1. Unmanned Aerial Vehicle Smart Device Ground
Control Station Cyber Security Threat Model
Katrina Mansfield, Timothy Eveleigh, D.Sc., Thomas H. Holzer D. Sc., and Shahryar Sarkani, D. Sc.
School of Engineering Management and Systems Engineering
George Washington University, Washington, D.C., 20052
Email: kmansfi@gwu.edu, eveleigh@gwu.edu, holzert@gwu.edu, emseor2003@yahoo.com
Abstract - The Department of the Defense has transitioned smart
devices into the battlefield as a portable hand-held unmanned
aerial vehicle ground control station without adequate cyber
security protections, putting critical mission data at risk to cyber
security attacks. Industry has developed software apps for smart
phones and tablets that allows soldiers to not only pilot
unmanned aerial vehicles (UAVs) but to share and receive
intelligence and reconnaissance videos and images remotely from
the ground control station (GCS) or directly from the UAV. The
Department of Defense has not developed a secure
communication network that will support a large quantity of
smart devices, nor certification, standards or policies for
operation of secure smart devices. Therefore, mission critical
information will be shared through unsecured, mobile and
wireless networks and through unclassified, unsecure smart
technology that are vulnerable to cyber security risks. Lack of
security of the mobile and wireless networks and smart devices
could result in the unintentional sharing of data as well as loss of
control of the UAV to enemies. The Department of Defense has
failed to develop a threat model and risk assessment to identify
the cyber security threats and ensure the proper security
countermeasures are in place. This paper will analyze the cyber
security vulnerabilities within the communication links, smart
devices hardware, specifically smart phones and tablets, and
software applications to develop a risk model of the threat profile
of the GCS networking hub. This model will help designers and
users of the military and civilian UAV communities to
understand the threat profile of the GCS networking hub to
develop a secure communication network based upon the
vulnerabilities identified for smart phones and tablets.
Index Terms - unmanned aerial vehicles, cyber security,
communication systems, risk analysis
I. INTRODUCTION
With the rapid advancement of technology and popularity in
the consumer market, smart phones and tablets are changing
the way we operate in the workplace and battlefield. The
recent trend of bring-your-own-device to the workplace has
presented many benefits in corporate america. Smart devices
are changing how industry does business; smart devices and
software applications are being utilized to increase
productivity, mobility, collaboration, and business continuity.
However the use of personal smart devices has also introduced
many security vulnerabilities, allowing hackers to get easy
access into companies’ networks and private data. This is the
direct result of companies’ lack of security policies and
measures to secure the devices connecting to their networks.
The Department of Defense has been reluctant in the past to
incorporate this new technology without the capability to
provide secure connection for classified communication. Use
of mobile devices was limited to Blackberry devices as it was
the only phone manufacturer cleared to have impact level 3
security accreditation for secure handling of sensitive data [5].
However, the Department of Defense has recently taken steps
to incorporate smart phones and tablets into the workplace and
battlefield to “keep the department’s workforce relevant in an
era when information accessibility and cyber security play a
critical role in mission success [24].” Implementation of
smart devices in the workplace would allow personnel to
access applications that are not currently accessible with the
blackberry mobile phones. Military services have
transitioned smart devices into the battlefield to provide
additional enhanced capabilities and functions to soldiers in a
single compact, handheld device to control multimillion dollar
unmanned aerial vehicles in the war against terrorism.
However, in effort to keep the technology relevant in the
battlefield, the Department of Defense has failed to protect the
assets from cyber security threats and vulnerabilities when
neither the security threat assessments have been performed
nor protections put in place.
This paper will present a threat model for Android and Apple
smart devices in their use as hand-held unmanned aerial
vehicle ground control stations. The threat model will address
four key components: interest and motive of attack,
vulnerabilities in the smart device ground control station,
cyber security threats, and mitigation steps to improve the
security of the smart device ground control station.
II. RESEARCH PROBLEM
The Department of the Defense has transitioned smart devices
into the battlefield as a portal hand-held unmanned aerial
vehicle ground control station without adequate cyber security
protections, which put critical mission data at risk to cyber
attacks. The government is utilizing software applications on
smart phones and tablets, which allows soldiers to not only
pilot UAVs, but to share and receive intelligence and
reconnaissance videos and images remotely from the smart
device ground control station (GCS) or directly from the UAV
to other mobile device users in the network.
