone technology can help to prevent incidents such as unauthorized photography, surveillance, or even the deployment of harmful payloads.
From Tracker to Jammer - Navigating Drone DefenseNovoQuad
Drones have proven to be incredibly useful for everything from aerial photography to package delivery. However, as drones spread, so do the difficulties they present.
Establishments that Need Drone Safety More than EverNovoQuad
Nowadays, UAVs have found drone way into the hands of civilians and even criminals with malicious intent which highlights the pressing need for protective measures like drone detectors.
Social Bookmarking Details
The State of Drone Security – Analysing 1000+ drone incidents (Mike Monnik) -...DroneSec
Mike Monnik (DroneSec)
Talk Recording: https://www.youtube.com/watch?v=-zuJerGWTWs
The Global Drone Security Network (GDSN) is the only event of its kind focusing on Cyber-UAV security, Drone Threat Intelligence, Counter-UAS, and UTM security. Watch the full recording here: https://www.youtube.com/watch?v=vZ6sRr65cSk
Speaker: https://www.linkedin.com/in/mike-monnik-23026a75/
DroneSec is a cyber-uav security and threat intelligence company who hosted this second series of the GDSN community event.
https://dronesec.com/
UNMANNED AERIAL vehicles (UAVs) have come of age in the last decade. Having first been used on a large scale by the American military for surveillance purposes in the Vietnam War, and having been improved through subsequent use by the Israelis in Lebanon and by NATO in Operation Allied Force in Kosovo, UAVs can now be found in arsenals all over the world for a variety of purposes.
Similar to A TASK BASED information break down of COUNTERING UAV (20)
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!SOFTTECHHUB
As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIVladimir Iglovikov, Ph.D.
Presented by Vladimir Iglovikov:
- https://www.linkedin.com/in/iglovikov/
- https://x.com/viglovikov
- https://www.instagram.com/ternaus/
This presentation delves into the journey of Albumentations.ai, a highly successful open-source library for data augmentation.
Created out of a necessity for superior performance in Kaggle competitions, Albumentations has grown to become a widely used tool among data scientists and machine learning practitioners.
This case study covers various aspects, including:
People: The contributors and community that have supported Albumentations.
Metrics: The success indicators such as downloads, daily active users, GitHub stars, and financial contributions.
Challenges: The hurdles in monetizing open-source projects and measuring user engagement.
Development Practices: Best practices for creating, maintaining, and scaling open-source libraries, including code hygiene, CI/CD, and fast iteration.
Community Building: Strategies for making adoption easy, iterating quickly, and fostering a vibrant, engaged community.
Marketing: Both online and offline marketing tactics, focusing on real, impactful interactions and collaborations.
Mental Health: Maintaining balance and not feeling pressured by user demands.
Key insights include the importance of automation, making the adoption process seamless, and leveraging offline interactions for marketing. The presentation also emphasizes the need for continuous small improvements and building a friendly, inclusive community that contributes to the project's growth.
Vladimir Iglovikov brings his extensive experience as a Kaggle Grandmaster, ex-Staff ML Engineer at Lyft, sharing valuable lessons and practical advice for anyone looking to enhance the adoption of their open-source projects.
Explore more about Albumentations and join the community at:
GitHub: https://github.com/albumentations-team/albumentations
Website: https://albumentations.ai/
LinkedIn: https://www.linkedin.com/company/100504475
Twitter: https://x.com/albumentations
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
The Art of the Pitch: WordPress Relationships and Sales
A TASK BASED information break down of COUNTERING UAV
1. BIJDRAGE: ing E. Hofte CISSP CEH CIH en dr. Ir. A.P.M. Zwamborn - Royal Netherlands Marechaussee
dr. A.J. Hoogstrate - Netherlands Defense Academy
ABSTRACT THE RAPID SPREAD AND GROWING USE OF UNMANNED AERIAL VEHICLES (UAV) BY INDIVIDUALS,
THE PRIVATE SECTOR AND TERRORISTS HAS GIVEN WAY TO NUMEROUS DEVELOPING SECURITY CONCERNS.
