TA004 Execution · T004.005 — Technique
AI and ML Model Exploitation
Corruption or adversarial manipulation of onboard AI models used for autonomous navigation or swarm coordination.
Sub-techniques (4)
- Training data poisoning
- Adversarial input injection at inference
- Model weight corruption
- Swarm consensus algorithm manipulation
Applicable countermeasures
CM-001 Encrypted and Authenticated C2 Link
All C2 communications between GCS and drone must use mutual-authentication encryption (AES-256 minimum) with replay protection.
NIST SP 800-53 SC-8 · DO-326A Sec 6.2 · EUROCAE ED-202A · STANAG 4586
CM-006 Onboard Behavioral Anomaly Detection
Real-time monitoring of flight control inputs, sensor streams, and communication patterns for spoofing, injection, or hijacking indicators.
NIST SP 800-53 SI-4 · DO-178C · IEC 62443-3-3 SR 6.1 · MITRE ATT&CK for ICS
CM-011 Tamper-Resistant Geofencing
Open in the interactive matrix
Cryptographically signed geofence zone definitions with hardware-enforced boundaries that cannot be overridden by software command.
EU Reg. 2019/945 · FAA Part 107 · ASTM F3322 · NIST SP 800-53 SI-10