The Defense Information Systems Agency (DISA) released
the Strategic Plan 2013-2018 Version 1 document in
September 2012. One of the key objectives in the document is
to “Promote rapid delivery and utilization of secure mobile
978-1-4799-1535-4/13/$31.00 ©2013 IEEE 722

2. capability, leveraging commercial mobile technology to
enable an agile deployment environment for new and
innovative applications to support evolving Warfighter
requirements [14].” DISA plans to meet this objective by
accomplishing three goals: 1) establishing a wireless network
to support unclassified and classified data, 2) establishing
security standards and a certification process for mobile
technology, and 3) providing a software application database
available to users via mobile technology [14]. This plan is
expected to be accomplished over the next the five years.
However, the mobile technology for military missions has
already been deployed in the battlefield without these goals
being met allowing these devices to be exposed to cyber
security vulnerabilities.
In recent years, research has explored cyber security threats to
the UAV and the traditional ground control station, but little
research has been done to explore what additional cyber
threats are introduced with the use of commercially available
smart devices to pilot the UAV and monitor received data
from the UAV and other network users. Much of the security
technology and processes are currently being developed
without doing a proper threat analysis of the smart device
ground control station. Therefore, the use of inadequately
secured devices in the battlefield yields a lot of system and
mission risk. The consequences for utilizing unsecure devices
could result in fatalities in the battlefield, UAV hijackings,
and unauthorized disclosure of classified information.
Cyber security attacks to the smart device ground control
station are dangerous in the battlefield and the consequences
of attacks are severe. The Department of Defense must
complete a threat model and risk assessment to understand the
threat environment and to ensure the proper security
countermeasures are developed and implemented.
III. UNMANNED AERIAL VEHICLE ATTACKS
Several cyber security attacks to UAVs have occurred over the
years due to lack of security assessment and inadequate
security countermeasures. The first publicly known attack to
UAVs occurred in 2009, where Iraqi militants used a $26
dollar off the shelf SkyGabber software to intercept live video
feeds from unsecured communication links used by the
Predator drones [10]. In October 2011, keylogging malware
was found in the Predator and Reaper ground control stations
after connection to a removable hard drive. The virus spread
to both classified and unclassified computers, fortunately the
software did not interrupt UAV operations nor was sensitive
information disclosed to unauthorized parties [30]. An U.S.
RQ-170 Sentinel UAV was hijacked and captured by the
Iranian government on the Afghanistan border in December
2012. The Iranian government was able to successful land the
UAV to obtain sensitive data including the mission and
maintenance data [35]. More recently, in July of 2012 the
University of Texas partnered with the Department of
Homeland Security to demonstrate the ability to hijack a
military UAV using $1000 dollars worth of equipment to
spoof the global position system (GPS) and take complete
control of the UAV [31].
IV. MOTIVATION FOR PORTABLE, SMART DEVICES IN THE
BATTLEFIELD
Despite the enhanced security measures in BlackBerry smart
devices, BlackBerry smart device users only make up 5% of
the smart device market. Statistics show that 91.1% of the
smart device market utilizes an Apple or Android smart
device, with Android devices taking the lead in the consumer
market. With the rapid advancement of smart technology and
popularity of the devices, the Department of Defense
announced its plan to procure Apple and Android smart
devices for use in the battlefield [5]. Commercially available
smart devices are at the forefront of technology and are
reasonably price compared to the military ruggedized devices.
Military specialized, ruggedized equipment often takes years
to develop and costs more than ten times the cost of
commercially available devices. In addition to the reduced
cost to procure commercial smart devices, the popularity of
Apple and Android smart devices in the consumer market
equates to minimal usability training costs for soldiers who
use these same devices in their personal lives.
These smart devices have been tested across all military
services for multiple purposes. The use of smart devices in
the battlefield will require development of a secure
communication network to manage and secure the smart
devices, software apps, and a software app database that will
allow soldiers to download the apps securely. The
Department of Defense is reaching out to the defense industry
to create a secure communications system to handle and
secure up to 8 million Apple and Android smart devices [28].
Government agencies in conjunction with the defense industry
are currently developing a secure software app database and
military software apps battlefield apps.
V. UAV SMART DEVICE GROUND CONTROL STATION
UAVs have become significantly popular with the rapid
advancements in sensor, communication, embedded control
technology and the miniaturization of technology. Today,
more than 50 countries have implemented UAVs into their
military fleet; the United States alone operates more than
7,500 drones making up more than forty percent of the
Department of Defense (DOD) aircraft. (Blackhurst, 2012)
UAVs are predominantly used to support military missions for
surveillance, intelligence, and reconnaissance missions.