THIS ARTICLE ANALYSES HOW GOVERNMENT, REGULATORS, SECURITY SERVICES, LAW ENFORCEMENT CAN
ADDRESS SOME OF THESE CONCERNS. COUNTERING THESE SECURITY THREATS IS COMPLEX AS THE THREATS
HAVE TO BE COUNTERED AT DIFFERENT TECHNOLOGICAL LEVELS AND INTENDED USE SUCH AS TERRORIST,
CRIMINAL, MILITARY, INTELLIGENCE, SAFETY ETC. TO ENABLE ANALYSIS A FRAMEWORK IS INTRODUCED TO
CLASSIFY THE TASKS COMMONLY ASSOCIATED WITH ADDRESSING SECURITY THREATS: INTELLIGENCE, GUARD
AND SECURE, OPERATIONS AND LAW ENFORCEMENT. USING THIS FRAMEWORK A BREAKDOWN OF THE INFOR-
MATION NECESSARY TO PERFORM THE DIFFERENT TASKS IS INTRODUCED. WE ANALYSED WHAT INFORMATI-
ON NEEDS TO BE GATHERED TO ENABLE THE DEVELOPMENT AND EXECUTION OF COUNTER MEASURES ASSO-
CIATED WITH THE DIFFERENT TASKS. SPECIAL ATTENTION IS PAID TO HOW DIGITAL FORENSICS ON UAV’S COULD
CONTRIBUTE TO THE TASKS OF INTELLIGENCE, GUARD AND SECURE, OPERATIONS AND LAW ENFORCEMENT.
KEYWORDS UAV, CHAIN, DRONE, FORENSIC, DIGITAL FORENSICS, EXPLOITATION, MARECHAUSSEE
C-UAV
1515
2. Introduction
Nowadays there is an increasing use of
Unmanned Aerial Vehicles (UAV). Privately
owned or used by military and law enfor-
cement. There have been various incidents
and threats through mis- or abuse of UAV.
On July 22 2014 an unmanned air vehicle
came within 20 ft. of colliding with an Airbus
A320 airliner as it made its final approach
into London Heathrow airport. Detailing
the incident on July 22 this year, investi-
gators from the U.K. Airprox Board, which
examines the causes behind air proximity
incidents in British air space, said the inci-
dent posed a serious risk of collision (Tony
Osborne, 2014).
May 23 2017, a drone has been involved in
a near-miss with a plane making a descent
into Edinburgh Airport (BBC, May 23, 2017).
Apart from these civil originating incidents
there are incidents that are military born. In
2011 a UAV was hijacked by Iranian forces.
President Barack Obama said that the
United States has asked Iran to return a U.S.
drone aircraft that Iran claims it recently
brought down in Iranian territory (CNN,
2011). And then there is a development
that ISIS is using drones as an ‘increasingly
unconventional’ weapon, to drop grenades
on army forces (Walker, 2017).
This kind of threat can easily be transfer-
red into home territory as experiences,
developments and success-stories by our
adversaries increase in time.
For less than $1,600, anyone can acquire
a ready, GPS-enabled and camera- equip-
ped consumer drone that can carry a small
amount of weight. IS introduced terrorists to
new and innovative capabilities in executing
attacks, particularly the ability to bypass
traditional security measures such as fences
and gain unprecedented access to a vul-
nerable target.
Lone wolves in the United States break the
mold of global terrorism, motivated by anti-
governmental ideologies more than reli-
gious or other principles. Innovators among
these lone wolves may use consumer dro-
nes to target a number of long-term static,
temporary static or mobile targets in the
coming years.
Consumer drones currently on the market
offer a diversity of capabilities, of which
payload, maximum range and maximum
speed are most important. In general these
consumer drones can carry up to 1.0 kg of a
substance, significantly limiting the destruc-
tive capacity of an explosive-laden drone;
even so, a precision attack can render de-
vastating effects against a vulnerable target.
