Skip to main content
Springer Nature Link
Log in

Fuzzing Drone Control System Configurations Based on Quality-Diversity Enhanced Genetic Algorithm

  • Conference paper
  • First Online:
Artificial Intelligence Security and Privacy (AIS&P 2023)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14509))

  • 815 Accesses

Abstract

As drones are becoming widely used in various fields, drone security is a growing challenge nowadays. Drone control systems use various configuration parameters to control their positions and attitudes. If these parameters are misconfigured, drones will fall into abnormal flight states, such as trajectory deviation and crash to the ground. Existing works mainly focus on system memory errors which lead to obvious system failure but don’t apply to drone flight state anomalies. This paper focuses on abnormal drone flight states caused by configuration parameter errors. We propose a novel state-guided fuzzing system called APFuzzer, which searches for incorrect configuration parameter values that would trigger abnormal flight states. To enhance the capability of searching for multiple optimal solutions, we design a quality-diversity enhanced genetic algorithm (QDGA) to mutate configurations to search for incorrect configuration parameter values and consider the effects of environmental factors and flight missions on the flight states. We evaluated APFuzzer on the drone control system ArduPilot and successfully searched 3389 incorrect configuration parameter values and triggered all predefined five abnormal flight states. In addition, APFuzzer automatically analyzed the fuzzing results and found five software bugs related to configurations.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 79.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 99.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Ardupilot (2022). http://ardupilot.org

  2. American fuzzy lop (2023). http://lcamtuf.coredump.cx/afl/

  3. Amovlab (2023). http://www.amovlab.com/

  4. Gazobo (2023). http://gazebosim.org

  5. Honggfuzz (2023). http://llvm.org/docs/LibFuzzer.html

  6. Libfuzzer (2023). http://google.github.io/honggfuzz/

  7. Mavexplorer (2023). http://github.com/ArduPilot/MAVProxy

  8. Mavlink (2023). http://mavlink.io

  9. Qgroundcontrol (2023). http://qgroundcontrol.com

  10. Uav logviewer (2023). http://ardupilot.org/copter/docs/common-uavlogviewer.html

  11. Attariyan, M., Flinn, J.: Automating configuration troubleshooting with dynamic information flow analysis. In: 9th USENIX Symposium on Operating Systems Design and Implementation (OSDI 10) (2010)

    Google Scholar 

  12. Baldoni, R., Coppa, E., D’elia, D.C., Demetrescu, C., Finocchi, I.: A survey of symbolic execution techniques. ACM Comput. Surv. (CSUR) 51(3), 1–39 (2018)

    Article  Google Scholar 

  13. Belkin, M., Niyogi, P.: Laplacian eigenmaps and spectral techniques for embedding and clustering. In: Advances in Neural Information Processing Systems 14 (2001)

    Google Scholar 

  14. Clark, D.R., Meffert, C., Baggili, I., Breitinger, F.: Drop (drone open source parser) your drone: forensic analysis of the DJI phantom iii. Digit. Investig. 22, S3–S14 (2017)

    Article  Google Scholar 

  15. Clause, J., Li, W., Orso, A.: Dytan: a generic dynamic taint analysis framework. In: Proceedings of the 2007 International Symposium on Software Testing and Analysis, pp. 196–206 (2007)

    Google Scholar 

  16. Haller, I., Slowinska, A., Neugschwandtner, M., Bos, H.: Dowsing for \(\{\)Overflows\(\}\): a guided fuzzer to find buffer boundary violations. In: 22nd USENIX Security Symposium (USENIX Security 13), pp. 49–64 (2013)

    Google Scholar 

  17. Han, R., et al.: Control parameters considered harmful: Detecting range specification bugs in drone configuration modules via learning-guided search. arXiv preprint arXiv:2112.03511 (2021)

  18. Kim, S., Liu, M., Rhee, J.J., Jeon, Y., Kwon, Y., Kim, C.H.: Drivefuzz: discovering autonomous driving bugs through driving quality-guided fuzzing. In: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, pp. 1753–1767 (2022)

    Google Scholar 

  19. Kim, T., et al.: \(\{\)RVFuzzer\(\}\): Finding input validation bugs in robotic vehicles through \(\{\)Control-Guided\(\}\) testing. In: 28th USENIX Security Symposium (USENIX Security 19), pp. 425–442 (2019)

