COPTHORNE detects malicious drone activity including drone enabled cyber attacks
15 November 2019: Context Information Security has developed a lightweight, low-cost drone detection system capable of detecting drones being used for surveillance, smuggling and drone enabled cyber-attacks against wireless networks. The scalable, solar-powered COPTHORNE system is a passive, cloud-based sensor network, capable of detecting drones and their controllers within or around restricted areas.
Context, a specialist cyber security consultancy, has been investing in cost-effective drone detection technology over the last few years to develop a smaller and significantly cheaper solution compared to other available systems. COPTHORNE is designed to help smaller organisations and individuals to detect unwanted drone activity in and around their premises and even on the move, due to its low size, weight and power (SWaP) requirements.
The innovative scanner looks for radio frequency signals in bands used by drones. With hardware accelerated processing and nano-second precision it can discriminate a drone from benign wireless signals at a range up to two kilometres, even in noisy radio environments. Geo-location is performed once the signal is within range of two or more radios with the accuracy determined by the number of radios and local environment. Signal metadata is reported to a cloud-based server via a secure cellular VPN where it is analysed and the results checked against user defined rules. Alerts are then sent in real-time via a variety of channels. For a football stadium, for example, that could be as simple as messaging an on-site police officer so the pilot can be quickly located and the drone threat neutralised.
A proprietary profiling algorithm enables precision fingerprinting as to the type of signal and any known hardware associated with it. The system can even distinguish between different models of drones and controllers from the same manufacturer and recognise frequency-agile encrypted video downlinks.
Using GPS, COPTHORNE is scalable, location agile and easy to deploy, even allowing the creation of ‘virtual fences’ around sports stadiums or outdoor events, for example. The system can also be used indoors to locate rogue wireless devices at short range, such as mobile phones or wearables within a high security room for example.
A post-incident forensics interface enables the sharing of signal metadata for incident forensics to confirm or deny the presence of a recovered device based upon its radio footprint. System integration is enabled via a plugin framework with support for SMS, Telegram, Google Earth, XML, CSV and KML. With very low bandwidth requirements, the system can be deployed over IP radio, PoE/LAN or cellular. The server and interface also have a lightweight footprint and can be deployed on a single laptop for mobile events.
Alex Farrant, Senior Researcher at Context, said: “The arms race in the proliferation of drone-enabled cyber warfare shows no signs of slowing and despite military drones posing the most obvious potent threat, the much more common one is that posed by consumer drones which can be purchased in a supermarket. COPTHORNE offers a cost-effective countermeasure for businesses and individuals to protect their information, assets and events from rogue drones.”
Following a successful two month field trial in inclement weather, COPTHORNE is scheduled for standards-based testing and is forecast to be available early in early 2020 via channel partners. Context Information Security Ltd is a CAA certified PfCO drone operator, (ID 10254) which falls in line with this week’s new government regulations over the owning and usage of drones.