The UAV ground control station is critical to missions. It
controls and monitors the UAV from a location in or near the
battlefield and it is the central node of communication. The
GCS receives information that is collected from the UAV,
processes the data, and provides the data to other users in the
network. Stationary GCSs are often expensive, comprised of
extensive hardware and personal computer workstation setup
within a portable trailer for larger UAVs. The GCS requires a
pilot to maneuver the UAV and a payload operator to operate
723

3. the computer systems, gather intelligence and forward
intelligence from the UAV to other end users in the battlefield.
Small unmanned aerial vehicles (SUAVs) are typically
controlled and monitored using a portable ground control
station; that consists of a hand controller, a ruggedized laptop,
RF transceiver unit, and a controller box. An operator using
the hand controller maneuvers the SUAV with the streaming
video from the SUAV’s camera, and another operator uses the
laptop to gather and analyze intelligence data and disseminates
to other end users in the battle field [25]. The ground control
station must have secure communication links between the
UAV and the GCS and also between the GCS and the end
users in the battlefield network.
Figure 1. Smart Device GCS Network
The Department of Defense has taken the functionality of a
traditional ground control station and miniaturized it into a
mobile, portable smart device using software apps to provide
real-time avionics flight display, navigation systems, system
health monitoring and prognostics display, graphical images
and position mapping, and inward data processing. The smart
device must also allow soldiers to maneuver and view UAV
cameras to find target and enemies and share video data along
with location and time to other soldiers to make quick
decisions regarding targets.
Smart device GCSs present major constraints; the display of
all of the required information on a miniature screen is almost
impossible but workarounds are feasible, and the use of a
smart device does not allow for a secondary or back up data
link between the smart device and the UAV or other end node
users [13].
VI. THREAT MODEL
Developing a threat model of the UAV smart device GCS is
important, it identifies the security threats within the smart
device GCS network and the countermeasures for prevention.
The National Institute of Standards and Technology (NIST) is
the designated authority for developing information security
standards and guidelines under the Federal Information
Security Management Act, Public Law 107-347. NIST’s
definition of threat modeling involves identifying resources of
interest and the feasible threats, vulnerabilities, and security
controls related to these resources, then quantifying the
likelihood of successful attacks and their impacts, and finally
analyzing this information to determine where security
controls need to be improved or added [39].
Using NIST’s definition of threat modeling, the proposed
threat model will identify four key components: interest and
motive of attack, possible entry points of attack in the smart
device ground control station, cyber security vulnerabilities,
and mitigation steps to improve the security of the smart
device ground control station. BlackBerry smart devices are
the only smart devices that currently meet the Federal
Information Processing Standards certification, and therefore
have been deemed acceptable for use by the US government
and therefore will not be analyzed in the threat model. The
threat model will focus on the cyber security vulnerabilities in
Apple and Android smart devices for application of an UAV
ground control station.
A. Interest and Motive of Attack
The goal of attack to the smart device ground control station
are to 1) disrupt the operation of the device to prevent control
of the UAV, 2) gain control of the smart device ground control
station to control the UAV and 3) gain access to data useful to
the attacker. Successful attack requires breach of at least one
of the information security objectives: confidentiality,
integrity or availability. A loss of confidentiality is the
unauthorized disclosure of transmitted and stored data [33].
One of the most common threats to confidentiality is
eavesdropping to a communication network. UAVs are
predominantly used to support military missions for
surveillance, intelligence, and reconnaissance missions; loss of
confidentiality could put the mission at risk and endanger lives
soldiers. A loss of integrity is the intentional or unintentional
changes to transmitted and stored data. Malware is often used
to modify software without the user’s knowledge to gain
access to sensitive information or even potentially gain full
control of the ground control station remotely. A loss of
availability is the loss of the ability to access resources using
mobile devices whenever needed [39]. The communication
network can be disrupted with a jamming device, making the
capability of the communication network unavailable to the
ground control station and other end notes in the GCS network
hub.
B. Vulnerabilities
The UAV ground control station is critical to missions as it is
the central node of communication for intelligence,
surveillance, and reconnaissance (ISR) data. The GCS is not
only used to pilot the UAVs but it also receives images,
videos, and data from the UAV payloads and disseminates the
information to ground troops and other agencies. If the
attacker can gain control, disable or disrupt the service of the
smart device ground control station then the attacker can
prevent completion of the mission. Successful attack to the
ground control station can occur through hardware, software
(operating system and software applications), and the
communication network. The section below describes the
Smart Device
GCS
Smart Device
Field Unit
Portable Cellular
Tower
724

4. vulnerabilities and threats to the smart device UAV ground
control station.
