As a rapidly growing cyber-physical platform, unmanned aerial vehicles are facing more security threats as their capabilities and applications continue to expand. Adversaries with detailed knowledge about the vehicle could orchestrate sophisticated attacks that are not easily detected or handled by the vehicle's control system. In this work, we purpose a generic security framework, termed BlueBox, capable of detecting and handling a variety of cyber-physical attacks. To demonstrate an application of BlueBox in practice, we retrofitted an off-the-shelf quadcopter. A series of attacks were then launched by embedding malicious code in the control software and by altering the vehicle's hardware with the specific targeting of sensors, controller, motors, vehicle dynamics, and operating system. Experimental results verified that BlueBox was capable of both detecting a variety of cyber-physical attacks, while also providing the means in which to recover from such attacks.