Internet of drones security: taxonomies, open issues, and future directions

Abstract

Unmanned Aerial Vehicles (UAVs), also known as drones, have recently become one of the most important technological breakthroughs. They have opened the horizon for a vast array of applications and paved the way for a diversity of innovative solutions. Integrating drones with the Internet has led to the emergence of a new paradigm named the Internet of Drones (IoD). Several works dealt with the security of the IoD, and various surveys have been published on this topic over the past few years. The existing surveys either have limited scope or offer partial coverage of cybersecurity countermeasures. To address these gaps, in this paper, we provide a comprehensive survey related to the cyber and physical security of IoD. Differently from many surveys that only provide a classification of attacks/threats, we also propose three taxonomies that are related to (1) the assets of drones, (2) attacks, and (3) countermeasures. The first taxonomy is a two-level classification of the assets in the IoD. The first level considers the coarse-grained assets, which refer to the IoD's tangible elements, and the second level considers the fine-grained assets, which refer to the elements composing the coarse-grained assets. Based on the asset classification, we propose a taxonomy of attacks targeting the coarse and fine-grained assets, which allows a finer level of granularity to identify threats, and thus ensure better security. Also, we evaluate the risk of cyber and physical attacks by introducing a novel concept, named Chain of Impact, which connects four types of impacts, namely, Direct, Mission, Drone, and Environment. We propose a taxonomy of technical and non-technical countermeasures according to two implementation phases: Pre-incident, and Post-incident (or recovery). The pre-incident countermeasures are further classified as: preventive and detective. In addition, we present the countermeasures along with their performance and limitations. Finally, open research challenges are identified and ranked according to the level of attention they should receive from the research community. Also, future research directions and suggestions are presented for the security of the IoD.