Currently, commercially available drones
capable of more payload weight are beco-
ming available with lesser budget. Conse-
quently its availability to adversaries is, to
our opinion, just a matter of time. It should
be noted that lone wolves are expected to
use traditional arms and bombs in attacks
rather than explosive-laden consumer
drones due to a much higher probability of
inflicting more casualties and causing more
damage.
So in the short term the UAV born threat will
more likely be an individual who acciden-
tally crashes into an airplane, rather than a
lone wolf with malicious intention (Hughes
and Hess, 2016). At least for now.
Military Engineer Troops use services offered by civil organizations for GIS and surveying critical
infrastructure
1616
C-UAV
3. 1717
The doctrine describes the way one can
counter IED’s. Understanding the threat and
gather intelligence to create operational
awareness. The organization needs to be
prepared in case of an attack. She must be
able to attack the operational (organiza-
tional) network and must understand the
technical and operational nature of the IED
system in order to become abtle to succes-
fully engage such a threat.
All components form several attack surfaces.
Interventions at multiple components or
combinatins are possible.
The combination of knowledge, skills and
means provide the ability to protect. This
research will describes the technical way
that leads to situational awareness and
understanding of countering UAV’s, lear-
ning from the approach model for C-IED.
The UAV Counter Chain Model consists of
four counter phases.
1. Detection;
2. Classification and Identification;
3. Neutralization;
4. Attribution;
The business processes are being visua-
lized as columns. The height of the yellow
Countering UAV attacks
How can an UAV born threat or abuse be
countered? Countering these threats in the
Netherlands is a shared responsibility of dif-
ferent organizations. The Royal Netherlands
Marechaussee (Royal Netherlands Mare-
chaussee, (n.d.)) is one of them. It watches
the security of state in the Netherlands and
beyond. It is deployed globally to places of
strategic importance. From the Royal pala-
ces to the external borders of Europe. From
airports in the Netherlands to war theatres
and crisis areas around the world.
The Marechaussee has 3 main tasks:
1. Border police case;
2. Guard and secure;
3. International and military police tasks.
The Marechaussee performs these tasks for
the Ministry of Justice and Security.
While delivering these tasks it faces more
and more new digital- or digitalized threats.
The misuse or abuse of UAV is one of them.
Besides the Marechaussee several other
organizations have to deal with this threat
as well, The National Police, the security
services as well as the military. Countering
the threat is for each of these organizations
differs from an operational point of view
as they all have slightly different tasks and
therefore different priorities, operational
constraints and consequently business ob-
jectives. However, the available techniques
for detection, identification and engaging a
possible threat are equal.
We therefore describe what the business
objectives dictate as to countering UAV’s.
Is intelligence gathering the objective or
do we need to stop its flight to prevent a
possible attack or disaster? In an ultimately
case we have to take the human control-
ler of the UAV to court. Several primary
processes could all benefit from countering
UAV. Intelligence, Operations and Policing,
the latter is the law enforcement task. The
business value is mainly dependent on the
kind, the quantity and quality of data that is
retrievable out of the UAV, its command and
control or sensing components. Insight in
data creates understanding in how we could
counter UAV born threats and its value to
the primary processes of the Marechaussee
and the other governmental organizations.
The different business objectives in coun-
tering a UAV born threat require different
amounts of data and consequently informati-
on. We introduce a model that measures the
amount of data and relates it to the business
objective. From an operational point of view
it should be noted that positive identification
of the UAV is paramount. Otherwise it could
be that an officer is mistakenly tracking
an air van of a vehicle. In this respect, one
could think of utilizing white/black listing to
reduce the time to recognize a UAV in flight.
The first step is to model a UAV Counter
Chain Model.
Developing the model
Prior to establishing a model we studied the
lessons learned from countering Improvi-
sed Explosive Devises (C-IED) formalized
through the Allied Joint Doctrine for Counte-
ring - Improvised Devices. NATO AJP-3.15
(Ministry of Defense, 2017).