1) Hardware Vulnerabilities
Resources, also known as sensors, within the smart device
such as the camera, accelerometer, microphone, and GPS can
contain sensitive information that could be used by the
attacker to monitor, tap, or identify the location of the end
user. These vulnerabilities can be introduced through
malware software that entered through other software
vulnerabilities in the operating system or software applications
identified below, and through supply chain cyber security
risks. Supply chain cyber security risks are introduced by
hostile agents that purposefully install spyware in information
technology systems or alter circuitry with malicious firmware
that are later sold to government and big businesses [9]. Once
the electronic components are connected to the network, the
enemy can easily gain access to the network or even worse
gain control of the electronic device to spy or cause harm.
Many supply companies are transnational and mergers with
other companies make it virtually impossible to adopt
corporate ownership or control supply chain security.
Threats to the smart device ground control station hardware
include battery exhaustion, flooding, surveillance, and USB
attacks. Battery exhaustion attacks cause the battery to
discharge faster than normally to kill the smart device and
ultimately prevent the soldier from controlling the UAV or
dissemination of information. Flooding attacks disables the
smart device by overloading the device with numerous text
messages or incoming calls, preventing the soldier from
controlling the UAV or providing or receiving information
with the network. Surveillance attacks utilizes smart device
resources/sensors remotely to monitor communication and
soldier movement, allowing the attacker to identify the
location of the solider maneuvering the UAV and other
soldiers nearby placing them in danger of physical attack.
Lastly, USB attacks take advantage of synchronization and
data backup of the smart device done with an USB
connection; the USB connection can transfer malware
software into the network and allow visibility and access into
the network.
2) Software Vulnerabilities
Apple iOS is a propriety operating system that is developed
and distributed by Apple. All changes and updates to the
software are directly administered from Apple to the end users
to enhance the security of the smart devices. However Apple
smart devices can be “jailbroken,” whereby restrictions and
security measures can be removed to allow users to customize
the device and install software applications at their discretion.
All software applications that run on the Apple iOS operating
system are required to meet Apple specifications and must be
digitally signed by the approved developers. Software
applications can only be distributed through the Apple store.
Google Android is the most popular operating system with the
least security measures. Android is an open operating system,
whereby the software code is publicly available to allow
customization and modifications to meet the needs of the
various smart device types and communication carriers. The
open operating system has resulted in many variations of
Android smart phones and devices whereby different carriers
with identical phones may have different variations of the
operating system software. Software updates is a tedious
process whereby some phones may receive the updates while
others may not. Google updates are pushed to the end users at
the discretion of carrier and third party application developers;
depending on the complexity and time to make and test the
modifications to tailor to their devices the carrier or third party
software app developer may refuse to push the update to the
end user increasing vulnerability to the smart devices.
Android software applications must be digitally signed by the
developer responsible for its behavior. Software apps can be
distributed through Google Play and through third party
application marketplaces. Google Android allows anyone to
submit apps for download within Google Play without any
testing for quality or security, which introduces cyber security
vulnerabilities easily into the software database and Android
devices.
The mobile operating system is the heart of the smart device,
controlling the hardware resources and the software
applications. Infiltration into the operating system allows the
attacker to gain full control of all the hardware resources and
the software applications. Control of the operating system
will allow the attacker to manipulate the hardware resources
and make the smart device a monitoring device to capture
images and video, tap and record conversations, view sensitive
information and gain the location of the targeted individuals.
The software apps are crucial to the functionality of the smart
device ground control station, providing real-time avionics
flight display, navigation systems, system health monitoring
and prognostics display, graphical images and position
mapping, and inward data processing to control and operate
the UAV. Successful attack to the software apps could allow
the attacker to gain control of the UAV functionality and
access data gathered from the UAV putting targeted
individuals in physical harm.
The operating system of mobile devices mimics the operating
system of a personal computer, therefore security threats often
seen within personal computers are now being seen within
smart devices such as malware. Malware can be used to
disrupt, gather sensitive information or gain control of the
device. Common malware found in smart devices include
Trojan horse, botnet, worm, key loggers and rootkits.
