ICCK Transactions on Cybersecurity Home About Editors Current Issue
-
CiteScore
-
Impact Factor
  1. Home
  2. Journals
  3. ICCK Transactions on Cybersecurity
  4. Volume 1, Issue 1
USVScout: Detecting Security Vulnerabilities in USV-based Marine Applications
Research Article | Published: 01 September 2025
ICCK Transactions on Cybersecurity Volume 1, Issue 1, 2025: 17-34
Volume 1, Issue 1, ICCK Transactions on Cybersecurity
Volume 1, Issue 1, 2025
Submit Manuscript Edit a Special Issue
Article QR Code
Article QR Code
Scan the QR code for reading
Popular articles
Case Studies on Integrating Artificial Intelligence in Finance to Transform Decision Making and Risk Management for Enhanced Financial Outcomes Research on A Ship Trajectory Classification Method Based on Deep Learning Bridging Modalities: A Survey of Cross-Modal Image-Text Retrieval A Mimic Fusion Algorithm for Dual Channel Video Based on Possibility Distribution Synthesis Theory YOLOv7-Bw: A Dense Small Object Efficient Detector Based on Remote Sensing Image Deep Prediction Network Based on Covariance Intersection Fusion for Sensor Data Enhancing Fake News Detection with a Hybrid NLP-Machine Learning Framework Visual Feature Extraction and Tracking Method Based on Corner Flow Detection Inaugural Editorial of the Chinese Journal of Information Fusion YOLOv8-Lite: A Lightweight Object Detection Model for Real-time Autonomous Driving Systems
ICCK Transactions on Cybersecurity, Volume 1, Issue 1, 2025: 17-34

