Electronic Thesis and Dissertation Repository

Thesis Format

Integrated Article

Degree

Master of Engineering Science

Program

Electrical and Computer Engineering

Collaborative Specialization

Artificial Intelligence

Supervisor

Wang, Xianbin

Abstract

Unmanned Aerial Vehicles (UAVs) have been widely deployed in various fields with many benefits such as cost reduction, safety improvement and service coverage enhancement. Unlike the other mobile ad hoc networks, the UAV swarm, which is a flying ad hoc network, may operate in a hostile environment or experience rapid network topology change which brings high vulnerability by using cloud-based centralized security provisioning techniques. Hence, securing the UAV networks with the on-site authentication resources becomes a vital aspect to accomplish the mission. The on-site authentication resources, such as the cross-layer attributes, can be utilized to form a unique characteristic of each UAV. Alternatively, decentralized authentication techniques have also been considered where multiple collaborative nodes are utilized to fuse a final authentication decision. Although the decentralized authentication techniques usually have a better security performance, they may increase the computational overhead and decrease the efficiency. Hence, limiting the computational overhead becomes a critical challenge when designing more sophisticated authentication schemes for UAV swarms.

In this thesis, a linear discriminant analysis-based centralized authentication mechanism is first proposed to enhance the security performance with limited computational overhead by eliminating the non-informative attributes. Then, to compensate for the single-point failure of the centralized authentication schemes, a collaborative authentication mechanism is proposed to enhance the performance by utilizing the soft edge authentication decisions. Ultimately, we define a novel concept of Security-of-Service (SoS) which is further utilized to minimize the complexity of the collaborative authentication. Instead of utilizing all authentication resources to reach a maximized security performance which creates a higher overhead, the SoS aims to only promise the exact authentication requirement by utilizing a minimum amount of authentication resources. The simulation results demonstrate that our proposed scheme is robust across the changing environment and can fulfill the SoS with limited authentication resources.

Summary for Lay Audience

With reduced cost and growing capability, UAVs have become very popular for supporting many different applications. Rather than the single UAV enabled applications, emerging applications utilizing multiple UAVs, also known as a UAV swarm, have attracted increasing interest due to the better efficiency and reliability in different fields such as logistics as well as search and rescue. However, the potential security risks and attacks by malicious parties in such sensitive networks could lead to catastrophic consequences or cause avalanche-like damages in a critical mission. Therefore, securing the UAV network and protecting the sensitive data from various attacks become a vital aspect of the UAV network design.

Physical-layer and cross-layer authentication utilizing the situation-related characteristics of the wireless link, hardware and environment between the devices can provide a promising security enhancement in the UAV swarm. By adopting these unique characteristics, the difficulty for the attackers to impersonate a legitimate device can be significantly increased. However, the traditional centralized authentication schemes make the final authentication decision based on only the central node which may cause a single-point failure due to the imperfect attributes estimations. To solve this challenge, the decentralized authentication techniques which collect authentication decisions from multiple devices can be considered to enhance the overall authentication reliability and robustness. Nevertheless, the extra computational cost caused by using more devices may significantly downgrade the network efficiency.

In this thesis, we propose an intelligent collaborative authentication mechanism in which a minimum number of authentication devices are chosen to fuse the final authentication decision. A fluid authentication model is built to switch between the centralized authentication model and the decentralized authentication model based on the application scenario and the corresponding performance requirement. The simulation results prove the superiority of the proposed scheme in terms of reducing the authentication devices, decreasing the training period and guaranteed performance requirements as compared to the existing solutions.

Creative Commons License

Creative Commons Attribution 4.0 License
This work is licensed under a Creative Commons Attribution 4.0 License.

Download

Share

COinS