Malware can also be implemented into software applications
to gain access to the operating system software. Other threats
to the software include phishing and data leakage. Phishing
attacks masquerades the hacker as a trusted party in the
network to gain access to sensitive information, this
725

5. information can lead to data leakage whereby unauthorized
transmission of sensitive data occurs.
3) Communication Network Vulnerabilities
Operation of the smart device ground control station will
require a communication network to be in place. In tactical
military environment most wireless network are established
with a stationary base station or movable base station, a high
bandwidth wired network backbone. In battlefield
environment, the stationary base station is an attractive target
and highly vulnerable to attack. Destruction of the stationary
base station will result in disruption to the communication
network. When this occurs, soldiers will create their own
wireless network or utilize commercial networks to continue
communication that may not be on a secure wireless network
and introduce vulnerabilities into the communications
network, attached devices and missions they support.
Attacks to the communication network can disrupt the
connection between the UAV and the smart device ground
control station and prevent operation and control of the UAV,
as well as dissemination of information between other end
users in the GCS network hub preventing mission completion.
Attacks to the network and devices can also result in
unintentional sharing of information to unauthorized parties
resulting in information collected from UAV surveillance
being used to counter attack soldiers in the battlefield.
Threats to the communication network include network
eavesdropping, spoofing, denial of service and jamming.
Network eavesdropping or sniffing captures and decodes
packets as transmitted over the network. Spoofing allows the
attacker or software to masquerade using false data to gain
access to the network. Denial of service or network
congestion overloads a link or node in the GCS hub network
with an extensive amount of data to reduce the quality of
network performance or cause denial of service. Lastly, a
jamming device can disrupt the communication between the
smart device GCS and UAV as well as other components in
the network, therefore preventing control of the UAV and the
dissemination of information within the network hub.
TABLE I. SMART DEVICE GROUND CONTROL STATION THREATS
C. Mitigation Techniques
Security mechanisms for securing the smart device ground
control station must be implemented based upon type of smart
device used. The differentiations between the Android and
Apple operating systems and variations of Android code and
devices make it impossible to define a one solution fits all
approach to security. As previously noted, Apple iOS is a
propriety operating system whereby all changes and updates to
the software is directly administered from Apple to the end
users to enhance the security of the smart devices. Therefore
modifications by the user to the Apple iOS operating system is
not a solution. Add-on applications by Apple will be required
to enhance the security of the device. Android is an open
operating system, security for Android devices can be
enhanced through system modification, system add-ons, and
add-on applications [17]. However, software solutions will
have to be developed based on the Android device, since all
Android devices are customized to fit device type and carrier.
1) Hardware Security
Threats to the ground control station smart device hardware
are mainly caused by malware introduced by internal and
external factors. The internal factors include the software
operating system and software apps, this can be mitigated with
access control and resource management. Access control
limits access to resources (such as the camera, GPS,
microphone, etc), services, and/or processes from malicious
software applications. Software applications often accesses
hardware resources within the smart device beyond what is
required for operation of the app, increasing vulnerability or
threat to the smart device GCS. Access control will only allow
the app to tap into the minimum resources needed. Resource
management monitors the availability and the state of the
resources to meet the needs of the users operation. Operation
of any resources not required for current operation will alert
the user that the smart device may be compromised. Other
internal factors are to supply chain risks whereby electronic
components used to build the hardware may be provided with
malware from foreign suppliers. Fuzz testing is a method
testing that is used to determine if there are security
vulnerabilities in software. Although fuzz testing can be used
to detect malware in foreign hardware components, malware
is often hard to detect and therefore the fuzz testing will not
guarantee detection of all malware [9].
External factors include connection external to devices and
physical access to the device. Malware can be stored on USB
and external hard drives. Connection to the smart device
hardware could introduce cyber threats to the ground control
station. The hardware can be protected using anti-virus
software, which will immediately detect and remove malicious
malware. Enemies can easily gain physical access to the
smart device ground control station in a dangerous battlefield
environment; a soldier under heavy fire may lose, drop or
even damage the device and leave it behind in a life and death
situation. The device can then be tampered and analyzed to
gain access to sensitive information stored in the memory.