Research Article | 01 September 2025
USVScout: Detecting Security Vulnerabilities in USV-based Marine Applications
by
Shihao Zhou Shihao Zhou 1 *
1 Three Gorges Navigation Authority, Yichang, China
* Corresponding Author: Shihao Zhou, [email protected]
DOI: 10.62762/TC.2025.281528
Received: 21 June 2025, Accepted: 10 July 2025, Published: 01 September 2025  
Article Metrics Cite This Article
Abstract
With the deep integration of artificial intelligence (AI) and Internet of Things (IoT) technologies, the maritime transportation industry is undergoing profound changes, and the application scenarios of unmanned surface vehicles (USVs) are constantly expanding. Aiming at the security threats faced by USV application systems, this paper proposes a new threat model for ship communication protocols and service logics, and the system covers the potential adversarial entity attack paths in application program logics and communication protocols. Based on this model, the automated security inspection framework USVScout was designed and implemented. By parsing the source code of the application program, the security analysis was formalized as an attribute verification task under the standard computing model, significantly improving the systematicness and accuracy of the detection. The experimental results show that in three real Marine application scenarios, USVScout successfully identified new types of vulnerabilities that static analysis tools failed to detect, and it can achieve sub-second real-time detection of 12 types of vulnerability patterns on an ordinary laptop, verifying the significant advantages of the method in terms of security and efficiency. The threat modeling and automated detection framework proposed in this paper provides technical support for ship network attack and defense drills and lays the foundation for building an intelligent and secure maritime transportation system.
Graphical Abstract
USVScout: Detecting Security Vulnerabilities in USV-based Marine Applications
Keywords
USVScout
threat modeling
automated security inspection
maritime transportation
Data Availability Statement
Data will be made available on request.
Funding
This work was supported without any funding.
Conflicts of Interest
Shihao Zhou is an employee of Three Gorges Navigation Authority, Yichang, China.
Ethical Approval and Consent to Participate
Not applicable.
References
  1. Gallego, A. J., Pertusa, A., Gil, P., & Fisher, R. B. (2019). Detection of bodies in maritime rescue operations using unmanned aerial vehicles with multispectral cameras. Journal of Field Robotics, 36(4), 782-796.
    [CrossRef]   [Google Scholar]
  2. Specht, M. (2024). Methodology for performing bathymetric and photogrammetric measurements using UAV and USV vehicles in the coastal zone. Remote Sensing, 16(17), 3328.
    [CrossRef]   [Google Scholar]
  3. Jung, S., Cho, H., Kim, D., Kim, K., Han, J. I., & Myung, H. (2017). Development of algal bloom removal system using unmanned aerial vehicle and surface vehicle. IEEE Access, 5, 22166-22176.
    [CrossRef]   [Google Scholar]
  4. Li, W., Ge, Y., Guan, Z., & Ye, G. (2022). Synchronized motion-Based UAV–USV cooperative autonomous landing. Journal of Marine Science and Engineering, 10(9), 1214.
    [CrossRef]   [Google Scholar]
  5. de Carnavalet, X. D. C., & Mannan, M. (2016, February). Killed by proxy: Analyzing client-end TLS interception software. In Network and Distributed System Security Symposium (pp. 21-24). http://dx.doi.org/10.14722/ndss.2016.23374
    [Google Scholar]
  6. Zainudin, A., Putra, M. A. P., Alief, R. N., Kim, D. S., & Lee, J. M. (2024, June). Blockchain-aided collaborative threat detection for securing digital twin-based IIoT networks. In ICC 2024-IEEE International Conference on Communications (pp. 4656-4661). IEEE.
    [CrossRef]   [Google Scholar]
  7. Jia, Y., Yuan, B., Xing, L., Zhao, D., Zhang, Y., Wang, X., ... & Jin, H. (2021, November). Who's in control? on security risks of disjointed IoT device management channels. In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security (pp. 1289-1305).
    [CrossRef]   [Google Scholar]
  8. Wang, Q., Ji, S., Tian, Y., Zhang, X., Zhao, B., Kan, Y., ... & Beyah, R. (2021). {MPInspector: A systematic and automatic approach for evaluating the security of {IoT messaging protocols. In 30th USENIX Security Symposium (USENIX Security 21) (pp. 4205-4222).
    [Google Scholar]
  9. Wang, M., Tian, C., Zhang, N., Duan, Z., & Yao, C. (2020). Translating Xd-C programs to MSVL programs. Theoretical Computer Science, 809, 430-465.
    [CrossRef]   [Google Scholar]
  10. Li, Y., & Li, L. (2012). Model checking of linear-time properties based on possibility measure. IEEE Transactions on Fuzzy systems, 21(5), 842-854.
    [CrossRef]   [Google Scholar]
  11. Celik, Z. B., McDaniel, P., & Tan, G. (2018). Soteria: Automated {IoT safety and security analysis. In 2018 USENIX annual technical conference (USENIX ATC 18) (pp. 147-158).
    [Google Scholar]
  12. Wang, Q., Datta, P., Yang, W., Liu, S., Bates, A., & Gunter, C. A. (2019, November). Charting the attack surface of trigger-action IoT platforms. In Proceedings of the 2019 ACM SIGSAC conference on computer and communications security (pp. 1439-1453).
    [CrossRef]   [Google Scholar]
  13. Celik, Z. B., Tan, G., & McDaniel, P. (2019). IOTGUARD: Dynamic Enforcement of Security and Safety Policy in Commodity IoT. In 26th Annual Network and Distributed System Security Symposium, NDSS 2019. The Internet Society. https://dx.doi.org/10.14722/ndss.2019.23326
    [Google Scholar]