C-UAV
Different COTS and MOTS systems to counter-
act UAV are available in the market, this is an
example of SteelRock Technologies
NATO AJP-3.15
An UAV with a C-IED capability
4. 1818
upon commercial available UAV’s mentio-
ned in the threat model of Matthew Hughes
& James Hess (Hughes and Hess, 2016).
To further structure our approach we divide
the exploitation fields into an electromagne-
tic section, representing OSI layers 1-2 and
the cyber section, representing OSI layers
3-7. We follow a similar approach as in elec-
tronic warfare, the Cyber Electro Magnetic
Actions (CEMA) [16].
ELECTROMAGNETIC SECTION
Electromagnetic detection delivers every
UAV visible in the range of a detector. Radar
is an effective methods to detect and track
aerial threats. It is able to distinguish small
UAV’s from birds using precision radar, but
this defense mechanism encounters unique
challenges when applied to consumer
UAV. (Maddox et al., 2015) It’s challenge
is to reduce false positives. Furthermore,
operators may fly at low altitudes, below 30
meter (derived from 100 feet, Elias, 2016),
to capitalize on inter-visibility lines created
by surrounding terrain, e.g. trees or buil-
ding blocks to block line-of-sight required
for radar detection (Elias, 2016). What is a
possible better way to detect an UAV?
Detection
There are several ways to detect an UAV.
[10] Audio detection does NOT work in
urban environments.
Most microphones only cover well at 8 to 15
meter so, mainly due to the ambient noise
in the area. Video detection is a useful tool,
but with some limitations. Cameras can see
sharp out to about a couple of hundred me-
ter but have a very difficult time distinguis-
hing birds from drones. Thermal detection
has an effective range of about 100 meter
for recreational UAV’s.
Much like audio detection, thermal detec-
tion would have had little success detecting
an UAV, like most recreational UAV, don’t
produce sufficient infrared radiation with
respect to its background to get a usable
IR-signature. Radar has proven to be the
traditional mechanism for detecting flying
vehicles. However, both radar and optical
bases of the columns indicate the increasing
business value and the coherent demands
on data quality and quantity. This paragraphs
describe the increasing demands on data
forensics based on the business value. The
model defines business value per process
as part of the Marechaussee operations. The
optimum for the Intell process could be the
state where gathered information will lead
to the identification of a thus far unknown
modus operandi by adversaries. It could be
beneficial to Guard and Security to future
identification of an UAV born threat. For
Guard & Secure this will mean a developed
ability to eliminate an evolved threat. Ope-
rations is satisfied if any UAV born threat is
neutralized in or approaching a high risk
area, e.g. an (military) airfield. Policing want
to pursue an adversary in court. There for
forensic sound data is mandatory. Procedu-
res to guaranty the chain of custody of data
collection and investigation must be applied
to be successful.
As indicated previously the different phases
in the C-UAV chain phases contribute to
several law enforcement processes. Phases
detection, classify and identify contributes
mostly to intelligence and Guard & Se-
cure related tasks. Inflight data is mostly
retrievable through carrier signals in the
electromagnetic spectrum. OSI layers one
[1] through four [4]. Neutralizing an UAV is
of major importance for maintaining security
at airfields or during events and therefor
contributes to operations. It is feasible
through disturbing or spoofing the com-
mand and control channel or penetrating the
UAV in the Cyber Electro Magnetic Actions
(CEMA) [16].
The later delivers more data for forensic
investigation because the UAV can be foren-
sically examined. Electronic exploitation of
the UAV, as part of forensic examination will
be conducted after it’s grounding. Finally
if a human controller of an UAV has to be
brought to justice, attribution is necessarily.
