This hybrid security framework for UAV swarm communication integrates blockchain for trust management with cryptography for secure transmission.
Unmanned aerial vehicles (UAVs), commonly known as drones, are autonomous, remotely operated aerial systems capable of performing tasks without human intervention. A UAV swarm network consists of multiple drones that collaborate and communicate with one another to achieve a common objective, increasing their scalability, flexibility and efficiency in complex operations.
UAV swarms are today widely deployed in critical applications such as military surveillance, border security, and disaster management. These are also being used for rescue operations, environmental and habitat monitoring, and in agriculture.
However, the decentralised and dynamic nature of these UAVs makes them highly vulnerable to cyber-attacks such as Denial of Service (DoS), Sybil attacks and Man-in-the-Middle (MITM) attacks, which impacts their reliability, integrity and availability.
The multi-tier protection framework discussed below, which integrates Hyperledger Fabric blockchain and cryptographic techniques such as AES-256 and ECC P-256, is an attempt at addressing these challenges. Blockchain ensures decentralised authentication and tamper-proof logging. Network anomalies are detected in real-time using the NSL-KDD dataset. Simulation results demonstrate an average blockchain latency of 45ms with less than 5% performance degradation, which makes this system suitable for real-time UAV swarm applications.
It is evident from Table 1 that Hyperledger Fabric provides better security than the public blockchain Ethereum. Hyperledger Fabric’s Membership Service Provider (MSP) issues X.509 certificates to each UAV at registration time. So only registered drones can participate in the network. This simple feature helps to eliminate Sybil attacks at the network entry points; this is not possible in public blockchains like Bitcoin or Ethereum.
Table 1: The differences between private and public blockchains
| Feature | Ethereum
(Public) |
Hyperledger Fabric (Private) |
| Access | Open to everyone | Permissioned access via X.509 certs |
| Consensus | Proof of Stake (PoS) | Practical Byzantine Fault Tolerance (PBFT) |
| Latency | Average of 720 milliseconds (ms) | Average of 45 milliseconds (ms) |
| Throughput | Approximately 15 to 30 transactions per second (TPS) | Approximately 2000 plus transactions per second (TPS) |
| Visibility | Data is publicly accessible to everyone | Limited visibility through private channels |
| Smart contracts |
Developed using Solidity programming language | Implemented as chaincode using Go or Java programming language |
| Suitable for UAVs | No | Yes |
UAV swarm architecture
Figure 1 explains how a group of UAVs work together. It also depicts how swarms collect data and encrypt it before sending it through a smart network that can detect attacks in real time. A blockchain system ensures everything is verified; it makes sure everything is trusted and safely recorded without tampering.

The technology stack we used is: MATLAB for simulation, Python for data processing, Hyperledger Fabric with Go programming language for blockchain and chaincode implementation, NSL-KDD dataset for IDS training, and AES-256 and ECC P-256 for cryptography.
Figure 2 depicts the real-time UAV swarm security dashboard showing live mesh topology. It clearly gives the details about the Hyperledger Fabric block log and AES-256 + ECC P-256 encryption metrics.

In Hyperledger Fabric, chaincodes are nothing but the smart contracts that run the swarms. Every drone must register itself before transmitting even a single byte of information. The chaincode given below validates the MSP certificate and also writes the UAV identity permanently to the blockchain ledger so that it becomes immutable:
type UAVIdentity struct {
UAVID string `json:”uav_id”`
CertHash string `json:”cert_hash”`
SwarmID string `json:”swarm_id”`
Status string `json:”status”` // ACTIVE | SUSPICIOUS | REVOKED
RegisteredAt string `json:”registered_at”`
}
func (r *UAVRegistry) RegisterUAV(ctx contractapi.TransactionContextInterface,
uavID, certHash, swarmID, timestamp string) error {
existing, _ := ctx.GetStub().GetState(uavID)
if existing != nil {
return fmt.Errorf(“UAV %s already registered”, uavID)}
uav := UAVIdentity{uavID, certHash, swarmID, “ACTIVE”, timestamp}
data, _ := json.Marshal(uav)
return ctx.GetStub().PutState(uavID, data)}
// RevokeUAV is called automatically when a DoS/U2R attack is confirmed
func (r *UAVRegistry) RevokeUAV(ctx contractapi.TransactionContextInterface,
uavID string) error {
data, _: = ctx.GetStub().GetState(uavID)
var uav UAVIdentity
json.Unmarshal(data, &uav)
uav.Status = “REVOKED”
updated, _:= json.Marshal(uav)
return ctx.GetStub().PutState(uavID, updated)
}
After RegisterUAV() is called, a JSON output will be as follows:

If RegisterUAV() is called again with the same UAV ID, an error will be thrown as follows:

After RevokeUAV() is called on UAV, a JSON output will be as follows:

Secure event logging with tamper-proof audit
Every bit of information transferred via UAVs is encrypted using a hybrid scheme of AES-256 and ECC P-256. While the AES-256-GCM handles the payload faster and authenticates the encryption, the ECC P-256 (which is a lightweight algorithm ideal for constrained UAV hardware compared to RSA) handles the key exchange more securely. This combination gave us an encryption overhead of just 2.3ms per message in simulation.
The Python code to attain this is as follows:
from cryptography.hazmat.primitives.asymmetric.ec import (
ECDH, generate_private_key, SECP256R1 )
from cryptography.hazmat.primitives.ciphers.aead import AESGCM
from cryptography.hazmat.primitives.kdf.hkdf import HKDF
from cryptography.hazmat.primitives import hashes
import os
def encrypt_telemetry(payload: bytes, recipient_pub_key) -> dict:
# Ephemeral ECC key pair for this session only
ephemeral = generate_private_key(SECP256R1())
shared_secret = ephemeral.exchange(ECDH(), recipient_pub_key)
# Derive AES-256 key via HKDF-SHA256
aes_key = HKDF(hashes.SHA256(), 32, None, b”uav-swarm”).derive(shared_secret)
# AES-256-GCM: encrypts + authenticates in one step
nonce = os.urandom(12)
ciphertext = AESGCM(aes_key).encrypt(nonce, payload, None)
return {“nonce”: nonce.hex(), “ciphertext”: ciphertext.hex()
}
The output is:

Results and performance evaluation
The results were obtained by deploying the Hyperledger Fabric testnet on Docker containers using MATLAB simulations with 4 peer nodes, 1 orderer and 1 CA.
Figure 3 depicts that the PBFT provides the optimal balance of 45.2ms, which is faster than all decentralised blockchain alternatives.
|
Consensus method |
Authentication latency |
|
Centralised authentication |
18.4ms |
|
PBFT (Proposed) |
45.2ms |
|
Raft (Consensus) |
62.1ms |
|
PoS (Ethereum) |
720.0ms |
|
PoW (Bitcoin) |
8,400ms |
Table 2: Consensus method and its latency
Figure 4 depicts the encryption overhead during the transmission of a single message. It compares this encryption overhead along with other cryptographic models. It is evident that AES-256 + ECC combined produces the best possible overhead of 2.31ms, which is much faster and safer than the others.



Figure 5 shows that without blockchain authentication, a Sybil attack reduces the authentication success to 32% and a MITM attack to 28%. All attack scenarios are held above 96% with blockchain authentication active.
This system has high detection accuracy and low latency, along with a strong resilience against attacks. It can be really useful in real world applications such as disaster management, border surveillance, and in war zone military operations where reliability and data integrity are crucial. Built entirely on open source Hyperledger Fabric, it is ready for large scale deployment due to its scalability, transparency and tamper-proof nature.














































