  14. Yuan, B., Wu, Y., Yang, M., Xing, L., Wang, X., Zou, D., & Jin, H. (2022). Smartpatch: Verifying the authenticity of the trigger-event in the iot platform. IEEE Transactions on Dependable and Secure Computing, 20(2), 1656-1674.
    [CrossRef]   [Google Scholar]
  15. Tam, K., & Jones, K. (2018, June). Cyber-risk assessment for autonomous ships. In 2018 international conference on cyber security and protection of digital services (cyber security) (pp. 1-8). IEEE.
    [CrossRef]   [Google Scholar]
  16. Akpan, F., Bendiab, G., Shiaeles, S., Karamperidis, S., & Michaloliakos, M. (2022). Cybersecurity challenges in the maritime sector. Network, 2(1), 123-138.
    [CrossRef]   [Google Scholar]
  17. Caprolu, M., Di Pietro, R., Raponi, S., Sciancalepore, S., & Tedeschi, P. (2020). Vessels cybersecurity: Issues, challenges, and the road ahead. IEEE Communications Magazine, 58(6), 90-96.
    [CrossRef]   [Google Scholar]
  18. Radoš, K., Brkić, M., & Begušić, D. (2024). Recent advances on jamming and spoofing detection in GNSS. Sensors, 24(13), 4210.
    [CrossRef]   [Google Scholar]
  19. Aslam, S., Michaelides, M. P., & Herodotou, H. (2020). Internet of ships: A survey on architectures, emerging applications, and challenges. IEEE Internet of Things journal, 7(10), 9714-9727.
    [CrossRef]   [Google Scholar]
  20. Rath, S., Intriago, A., Sengupta, S., & Konstantinou, C. (2023, August). Lost at sea: Assessment and evaluation of rootkit attacks on shipboard microgrids. In 2023 IEEE Electric Ship Technologies Symposium (ESTS) (pp. 534-541). IEEE.
    [CrossRef]   [Google Scholar]
  21. Tullsen, M., Pike, L., Collins, N., & Tomb, A. (2018, July). Formal verification of a vehicle-to-vehicle (V2V) messaging system. In International Conference on Computer Aided Verification (pp. 413-429). Cham: Springer International Publishing.
    [CrossRef]   [Google Scholar]
  22. Grigoriadis, C., Papastergiou, S., Kotzanikolaou, P., Douligeris, C., Dionysiou, A., Elias, A., ... & Kamm, L. (2021, August). Integrating and validating maritime transport security services: Initial results from the cs4eu demonstrator. In Proceedings of the 2021 Thirteenth International Conference on Contemporary Computing (pp. 371-377).
    [CrossRef]   [Google Scholar]
  23. Zhang, C., Cao, C., Kang, K., Guo, C., & Guo, M. (2022). Virtual global positioning system construction approach for unmanned surface vessel based on Dempster–Shafer theory and broad learning framework. The Journal of Navigation, 75(5), 1144-1166.
    [CrossRef]   [Google Scholar]
  24. Sun, X., Wang, G., Fan, Y., Mu, D., & Qiu, B. (2018). An automatic navigation system for unmanned surface vehicles in realistic sea environments. Applied Sciences, 8(2), 193.
    [CrossRef]   [Google Scholar]
  25. Akram, W., Yang, S., Kuang, H., He, X., Din, M. U., Dong, Y., ... & Hussain, I. (2024). Long-Range Vision-Based UAV-assisted Localization for Unmanned Surface Vehicles. arXiv preprint arXiv:2408.11429.
    [Google Scholar]
  26. Boretti, A. (2024). Unmanned surface vehicles for naval warfare and maritime security. The Journal of Defense Modeling and Simulation, 15485129241283056.
    [CrossRef]   [Google Scholar]
  27. Berbecaru, D. G., & Lioy, A. (2021, September). Attack strategies and countermeasures in transport-based time synchronization solutions. In International Symposium on Intelligent and Distributed Computing (pp. 203-213). Cham: Springer International Publishing.
    [CrossRef]   [Google Scholar]
  28. Hashali, S. D., Yang, S., & Xiang, X. (2024). Route planning algorithms for unmanned surface vehicles (USVs): a comprehensive analysis. Journal of Marine Science and Engineering, 12(3), 382.
    [CrossRef]   [Google Scholar]
  29. He, P., Du, X., Li, Y., Guo, H., & Cui, J. (2025). An integration methodology of safety and security requirements for autonomous vehicles. Journal of Transportation Safety & Security, 17(3), 253-271.
    [CrossRef]   [Google Scholar]
  30. Hofer-Schmitz, K., & Stojanović, B. (2020). Towards formal verification of IoT protocols: A Review. Computer Networks, 174, 107233.
    [CrossRef]   [Google Scholar]
  31. Cai, X., Shi, K., She, K., Zhong, S., Wen, S., & Xie, Y. (2023). Communication security of autonomous ground vehicles based on networked control systems: The optimized LMI approach. Security and Safety, 2, 2023016.
    [CrossRef]   [Google Scholar]
  32. Wang, H., Ren, G., Chen, J., Ding, G., & Yang, Y. (2018). Unmanned aerial vehicle-aided communications: Joint transmit power and trajectory optimization. IEEE Wireless Communications Letters, 7(4), 522-525.
    [CrossRef]   [Google Scholar]
  33. Jero, S., Hoque, E., Choffnes, D., Mislove, A., & Nita-Rotaru, C. (2018, July). Automated Attack Discovery in TCP Congestion Control Using a Model-guided Approach. In Proceedings of the 2018 Applied Networking Research Workshop (pp. 95-95).
    [CrossRef]   [Google Scholar]
Cite This Article
APA Style
Zhou, S. (2025). USVScout: Detecting Security Vulnerabilities in USV-based Marine Applications. ICCK Transactions on Cybersecurity, 1(1), 17–34. https://doi.org/10.62762/TC.2025.281528
Article Metrics
Citations:

Google Scholar
0

Crossref

0

Scopus

0

Web of Science

0
Article Access Statistics:
Views: 222
PDF Downloads: 22
Publisher's Note
ICCK stays neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and Permissions
Institute of Central Computation and Knowledge (ICCK) or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
ICCK Transactions on Cybersecurity

ICCK Transactions on Cybersecurity

ISSN: 3069-3349 (Online)

Email: [email protected]

Portico

Portico

All published articles are preserved here permanently:
https://www.portico.org/publishers/icck/