Penetration becomes mandatory during
flight combined with forensic data analysis
after it’s grounding. Investigation can’t be
limited to the CEMA domain. The UAV and
it’s command and control components need
to be investigated in the physical domain as
well. Ordinary policing methods like sear-
ching for fingerprints or DNA needs to be
combined with digital investigation. A major
constrain in the latter phase of UAV Counter
Chain Model is maintaining the ‘chain of
custody’. For the prior business processes
the chain of custody isn’t always a precon-
dition. Absence of it doesn’t prevent from
achieving business objectives for intelligen-
ce, weapon technical intelligence (WTI) or
operations.
To determine what data could be found in
an UAV it is helpful to understand the design
of such a system. The UAV consist of a core
physical structure, a C2 architecture, a net-
work architecture reaching further than C2,
for example constructors’ architecture and
UAV payload.
Communication between controller and
UAV can utilize Wireless LAN, 3/4G and
satellite radio signals.
UAV Counter Chain Model Forensics
The following paragraph will lay out the
sequential phases of the UAV Counter Chain
Model and describes the forensics based
C-UAV
UAV Counter Chain Model
UAV communications channels
5. definitively prove that a particular incursion
was done using a specific UAV. In other
words, we may provide enough supportive
evidence for criminal prosecution. We might
be able based on the collected data to con-
ciliate the UAV by alternative physical- or
electromagnetic means. Therefore a com-
bination of CEMA and physical investigative
actions is needed. CEMA detection needs
to be focus on gathering data and prepare
for possible actions in the classification- and
neutralization phase. Simultaneously in the
physical realm officers need to use infor-
mation gathered in the detection phase to
prepare operations for actions. They could
approach the operator based on intercepted
GPS coordinates or/and prepare physical
counter measures for neutralization.
In 2017 TNO conducted R&D on a labora-
tory scale where they showed the merits
of the first three phases of UAV Counter
Chain Model. This investigation additionally
showed the value added of visualization
including method and results.
To detect UAV’s several tools can be used.
Aircrack-ng (www.aircrackng.org) is a com-
plete suite of tools to test WLAN security.
The R&D setup could be used for detection.
It focuses on different areas of WLAN secu-
rity. TNO used it for monitoring. e.g. Packet
capture and export of data to text files for
further processing by third party tools.
Data retrievable during detection merely
consist of MAC addresses, ESSID, channel
indication, encryption and authentication
algorithms which is shown in the figure
Aircrack-ng.
It contributes to the first step in the identifi-
cation process. BSSID is typically the MAC
address (H/W Address) of the Wi-Fi Chipset
running on a Wireless Access Point. ESSID
is just the SSID or the Network Name (for
Infrastructure AP networks) “HACKERS
AHEAD” would be an ESSID. The UAV calls
for one of these ESSID’s. In countering the
are line-of-sight detection sensors, with
their derived restrictions.
An example is Squire (Thales and Robin
Radar n.d.). It detects UAV’s up to three
kilometers through utilizing the Doppler
Effect caused by the rotor blades, even at
low altitude. False positives do occur, be-
cause it detects also detects the ‘blades of a
fan’ present on other vehicles like automo-
biles. It is able to classify the UAV and self
corrects its results through data analyses.
The value added is momentarily limited to
Intelligence and operations since it delivers
only indicative data, which is based upon
the micro-doppler readings.
It does contribute to general situational
awareness and delivers input for decision
making for Guard and Security.
The business value could be enhanced by
utilizing probability based decision suppor-
ting tools combined with indicative infor-
mation as input for (automated) decision
making for Operations. Due to the limited
reaction time needed to neutralize an UAV
this might be a topic for further scientific
investigation or product development.
CYBER ELECTROMAGNETIC
ACTIVITIES (CEMA) SECTION
Detection just based on utilizing the
electromagnetic layer restricts results. It is
momentarily the most common method of
controlling commercial UAV’s utilizing 2,4
and 5 GHz frequencies.