    Google Scholar 

  20. Kwon, Y.M., Yu, J., Cho, B.M., Eun, Y., Park, K.J.: Empirical analysis of mavlink protocol vulnerability for attacking unmanned aerial vehicles. IEEE Access 6, 43203–43212 (2018)

    Article  Google Scholar 

  21. Li, G., et al.: AV-FUZZER: finding safety violations in autonomous driving systems. In: 2020 IEEE 31st International Symposium on Software Reliability Engineering (ISSRE), pp. 25–36. IEEE (2020)

    Google Scholar 

  22. Maskur, A.F., Asnar, Y.D.W.: Static code analysis tools with the taint analysis method for detecting web application vulnerability. In: 2019 International Conference on Data and Software Engineering (ICoDSE), pp. 1–6. IEEE (2019)

    Google Scholar 

  23. Meier, L., Tanskanen, P., Fraundorfer, F., Pollefeys, M.: Pixhawk: a system for autonomous flight using onboard computer vision. In: 2011 IEEE International Conference on Robotics and Automation, pp. 2992–2997. IEEE (2011)

    Google Scholar 

  24. Mirjalili, S.: Genetic algorithm. In: Evolutionary Algorithms and Neural Networks. SCI, vol. 780, pp. 43–55. Springer, Cham (2019). https://doi.org/10.1007/978-3-319-93025-1_4

    Chapter  Google Scholar 

  25. Møller, A., Schwartzbach, M.I.: Static program analysis. Notes. Feb (2012)

    Google Scholar 

  26. Mouret, J.B., Clune, J.: Illuminating search spaces by mapping elites. arXiv preprint arXiv:1504.04909 (2015)

  27. Prayudani, S., Hizriadi, A., Nababan, E., Suwilo, S.: Analysis effect of tournament selection on genetic algorithm performance in traveling salesman problem (TSP). In: Journal of Physics: Conference Series. vol. 1566, p. 012131. IOP Publishing (2020)

    Google Scholar 

  28. Pugh, J.K., Soros, L.B., Stanley, K.O.: Quality diversity: A new frontier for evolutionary computation. Frontiers in Robotics and AI p. 40 (2016)

    Google Scholar 

  29. Stephens, N., et al.: Driller: augmenting fuzzing through selective symbolic execution. In: NDSS, vol. 16, pp. 1–16 (2016)

    Google Scholar 

  30. Xu, T., et al.: Do not blame users for misconfigurations. In: Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles, pp. 244–259 (2013)

    Google Scholar 

  31. Yao, Y., Zhou, W., Jia, Y., Zhu, L., Liu, P., Zhang, Y.: Identifying privilege separation vulnerabilities in IoT firmware with symbolic execution. In: Sako, K., Schneider, S., Ryan, P.Y.A. (eds.) ESORICS 2019. LNCS, vol. 11735, pp. 638–657. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-29959-0_31

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. College of Cyber Science, Tianjin Key Laboratory of Network and Data Security Technology, Nankai University, Tianjin, China

    Zhiwei Chang, Hanfeng Zhang, Yue Yang, Yan Jia, Sihan Xu, Tong Li & Zheli Liu

Authors
  1. Zhiwei Chang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hanfeng Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yue Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yan Jia
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Sihan Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Tong Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Zheli Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Zhiwei Chang .

Editor information

Editors and Affiliations

  1. Rutgers University, Newark, NJ, USA

    Jaideep Vaidya

  2. Tampere University, Tampere, Finland

    Moncef Gabbouj

  3. Guangzhou University, Guangzhou, China

    Jin Li

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Chang, Z. et al. (2024). Fuzzing Drone Control System Configurations Based on Quality-Diversity Enhanced Genetic Algorithm. In: Vaidya, J., Gabbouj, M., Li, J. (eds) Artificial Intelligence Security and Privacy. AIS&P 2023. Lecture Notes in Computer Science, vol 14509. Springer, Singapore. https://doi.org/10.1007/978-981-99-9785-5_35

Download citation

  • DOI: https://doi.org/10.1007/978-981-99-9785-5_35

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-99-9784-8

  • Online ISBN: 978-981-99-9785-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics