Optimising C-UAS Countermeasures for Use Against Swarming UAS Threat

Abstract

The spread of commercially available off-the-shelf (COTS) unmanned aerial vehicles (UAVs) alongside technological advancements has unlocked countless opportunities. But, regrettably, it has also paved the way for malicious applications, be it using a single or swarms of UAVs. A counter unmanned aircraft system (C-UAS) is employed to disrupt these applications. But, unfortunately, CUAS and the research around it has not evolved at the same speed as UAVs do. Moreover, the literature notably lacks methods that quantify the effectiveness of C-UAS countermeasures. The primary aim of this thesis was to formally quantify the effectiveness of C-UAS countermeasures, namely cyber effectors, i.e., jamming, spoofing, man in-the-middle (MITM), and denial-of-service (DoS). The outcome can be further utilised to reason about cyber countermeasures effectiveness and to optimise CUAS strategies. To achieve this, a Markov decision process (MDP) probabilistic model was formulated and implemented in a probabilistic model checker called PRISM. The model is formed using smaller models that represented each effector. The wellknown Common Vulnerability Scoring System (CVSS) was used to calculate some of the transition probabilities of the MDP model. Interferences amongst effectors and the relationship between the effector’s distance to the target and its effectiveness were considered to capture real-world behaviour. Effectors performances were quantified using PRISM properties in four case studies. The key findings were that the model could predict the expected behaviour with a 0.02% root-mean-square error (RMSE). Secondly, interfering effectors, i.e., jamming and DoS, use must be bounded; otherwise, they will make other effectors redundant. Thirdly, non-interfering effectors like MITM and spoofing are more promising when used against swarming attacks because they can be deployed at the same location without degrading the performance of other effectors. Finally, even though the kill probability functions of effectors were found ii submodular, they need to be taken in complete practical scenarios before optimisation.