Confidentiality Integrity Availability
Battery Exhaustion X
Flooding X X
Surveillance X X
USB X X
Malware X X X
Phising X X
Data Leakage X
Eavesdropping X
Spoofing X X
Denial of Service X
Jamming X
Vulnerabilities Threat
Security Objectives
Hardware
Software
Communication
Network
726

6. Security mechanisms such as authentication, encryption and
remote wipe can be used to protect unauthorized access to
classified and sensitive information. Authentication limits
access and privileges to authorized parties and detects and
prevents access to unauthorized parties. This can be achieved
with passwords and screen lock codes, however use of these
mechanisms can hinder quick response and performance of
soldiers using the devices in the battlefield. Encryption
encodes data to prevent disclosure of sensitive or classified
data to unauthorized parties. Encryption can protect data at
rest (i.e. files, memory, USB flash drives, etc) when physical
security fails. Although encryption is ideal for battlefield
environments, encryption can impact performance of the
device, drain the battery and restrict operational use of the
smart device GCS [44]. Remote wipe allows the smart device
GCS to be commanded remotely to reset or erase stored data if
the device were to be found in an unauthorized user’s
possession. However, the security mechanism can be avoided
by removing the battery or memory card prior to receiving the
remote wipe command.
2) Application and Operating Software Security
Malicious malware is the most common threat found in the
operating system software and software applications.
Malware could have major consequences if the malware isn’t
detected immediately. The smart device GCS can be protected
using antivirus and firewall software. Antivirus software can
prevent, detect, and remove malware from software
applications and the operating system software. A firewall
can be used to prevent unauthorized access to and from the
smart device GCS, as well as, prevent access to unauthorized,
untrusted wireless networks. Although the smart devices will
be used primarily as an UAV ground control station, soldiers
may be tempted to access personal email and social networks,
and even contact family and friends via phone or text
messages in their free time introducing threats such as spam
and phishing. Spam filters can be used to prevent receipt of
spam from unwanted parties via multimedia message service,
text messaging, emails, and calls.
Software applications have been created to provide
functionalities to the smart device to mimic the functionality
and data required for a traditional UAV ground control station.
Software apps downloaded to the smart device are an easy
target to cyber security attacks and therefore must be protected
with security mechanisms such as app certification or
signature and pre-testing. Application signatures should be
used to ensure that the software is from a trusted source and
has not been tampered. Pre-testing the software apps ensures
that only secure apps are uploaded into the software app
database, by detecting malicious malware prior to use in the
battlefield.
Vulnerabilities to both the software operating system and
software apps can be mitigated by providing regular updates
to the operating system and software applications. Software
updates ensures that software fixes to vulnerabilities found in
the software are incorporated into the device and are operating
securely.
3) Network Security
Many attacks to the UAV smart device ground control station
are a result of deficiencies in the network security. Flooding,
jamming, and denial of service attacks can be mitigated with
bandwidth allocation. Bandwidth allocation sets the
bandwidth usage limits for the smart device to prevent
excessive connection request attacks. Eavesdropping and data
leakage can be prevented with a secure encrypted network.
Encryption encodes data to prevent disclosure of sensitive data
to unauthorized parties. Encryption can protect data in transit
via shared networks. The UAV ground control station
software will require access to the network, but other software
apps that may support the military operations may not require
consistent access to the network. Software apps can be
managed with filters to adjust the bandwidth availability to
software applications as needed to balance network resources
and reduce network attacks to software apps.
Availability of the network to support numerous smart devices
on an encrypted, wireless network in a remote environment is
a major obstacle. The technology currently being used is out
of date and is the first target in a battlefield. Soldiers may be
required to tap into commercial, unsecured networks to
operate software applications. Other potential options include
using satellite communication however, satellite
communication links are extremely expensive to use.
VII. CONCLUSION
This paper has explored the government’s motivation to
transition smart devices into the battlefield as a portable, hand-
held UAV ground control station and the security
vulnerabilities that have been introduced from the lack of
security assessment. A threat model was developed to analyze
the threat profile of the UAV smart device GCS; focusing on
vulnerabilities within the smart devices hardware, the
software, and the communication network.
In summary, threats to the hardware are mainly introduced
through physical connection to tampered devices, and
malware from software applications and network connections.
The smart device hardware resources can be manipulated by
malware to monitor soldiers’ communication and movement.
The software operating system and software applications are
crucial to the functionality of the UAV smart device GCS. If
the software isn’t properly protected from malware threats the
consequences could be significant. The operating system
must be protected with regular updates and antivirus software.
Software applications must be tested for vulnerabilities and
updated regularly to ensure security. The communication
network is major area of vulnerability, deficiencies in this area
can lead to many of the attacks identified within software and
hardware vulnerabilities. Availability of the network is also a
major concern for battlefield operations in remote locations
and is easily one of the biggest targets in the field.