In addition to radar the most effective way to
detect UAV is by using its pertaining radio
frequency (RF) activities. It has a long range,
about two to five kilometers [17] and is
difficult to circumvent. Unlike other methods,
RF detection can do more than just identify
that an UAV is nearby. Within this vector we
could be able to penetrate the system using
exploits (Cyber and EW) and subsequently
glean important data such as GPS coor-
dinates of the UAV and controller, altitude
and Unique identifier of the UAV. This paper
elaborates in more detail on retrievable data
in the section about attribution.
We may glean enough additional data to
not only find the UAV but to find its opera-
tor, and with the unique identifier we can
Frequency Spectrum for UAV detection
Aircrack-ng
C-UAV
1919
6. data further up the OSI stack. Especially ISO
layer four (4) and up. To be able to attribute
TNO and other researchers investigated
the UAV and it’s operational environment.
To find out it’s working mechanisms, ways
of communication and vulnerabilities which
can lead to possible entry points and usage
of (known) exploits.
An operator needs to control the UAV, in this
TNO experiment a widely used commercial
UAV, the DJI Phantom 4 [11], one needs a
controller which can be a hardware control-
ler or an application on a smart device. An
application which could be part of a client
server construction of the vendor. By doing
so the client-server infrastructure is part
of the system that needs to be forensically
investigated. In many cases the two control
options are combined. The hardware
controller is responsible for establishing
the secure control channel. The application
on a smart device establishes a separate
connection for data exchange. This is sensor
dependent. It could be used as a data
channel for audio, video or photo based
functionalities. Many UAV’s contains a GPS
receiver for generating geo-coordinates
which can be utilized through the applicati-
on installed on a smart device.
Thus the forensic investigation shall be focu-
sed on the application layer. The Operating
System. In case of the Phantom 4 Android or
IOS. These OS’s utilize backups on Google
or Apple data centers. In case of IOS based
on the Apple ID that is used.
The OS also sends captured geolocations
to Google or Apple. An example of wider
infrastructure that could be part of forensic
investigation. The OS writes log files. These
files sometimes contains usernames and
passwords, hashed or plain text wise and
Mail or MAC addresses. [12] and are very
useful for attribution.
The application could contain data like:
1. Device related data and user related
data;
2. Geolocations and routes (flightpaths)
3. Photo, video and other sensor data;
4. User credentials for excessing vendor
site;
UAV we could impersonate the ESSID to
force it to connect. Ones the connection
with the UAV is established internal C2 data
becomes available. By the time of writing
this paper, vulnerabilities could be fixed by
manufactures. Further research for identifi-
cation en classification through penetration
is mandatory, due to the constant evolving
process of software- and vulnerability ma-
nagement.
Classification and Identification
Establishing the connection via Snoopy-NG
(application in kali Linux). It sets up an ac-
cess point which forces the UAV to connect.
By coupling the data captured through
snoopy-ng with the reporting tool Maltego
several data becomes visual.
Snoopy is a server-client architecture that
fills a database with captured metadata of
connected clients. Maltego is the associated
reporting tool. Data to be collected next to
SSID and MAC addresses could be tech-
nical data from UAV components, internet
connections to other databases or storages
which has been established by the UAV en
possible C2 or sensor channels.
By analyzing the data in Maltego, the UAV
can be classified. The components, connec-
tions and related storages are being visua-
lized. The identification combined with the
data from the classification could lead to its
operator.
This data serves Intel and operational pur-
poses. Combined with other information
it could lead to more holistic situational
awareness or contribute to risk assessment
during events or ground security at airfields.
Now when an UAV is still in flight a decision
has to be made based on a possible threat
or risk that it could be.
Neutralization
In this phase the UAV needs to be stop-
ped when approaching a sensitive area or
deliver its payload. There are several ways
to achieve this goal. This paper restrict
itself to utilizing the Cyber Electromagnetic
Activities (CEMA) approach.
Intervention at some point at the attack
surface is needed. Taking over the control
channel, attacking the operating system,
spoofing a different geolocation are all
options. But it needs to be done in a timely
manner. The time to act is short.
