This paper explores the critical issue of enhancing cybersecurity measures for low-cost, Wi-Fi-based Unmanned Aerial Vehicles (UAVs) against Distributed Denial of Service (DDoS) attacks. In the current work, we have explored three variants of DDoS attacks, namely Transmission Control Protocol (TCP), Internet Control Message Protocol (ICMP), and TCP + ICMP flooding attacks, and developed a detection mechanism that runs on the companion computer of the UAV system. As a part of the detection mechanism, we have evaluated various machine learning, and deep learning algorithms, such as XGBoost, Isolation Forest, Long Short-Term Memory (LSTM), Bidirectional-LSTM (Bi-LSTM), LSTM with attention, Bi-LSTM with attention, and Time Series Transformer (TST) in terms of various classification metrics. Our evaluation reveals that algorithms with attention mechanisms outperform their counterparts in general, and TST stands out as the most efficient model with a run time of 0.1 seconds. TST has demonstrated an F1 score of 0.999, 0.997, and 0.943 for TCP, ICMP, and TCP + ICMP flooding attacks respectively. In this work, we present the necessary steps required to build an on-board DDoS detection mechanism. Further, we also present the ablation study to identify the best TST hyperparameters for DDoS detection, and we have also underscored the advantage of adapting learnable positional embeddings in TST for DDoS detection with an improvement in F1 score from 0.94 to 0.99.

翻译：本文探讨了针对低成本、基于Wi-Fi的无人机（UAV）增强其抵御分布式拒绝服务（DDoS）攻击的网络安全措施这一关键问题。在当前工作中，我们探索了三种DDoS攻击变体，即传输控制协议（TCP）洪水攻击、互联网控制消息协议（ICMP）洪水攻击以及TCP+ICMP混合洪水攻击，并开发了一种运行于无人机系统伴生计算机上的检测机制。作为该检测机制的一部分，我们评估了多种机器学习和深度学习算法，例如XGBoost、孤立森林、长短期记忆网络（LSTM）、双向LSTM（Bi-LSTM）、带注意力机制的LSTM、带注意力机制的Bi-LSTM以及时间序列Transformer（TST），并基于多种分类指标进行了比较。我们的评估表明，集成注意力机制的算法总体上表现更优，其中TST以0.1秒的运行时间成为最高效的模型。TST针对TCP、ICMP以及TCP+ICMP洪水攻击分别取得了0.999、0.997和0.943的F1分数。本工作详细阐述了构建机载DDoS检测机制所需的关键步骤。此外，我们还通过消融实验确定了用于DDoS检测的最佳TST超参数，并强调了在TST中采用可学习位置嵌入对于DDoS检测的优势——该改进将F1分数从0.94提升至0.99。