In recent years, Unmanned Aerial Vehicles (UAVs) (also called drones) networks have become increasingly popular in scenarios where rapid deployment, flexible mobility, and real-time data acquisition are crucial, such as disaster relief, environmental monitoring, military operations, and smart city infrastructure. However, due to their dynamic nature and dependence on wireless communication, they are intrinsically vulnerable to a variety of cyberattacks. In this work, we present DRUID, a decentralized scheme for silently identifying a compromised drone that selectively alters the messages it forwards. The scheme uses a combination of secret sharing and multipath routing to allow a pair of communicating drones, namely A and B, to detect the presence of a compromised drone along any route between them, thereby categorizing each route as either safe or compromised. The scheme operates iteratively and consists of three key modules: (i) an Information Retrieval Procedure that allows to learn more about the topology, (ii) a binary search-like Identification Procedure, and (iii) if the previous module fails to identify the compromised drone, a Node Repositioning Procedure that relocates nodes closer to the compromised path. We validate DRUID on a large and diverse set of 178731 graphs representing realistic UAV networks with different communication ranges. Comparing our scheme to previous work, experiments show that DRUID achieves a 97 % identification rateāup from the 54 % of the most recent alternative approach. We analyze the cost associated with the node repositioning procedure in terms of computation time and drone movement, and show that it generally takes a few seconds.