The mean chosen must be one based on
operational priorities. If the UAV needs to
be neutralized because of the nature of
the threat, less priority will be given to the
collection of usable data for attribution.
If possible the UAV needs to be kept intact
for later (digital) forensics. If a UAV has an
incoming velocity of 90 km/h and is 1000 m
away the counter UAV phases “detection
through neutralization” needs to be com-
pleted under 15 seconds. Time to act is
short! ([17], ref). As of time writing this
paper the velocity of some commercial
UAV’s reach a maximum of 200 km/h.
It implicates the constant shorter time to
react on a threat. The earlier time to react
at a speed of 90 km/h was 15 seconds.
15 seconds *90/200 means 6,75 seconds
reaction time between detection an possible
neutralization. The development of these
commercial UAV’s is asking for automated
decision making.
Attribution
To attribute the control of an UAV pilot, pos-
sibly adversary, we have to find and analyze
Maltego
Limited reaction timeframe
2020
C-UAV
7. 2121
5. Application log files registering third
party applications which the application
had data exchanges with.
6. Applications may use functionalities to
ease up a restart, like Application back
grounding, URL Caching (HTTP request
and response) at cache DB.
It is noted that Credentials Functionality
(Persistent Authentication) are stored in
the UAV and therefore of interest to us.
In march 2017 the German government
did call citizens to clean there caches on
smartphones to counter privacy related
threats [13]. based on these application
features. So the caches forms a valuable
source.
The user agreement of the DJI writes about
data exchange between the application, ser-
ver and third parties. [15] An example is the
via Facebook offered functionality to publish
and share photos and videos using web
beacons. Using this functionality Facebook
receives user related data.
Data to be exchanged with SZ DJI Techno-
logy Co LTD and third parties, and thus
stored in the UAV or external infrastructure
at data centers are: name, email addresses,
telephone numbers, payment data such as
account numbers, photo’s, video’s, meta-
data, coo-kies, IP addresses, mobile device
numbers like EMEI, type web browser, visi-
ted sites and content, data and time, opens
emails, operating system used, used hard-
ware, geolocations. All this data is essential
for attribution. Two example published on
Mavic pilots showing some transmitted data
between the DJI application and backend
servers. [14]
Discussion and conclusion
To find out if and how Digital Forensics
could serve as contributor in countering
UAV based threats within the business
processes of the Royal Marechaussee we
started by identifying four steps in the UAV
Counter Chain Model. By modeling the
phases we were able to identify possible
business value. There is always an Intell
value.
The value for Guard and Security is limited
because of the sort time available for dis-
cussion making. The possible speed of the
UAV dictates the decision making and opti-
onal neutralization of the UAV and therefore
in some cases limits the collection of inflight
data gathering, which could be used for
attribution and law enforcement objectives.
Neutralization can be achieved by broad
band spectrum disturbance forcing the UAV
to land, but rules out the option to utilize it at
ear fields because of possible disruption of
air traffic control.
We used the UAV Counter Chain Model and
the OSI stack to determine possible data
sources. The first layers, physical through
network layer shows data that can be rela-
ted to a device and indicates other potential
connections established by the UAV. It con-
tributes to enhanced situational awareness
for Intel processes. Through classification
and identification, neutralization of the UAV
is optional and is of value for Operations.
Significant business value is created if data
at the application layer is made retrievable.
Now attribution becomes possible, thanks
C-UAV
8. 2222
Operations in Domestic Airspace:
U.S. Policy and the Regulatory Landscape
(CRS Report No. R44352). Washington,
DC: Congressional Research Service.
https://www.fas.org/sgp/crs/misc/
R44352.pdf.
