Context Information Security has developed a lightweight, low-cost drone detection system capable of detecting drones being used for surveillance, smuggling and drone enabled cyber-attacks against wireless networks. The scalable, solar-powered COPTHORNE system is a passive, cloud-based sensor network, capable of detecting drones and their controllers within or around restricted areas.
Context, a specialist cyber security consultancy, has been investing in cost-effective drone detection technology over the last few years to develop a smaller and significantly cheaper solution compared to other available systems. COPTHORNE is designed to help smaller organisations and individuals to detect unwanted drone activity in and around their premises and even on the move, due to its low size, weight and power (SWaP) requirements.
The innovative scanner looks for radio frequency signals in bands used by drones. With hardware-accelerated processing and nano-second precision, it can discriminate a drone from benign wireless signals at a range up to two kilometres, even in noisy radio environments. Geo-location is performed once the signal is within range of two or more radios with the accuracy determined by the number of radios and local environment. Signal metadata is reported to a cloud-based server via a secure cellular VPN where it is analyzed and the results checked against user defined rules. Alerts are then sent in real-time via a variety of channels. For a football stadium, for example, that could be as simple as messaging an on-site police officer so the pilot can be quickly located and the drone threat neutralised.
A proprietary profiling algorithm enables precision fingerprinting as to the type of signal and any known hardware associated with it. The system can even distinguish between different models of drones and controllers from the same manufacturer and recognize frequency-agile encrypted video downlinks.
Using GPS, COPTHORNE is scalable, location-agile and easy to deploy, even allowing the creation of ‘virtual fences’ around sports stadiums or outdoor events, for example. The system can also be used indoors to locate rogue wireless devices at short range, such as mobile phones or wearables within a high security room, for example.
A post-incident forensics interface enables the sharing of signal metadata for incident forensics to confirm or deny the presence of a recovered device based upon its radio footprint. System integration is enabled via a plugin framework with support for SMS, Telegram, Google Earth, XML, CSV and KML. With very low bandwidth requirements, the system can be deployed over IP radio, PoE/LAN or cellular. The server and interface also have a lightweight footprint and can be deployed on a single laptop for mobile events.
Alex Farrant, Senior Researcher at Context, said: “The arms race in the proliferation of drone-enabled cyber warfare shows no signs of slowing and despite military drones posing the most obvious potent threat, the much more common one is that posed by consumer drones which can be purchased in a store. COPTHORNE offers a cost-effective countermeasure for businesses and individuals to protect their information, assets and events from rogue drones.”
Following a successful two month field trial in inclement weather, COPTHORNE is scheduled for standards-based testing and is forecast to be available early in early 2020 via channel partners.
Context Information Security is a leading technical cyber security consultancy with offices in the US, UK, Germany and Australia. Through its advanced adversary simulation and penetration testing, Context helps organisations to test their cyber security strategies against real world attacks. Established in 1998 and with offices worldwide, Context is perfectly placed to help even the most mature organisations improve their capability to prevent, detect and respond to sophisticated threats. Context’s client base includes some of the world’s leading blue-chip companies, alongside public sector and government organisations, for technical assurance, incident response and investigation services. An exceptional level of technical expertise and detailed methodology underpin all Context services and help clients to attain a deeper understanding of security vulnerabilities, threats and incidents.
For more information, visit www.contextis.com