727

7. VIII. REFERENCES
[1] Bhusari, M. V. K. and M. A. M. Sahu "Smartphone Attacks and
Security Challenges."
[2] Blackhurst, R. (2012). "The air force men who fly drones in Afghanistan
by remote control." Retrieved 3/21/2013, 2013, from
http://www.telegraph.co.uk/news/uknews/defence/9552547/The-air-
force-men-who-fly-drones-in-Afghanistan-by-remote-control.html.
[3] Borg, S. "Securing the Supply Chain for Electronic Equipment: A
Strategy and Framework." Retrieved 5/24/13, 2013, from
http://www.whitehouse.gov/files/documents/cyber/ISA%20-
%20Securing%20the%20Supply%20Chain%20for%20Electronic%20E
quipment.pdf.
[4] Brewin, B. (2012). "Pentagon expects to soon clear Apple, Android
devices." Retrieved 3/20/13, 2013, from
http://www.nextgov.com/mobile/2012/02/pentagon-expects-to-soon-
clear-apple-android-devices/50621/.
[5] Dalton, W. (2012). "RIM's BlackBerry phones may lose public sector
monopoly." Retrieved 5/24/13, 2013, from
http://www.itproportal.com/2012/08/24/rims-blackberry-phones-may-
lose-public-sector-monopoly-/.
[6] Delac, G., et al. (2011). Emerging security threats for mobile platforms.
MIPRO, 2011 Proceedings of the 34th International Convention, IEEE.
[7] Do, T. D., et al. (2013). Ground System Software for Unmanned Aerial
Vehicles on Android Device. World Academy of Science, Engineering
and Technology. 74: 718-723.
[8] Dysart, J. (2012). "Smart phones pose emerging security threat."
Retrieved 5/24/13, 2013, from
http://defensesystems.com/articles/2012/02/08/cyber-defense-data-in-
motion-security.aspx.
[9] Goodwin, B. (2013). "IT manufacturers fight cyber espionage risks in
the supply chain." Retrieved 5/24/13, 2013, from
http://www.computerweekly.com/news/2240181320/IT-manfucturers-
tackle-cyber-espionage-risks-in-the-supply-chain.
[10] Gorman, S., et al. (2009). Insurgents Hack U.S. Drones. The Wall Street
Journal. WSJ.com.
[11] Grimes, R. A. (2010). "Androids and iPads: Network security's last
stand?". Retrieved 3/22/13, 2013, from
http://www.infoworld.com/d/security-central/androids-and-ipads-
network-securitys-last-stand-941.
[12] Guo, C., et al. (2004). Smart-phone attacks and defenses. HotNets III.
[13] Hamblen, M. (2011). "iPads, Android tablets and smartphones join the
military." Retrieved 3/21/13, 2013, from
http://www.computerworld.com/s/article/9214624/iPads_Android_tablet
s_and_smartphones_join_the_military.
[14] Hawkins Jr., R. D. (2012). Defense Information Systems Agency
Strategic Plan 2013-2018. D. I. S. Agency. DISA, Defense Information
Systems Agency. 1.
[15] Hennigan, W. J. (2011). "Taking iPads into Battle." Retrieved 3/21/13,
2013, from http://articles.latimes.com/2011/sep/25/business/la-fi-
isoldiers-20110926.
[16] Hoover, J. N. (2012). "DOD Pushes Military's Mobile Strategy
Forward." Retrieved 3/26/13, 2013, from
http://www.informationweek.com/government/mobile/dod-pushes-
militarys-mobile-strategy-for/240010603.
[17] Jeon, W., et al. (2011). A practical analysis of smartphone security.
Human Interface and the Management of Information. Interacting with
Information, Springer: 311-320.
[18] Kilpeläinen, R. (2011). "Privacy and Security of Smartphone Platforms."
Institute of Media Informatics Ulm University: 69.
[19] Krishnan, P., et al. "Applying Assurance Techniques to a Mobile Phone
Application."
[20] Landry, R. "Overview of Current Issues and Concerns in Regards to
Mobile Devices."
[21] Leavitt, N. (2011). "Mobile security: Finally a serious problem?"
Computer 44(6): 11-14.
[22] Mansfield-Devine, S. (2012). "Android architecture: attacking the weak
points." Network Security 2012(10): 5-12.
[23] Markelj, B. and I. Bernik (2012). "Mobile devices and corporate data
security." International Journal of Education and Information
Technologies 6(1): 97-104.
