A wireless relaying system in the presence of an active eavesdropper is considered. The system is assumed to use an unmanned aerial vehicle (UAV) as a relay and the uplink phase is for authentication. The active eavesdropper is assumed to sneak into the system by attacking the UAV during the process of authentication. To detect the eavesdropping attacks, we consider building predictive models with one-class support vector machines (OC-SVM) and K-means clustering. To prepare datasets for training predictive models, we propose a framework for creating the features of testing data from wireless signals and another framework for generating training data. Our results show the superiority of OC-SVM over K-means in terms of stability, while K-means clustering is better when the eavesdropper uses high power in transmission.