Meeting Notes

Meeting notes are taken every time the team, or parts of the team, meet up and try to work on the project. This helps us to keep track of who is doing what, while serving as a more detailed reference for the work that we accomplished and the problems that we managed to solve.

01/25/2019:

-introduced to drone

-read instructions

-became accustomed to the parts of our setup (battery, charger, drone, controller)

01/26/2019:

-briefed researched Intel Aero RTF Drone setup and operation

-tried to get familiar with flying drone manually in park

-caught up with reading and packet capturing methods using Kali Linux

02/03/2019:

-used multiple assorted dongles to connect Intel Aero RTF Drone to a monitor, keyboard, and mouse

-explored the Yocto (Linux) operating system

-updated the operating system, later finding that the OS was up to date

-tried but could not establish connection to QGroundControl App

-tried to establish network connection to update firmware

-booted Kali Linux via USB on drone

-experimented with drone BIOS

-manually installed Ubuntu onto the drone

Goal for next meeting:

-update firmwave

-be able to collect packet to make a pcap file

Need:

-micro-usb to usb-port(female) or usb-hub

02/05/2019:

-drone with Ubuntu is no longer in AP mode

-connected to Intel drone #2 with Windows computer

-captured .cap files with airodump-ng through Kali hard boot

-used $service network-manager restart to restart the network manager to connect to internet and upload files

-.cap files are in the Team Drive under "inteldrone standstill pcap files"

02/10/19:

-flashed the bios, flightcontroller, and fpga

-calibrated sensors to work with QGC

-collected traffic from wifi connection from qgroundcontrol on desktop to drone (in data)

02/17/2019:

Matthew and Issac:

-triple checked instructions and watched videos to ensure a safe drone flight

-flew drone with QGroundControl; takeoff and landing only

-WiFi connection to drone was not always consistent

-collected flight packets from Intel drone 3x (in data)

David and Marionne:

-completed Netzob tutorial

-tried to understand output of scripts

-attempted to decrypt in-flight packets, however we encountered a layer 2 error from Netzob\

*update: we realize that we are not ready to analyze via netzob yet

Netzob Layer 2 Error

Need to add 802.11 functionality.

02/21/2019:

-attempted to decrypt flight1.cap in Wireshark file

-entered "wpa-pwd pass:SSID" into preferences and observed information

Unable to decrypt WPA2 packets on Wireshark.

Does not seem to decrypt traffic, need to capture the initial handshake.

02/22/2019:

-met with Elena to get help/clarification on packet analysis via Wireshark

-collected .cap file from drone to computer/QGroundControl connection in file:standstill_handshake_data

-made sure to collect four-way handshake data specified in YouTube video: wpa2_wireshark_decryption

-analyzed in Wireshark with correct wpa2 decryption information

-able to view UDP packets (Intel RTF drone's MAVLink protocol uses UDP)

-currently looking into analyzing raw data to confirm packet/frame structure and verify that it is consistent with MAVLink's specifications.

WPA2 traffic with initial four-way-handshake captured

Now we are able to decrypt the WPA2 packets. We see that they are of UDP protocol, which is an indicator that we are using MAVLink.

This is confirmed in the Intel source code.

02/24/2019:

Matthew and Isaac:

-flew drone for (4) total trials, this time including the four-way handshake for Wireshark decryption (.cap files in Data under Takeoff and landing (with handshake and altitude actions))

-continued and clarified Wireshark wpa2 packet decryption

Note: Most of team out sick.

02/26/2019-03/01/2019 (Individual Work):

Intel RTF Profiling:

-continued research into MAVLink protocol

-attempted to analyze packet

-determined that drone uses MAVLink version 2.0 protocol details in my MAVLink notes.

-analyzed one sample of packet trends

03/01/2019 Proposed Packet Structure

More work and analysis needed on a larger quantity and variety of data. Especially on the definition of 3-byte message ID.

Netzob:

-began looking into python code for 802.11 functionality addition

03/03/2019:

-unsuccessfully tried to run QGroundControl from Ubuntu

-Question: What background processes should we kill?

-flew drone for 5 trials

-lacking a lot of UDP packets

-we will go to a less noisy area this weekend

-only 1 usable file

-failed to capture initial four-way handshake for (2) trials

-drone ran out of battery and stalled in the middle of (2) trials

-original battery is now to bloated and rendered unsafe for use

-need to buy new battery with larger mAh capacity

-David, Marionne, and Alysha now have experience flying the drone with QGroundControl

03/05/2019-03/08/2019 (Individual Work):

-looked more into netzob

-read and tried to understand the new sniffing files

03/09/2019:

-looked for drone batteries to purchase

-ordered an optimal spec battery online (14.8V, 30C, 4000mAh, 4S with X160)

03/10/2019:

-went to Kawai Nui Marsh Model Airplane Field (Kaneohe)

-flew drone and successfully collected packets for 3 trials (in Data)

-too windy, some rain

-used RC controller to fly, drone still communicates status with UDP through QGroundControl

-there is a failsafe that prevents the drone from going on missions without RC paired

-opened Wireshark while collecting packets to ensure that 4-way handshake was successfully captures

-needed to recconnect for UDP packets for both successful trials

-read pdfs posted on team page

Status Report, as of 03/26/2019:

UAV Classifier

-modified pcap_to_json.sh file path definition

-successfully used UAV Classifier shell script to convert .pcap files to .json files

-needed to change .cap to .pcap to make script work

-can modify script later to accept .cap files instead

-json.parser.py script must be modified for the intel aero drone's specific data

-certain packet data sizes must be implemented into script

-must trace entire script and understand each function as there is little to no documentation of code

Netzob/Scapy:

-overall data trends not working

-trying to adapt matplotlib module for graph

Status Report, as of 03/31/2019:

-still tracing UAV Classifier code

-trying to figure out how the code corresponds to and reads the json file format

-Isaac phoned a friend to help us interpret the python code and apply to Intel: raven.py

-code output: {size of packet: number of packets with that size}

Status Report, as of 04/06/2019:

-still unsure of json parsing

-moved on in code, tried to interpret the main()

Status Report, as of 04/14/2019:

-decided to take the code "apart" and analyze in small parts and small examples for a more in depth understanding

-worked on decoding the json file into python readable data with json.load() or json.loads()

Status Report, as of 04/19/2019:

-code is on Github here

-adapt raven.py to output packet timing data

04/20/2019: need to finish graphing data with matplotlib

04/21/2019: need to complete CoE poster and send draft to Dr. Dong

04/22/2019: poster complete

04/23/2019: print poster