• Naboulsi, Zain (2015) Drone detection:
What works and what doesn’t. Retrieved
December 08, 2017, from https://www.
helpnetsecurity.com/2015/05/28/drone-
detection-what-works-and-what-doesnt/
• [11] http://www.phantom4-guide.co.uk/
phantom-4-specification/
• [12] https://blogs.uni-paderborn.
de/sse/2013/05/17/privacy-threate-
ned-by-logging/
• [13]https://www.bsi.bund.de/DE/Presse/
Pressemitteilungen/Presse2017/Frue-
hjahrsputz_02032017.html
• [14] https://mavicpilots.com/threads/
dji-mavic-privacy-backdoor.17723/
• [15] http://www.dji.com/policy
• [16] United States Army (2014) Field
Manual No. 3-38. Cyber Electromagnetic
Activities. Retrieved December 04, 2017,
from https://fas.org/irp/doddir/army/fm3-
38.pdf
• [17] R&D Onderzoek TNO, Prof. dr. ir.
A.P.M. Zwamborn.
• [18] Ministry of Defence, July 13, 2017,
NATO AJP-3.15 (B) Allied Joint Doctrine
for Countering - Improvised Devices
(Edition B version 1). Retrieved Decem-
ber 04, 2017, from https://www.gov.uk/
government/uploads/system/uploads/
attachment_data/file/628221/
w20151102-nato_ajp_3_15_b.pdf
to a vast variety of data sources that can be
investigated. Especially infrastructure where
the UAV maintains communications with.
Data centers of manufactures, service provi-
ders like Apple, Google and Facebook.
So the value for Intel and Operations incre-
ases drastically if data in this layer can be
obtained. Prosecution through attribution, if
forensic sound investigated and the chain of
custody is maintained, is possible. It raises
other questions of legality and therefore
asking for further research.
To collect data at data centers which can fall
under different national bound laws makes
forensic investigations complicated. Interna-
tional cooperation comes to the table.
In those cases we have to asks ourselves if
prosecution forms the silver bullet or could
disturbance of the UAV’s flight path and the
inherent removal of the threat achieve our
business objectives?
References:
• Royal Netherlands Marechaussee, (n.d.).
Retrieved December 04, 2017, from
https://english.defensie.nl/organisation/
marechaussee
• Tony Osborne, Dec 15, 2014. Drone
Came Within 20 Ft. Of Airliner At He-
athrow, Retrieved December 04, 2017,
from http://aviationweek.com/awin-only/
drone-came-within-20-ft-airliner-he-
athrow-1
• BBC, May 23, 2017. Drone in near miss
with plane near Edinburgh Airport.
Retrieved December 04, 2017, from
http://www.bbc.com/news/uk-scotland-
edinburgh-east-fife-40019778
• CNN, Dec 12, 2011. Obama says U.S.
has asked Iran to return drone aircraft.
Retrieved December 04, 2017, from
http://edition.cnn.com/2011/12/12/world/
meast/iran-us-drone/index.html
• Marc Walker, Feb 27, 2017. ISIS using
‘unconventional’ weapons as footage
shows drones dropping grenades Re-
trieved December 04, 2017, from http://
www.mirror.co.uk/news/world-news/
isis-using-increasingly-unconventio-
nal-weapons-9928395
• Thales, (n.d.) Squire, Retrieved Decem-
ber 08, 2017, from https://www.thales-
group.com/en/squire-ground-surveillan-
ce-radar
• Hughes, Matthew and Hess, James (2016)
“An Assessment of Lone Wolves Using
Explosive-Laden Consumer Drones in
the United States, “Global Security and
Intelligence Studies: Vol. 2: No. 1 , Article
6. Available at http://digitalcommons.
apus.edu/gsis/vol2/iss1/6
• Maddox, Stephen, and David Stucken-
berg. 2015. “Drones in the U.S. National
Airspace System: A Safety and Security
Assessment.” Harvard National Security
Journal, February 24. http://harvardnsj.
org/2015/02/drones-in-the-u-s-natio-
nal-airspace- system-a-safety-and- se-
curity-assessment/ (accessed April 28,
2016).
• Elias, Bart. 2016. Unmanned Aircraft
C-UAV