[24] McGarry, B. (2013). "Pentagon Will Open Networks to Apple, Google
Devices in 2014." Retrieved 3/21/13, 2013, from
http://www.bloomberg.com/news/2013-02-26/pentagon-will-open-
networks-to-apple-google-devices-in-2014.html.
[25] McHale, J. (2010, 6/18/2010). "Ground control stations for unmanned
aerial vehicles (UAVs) are becoming networking-hub cockpits on the
ground for U.S. unmanned forces." Retrieved 3/21/13, 2013, from
http://www.militaryaerospace.com/articles/2010/06/ground-control-
stations.html.
[26] Miller, C. (2011). "Mobile attacks and defense." Security & Privacy,
IEEE 9(4): 68-70.
[27] Mitchell, C. "The cyber crime threat on mobile devices."
[28] Munoz, C. (2012). "Report: DOD opens door to Apple, Android-built
systems." Retrieved 3/21/13, 2013, from http://thehill.com/blogs/defcon-
hill/industry/265395-report-dod-opens-door-to-apple-android-built-
systems.
[29] Nguyen, T. C. (2011). "U.S. military enlists smartphones, iPads."
Retrieved 3/21/13, 2013, from
http://www.smartplanet.com/blog/thinking-tech/us-military-enlists-
smartphones-ipads/6589.
[30] Nguyen, T. C. (2011, 10/11/11). "Virus attacks military drones, exposes
vulnerabilities." Retrieved 6/7/13, 2013, from
http://www.smartplanet.com/blog/thinking-tech/virus-attacks-military-
drones-exposes-vulnerabilities/8858.
[31] Nguyen, T. C. (2012). "How college students hijacked a government spy
drone." Retrieved 6/7/13, 2013, from
http://www.smartplanet.com/blog/thinking-tech/how-college-students-
hijacked-a-government-spy-drone/12214.
[32] Officer, D. C. I. (2012). Department of Defense Mobile Device Strategy.
D. o. Defense. DODCIO. 2.
[33] Oh, T., et al. (2012). Best security practices for android, blackberry, and
iOS. Enabling Technologies for Smartphone and Internet of Things
(ETSIoT), 2012 First IEEE Workshop on, IEEE.
[34] O'Sullivan, J. P. (2001). "Potential Vulnerabilities of a USMC Tactical
Wireless Local Area Network."
[35] Paganini, P. (2013, 6/4/13). "Hacking Drones ... Overview of the Main
Threats." Retrieved 6/7/13, 2013, from
http://resources.infosecinstitute.com/hacking-drones-overview-of-the-
main-threats/.
[36] Rose, C. (2011). "Smart Phone, Dumb Security." Review of Business
Information Systems (RBIS) 16(1): 21-26.
[37] Shabtai, A., et al. (2010). "Google android: A comprehensive security
assessment." Security & Privacy, IEEE 8(2): 35-44.
[38] Sharma, R. "Study of Latest Emerging Trends on Cyber Security and its
challenges to Society."
[39] Souppaya, M. and K. Scarfone (2012). Guidelines for Managing and
Securing Mobile Devices in the Enterprise (Draft). N. I. o. S. a. T. U. S.
D. o. Commerce. NIST.
[40] Stammberger, K. (2009). "Current trends in cyber attacks on mobile and
embedded systems." Embedded Computing Design 7(5): 8-12.
[41] Stites, D. and A. Tadimalla (2011). "A survey of mobile device security:
threats, vulnerabilities and defenses." Retrieved 3/22/13, 2013, from
afewguyscoding.com/wp.../A-Survey-on-Mobile-Device-Security.pdf.
[42] Suri, N., et al. (2011). Infrastructure, middleware, and applications for
portable cellular devices in tactical edge networks. Military
Communications Conference, 2011-MILCOM 2011, IEEE.
[43] Theoharidou, M., et al. (2012). A risk assessment method for
smartphones. Information Security and Privacy Research, Springer: 443-
456.
[44] Wang, Y., et al. (2012). "Smartphone Security Challenges" Computer
45(12): 52-58.
[45] Wilshusen, G. C. (2012). Informatin Security Better Implementation of
Controls for Mobile Devices Should Be Encouraged. U. S. G. A. Office.
GAO.
[46] Wright, J., et al. "Cyber Security And Mobile Threats: The Need For
Antivirus Applications For Smart Phones."
Yi, L., et al. (2003). "Secure wireless network with movable base stations."
IEICE transactions on communications 86(10): 2922-2930.
728