1/30/2020-02/13/2020
Checked Intel drone data
Current captures are ~30k UDP packets
Network traffic is between Drone and QGroundControl
Checked specifications on Controller
Verified drone uses 2.4GHz reciever by Spektrum
Spektrum Control uses DSM2 or DSMX Tx/Rx protocol to bind controller and regulate commands
DSMX technology uses frequency hopping to increase security and reduce interference
Controller can use up to 12 channels; Each channel controls a different component on the drone
https://www.spektrumrc.com/ProdInfo/Files/Remote%20Receiver%20Interfacing%20Rev%20A.pdf
My thoughts:
I'm guessing that video feed and associated drone applications stay on the same channel. That would explain why Elena was able to capture Solo traffic when she attached the GoPro, and why the the Viper and Intel only show UDP packets when we connect to a phone or laptop.
From my research, I suspect that most modern flight controllers on 2.4GHz run one of many Tx/Rx protocols that hop channels
We would have to redirect our focus to reverse engineering these protocol patterns in order to capture profiles of drones operating via controllers only
YINGFEI: Eric, please check with Matthew. He has made some progresses on Intel and Solo. You may want to know what he has done.
2/21/2020
Compared decrypted/encrypted data size for Intel
Encrypted payload data is consistently 44 bytes larger than decrypted
Frame sizes are the same for encrypted and decrypted packets
Issues
If packets are captured with the same REL_TIME, WireShark won't export all of the packets to the JSON file. These dropped packets can account for gaps in data that we saw in the excel spreadsheet.
YINGFEI: Eric, could you explain this to Yeon and David? They don't see the packet missing issues in their traces.
Decrypted PCAP conversions on the Google Drive didn't match the originals; Must manually decrypt the originals when doing analysis
2/28/2020
Compared decrypted/encrypted data size for SkyViper
Encrypted payload data is consistently 44 bytes larger than decrypted
2/28/20 YINGFEI: let us try to compare with other traffic, e.g., a laptop to router.
YINGFEI: Eric, do we try this yet? Alysha or Joy may try to verify this. For example, see the size change of other traffic from a laptop to you router, e.g., port 80 with HTTPS.
Frame sizes are the same for encrypted and decrypted packets
2/28/20 YINGFEI: Frame sizes??
Graphs for the tested packets are in the following directory on the shared drive: Analysis->Spring2020->Encryption_sizing
3/5/2020
Analyzed lengths and difference in REL_TIMEs for each message ID for Intel
"Length and Timing" spreadsheet in drive
"intel patterns" show highlights of patterns
Issues
Bin sizes need to be specified to remove repeats
Initial standard deviation was used to remove large gaps in deltas
3/13/2020
Modified and printed new poster
Presented at poster session
3/20/2020
Spring Break
Covid-19 lockdown
3/27/2020
Downloaded and installed tensorflow, sci-kit, keras, and other libraries in python for machine learning
Currently practicing with machine learning and pattern recognition
To-Do:
Determine structure of training data
Create script to make training data set (matrix and label)
Pattern based on IDs per loop regardless of order?
Pattern based on sequential pattern IDs?
Pattern based on similar timing between IDs?
4/3/2020
Wrote script to process patterns of neighboring IDs
Excel spreadsheet of patterns for Intel_1 and Viper_1 can be found on drive.
To Do: Compare other collection data