Wi-Fly?: Detecting Privacy Invasion Attacks by Consumer Drones

Drones are becoming increasingly popular for hobbyists and recreational use. But with this surge in popularity comes increased risk to privacy as the technology makes it easy to spy on people in otherwise-private environments, such as an individual's home. An attacker can fly a drone over fences and walls in order to observe the inside of a house, without having physical access. Existing drone detection systems require specialist hardware and expensive deployment efforts; making them inaccessible to the general public. In this work we present a drone detection system that requires minimal prior configuration and uses inexpensive commercial offthe-shelf (COTS) hardware to detect drones that are carrying out privacy invasion attacks. We use a model of the attack structure to derive statistical metrics for movement and proximity, that are then applied to received communications between a drone and its controller. We tested our system in real world experiments with two popular consumer drone models mounting privacy invasion attacks using a range of flight patterns. We were able to both detect the presence of a drone and identify which phase of the privacy attack was in progress. Even in our worst-case we detected an attack before the drone was within 48m of its target. Permission to freely reproduce all or part of this paper for noncommercial purposes is granted provided that copies bear this notice and the full citation on the first page. Reproduction for commercial purposes is strictly prohibited without the prior written consent of the Internet Society, the first-named author (for reproduction of an entire paper only), and the author's employer if the paper was prepared within the scope of employment.