Drone demo shows it’s possible to protect 5G-managed devices from DDoS, exfiltration attacks

Using software developed by the Open Networking Foundation, Stanford researchers thwart wireless attacks in less than a second.

A demonstration earlier this year at Stanford School of Engineering proved that a small fleet of computer-controlled drones can maintain their flight integrity in the face of continual cyberattacks on the 5G network used to manage the devices through the deployment of software-defined networking (SDN).

For enterprise IT pros charged with securing devices wirelessly across a 5G network, the drone test results are promising evidence that SDN can help networks under cyberattack to recover almost instantaneously.

Dubbed Project Pronto, the ongoing research is designed to show how devices such as autonomous motor vehicles, planes and trains can be operated securely and reliably across wireless 5G networks. Given the potentially disastrous consequences of large wireless devices being hacked while traveling at high speeds or elevations, vulnerabilities that could endanger lives must be addressed before such devices are widely deployed.

The larger goal of Project Pronto is to leverage 5G as a distributed edge computing cloud-based platform that facilitate innovation and competitive advantage through deep and wide network visibility, verification and closed-loop control. Nick McKeown, a professor of electrical engineering and computer science at Stanford, heads the project.

SDN was developed in 2008 as a result of a collaboration between McKeown’s Stanford research team and a team for the University of California at Berkeley. As the Stanford engineering department’s magazine explains, “SDN is a simplified approach to traditional ‘black box’ proprietary networking that decouples a network’s data and routing functions for faster, easier reconfiguration on the fly.”

As the drone demonstration showed, applying advanced SDN techniques enables networks running on 5G to recover from a cyberattack in less than one second, preventing disruptions in operations and failure, by protecting wireless devices with a “shield” that deploys almost instantaneously.

This video of the drone demonstration by the the Open Networking Foundation’s (ONF) Oguz Sunay, shows two different types of attacks on five drones flying in formation. A Denial of Service (DoS) attack was able to cause the drones to act erratically and fly out of formation. But when the researchers activated path verification, the attacker’s disruptive packets were blocked, allowing the drones to continue flying in coordination and without disruption. In a test against exfiltration attacks that enable attackers to precisely monitor drone locations, researchers proved that turning on path verification prevents packets that reveal the location of drones from reaching the attacker.

Beyond protecting drones in lab experiments, one of Pronto’s underpinnings has been adopted by a startup called Ananki that’s using it to offer private 5G cellular as a service. That technology, called Aether by the ONF that developed it and Pronto, is an open-source private 4G/5G-connected-edge cloud-as-a-service platform. The ONF’s executive director, Guru Parulkar, is the company’s CEO.

Stanford, Cornell University, Princeton University and the ONF are collaborating on Pronto, which is funded in part by a $30 million grant from the Defense Advanced Research Projects Agency (DARPA).

Here’s a good presentatio by McKeown delving into detail about Project Pronto.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Related:

Copyright © 2021 IDG Communications, Inc.

SD-WAN buyers guide: Key questions to ask vendors (and yourself)