Physical indicators of cyber attacks against a rescue robot

2016 15th International Conference on Ubiquitous Computing and Communications and 2016 International Symposium on Cyberspace An

Anthony

et al. 2016

Self Cite

Abstract-Security is one of the key challenges in cyberphysical systems, because by their nature, any cyber attack against them can have physical repercussions. This is a critical issue for autonomous vehicles; if compromised in terms of their communications or computation they can cause considerable physical damage due to their mobility. Our aim here is to facilitate the automatic detection of cyber attacks on a robotic vehicle. For this purpose, we have developed a detection mechanism, which monitors real-time data from a large number of sources onboard the vehicle, including its sensors, networks and processing. Following a learning phase, where the vehicle is trained in a non-attack state on what values are considered normal, it is then subjected to a series of different cyberphysical and physical-cyber attacks. We approach the problem as a binary classification problem of whether the robot is able to self-detect when and whether it is under attack. Our experimental results show that the approach is promising for most attacks that the vehicle is subjected to. We further improve its performance by using weights that accentuate the anomalies that are less common thus improving overall performance of the detection mechanism for unknown attacks.

Section: Related Workmentioning

confidence: 99%

Behaviour-Based Anomaly Detection of Cyber-Physical Attacks on a Robotic Vehicle

Bezemskij

2016 15th International Conference on Ubiquitous Computing and Communications and 2016 International Symposium on Cyberspace An

Anthony

et al. 2016

Self Cite

“…based on Petri Nets [14], or based on the knowledge of what impact a particular attack has on a particular robot, as in [7]. Our focus here is on a standalone robot, which does not have the opportunity to share information or collaborate with other robots to detect attacks.…”

Section: Related Workmentioning

confidence: 99%

“…It may head towards the wrong direction, be delayed, be forced to shut down, continue blindly, physically jitter [7] etc. Here, we take a more detailed look on the physical impact of different cyber attacks, including denial of service, command injection, and two types of malware infection.…”

Section: Introductionmentioning

confidence: 99%

Performance Evaluation of Cyber-Physical Intrusion Detection on a Robotic Vehicle

Vuong

2015 IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable,

Gan

2015

Self Cite

Abstract-Intrusion detection systems designed for conventional computer systems and networks are not necessarily suitable for mobile cyber-physical systems, such as robots, drones and automobiles. They tend to be geared towards attacks of different nature and do not take into account mobility, energy consumption and other physical aspects that are vital to a mobile cyber-physical system. We have developed a decision tree-based method for detecting cyber attacks on a small-scale robotic vehicle using both cyber and physical features that can be measured by its on-board systems and processes. We evaluate it experimentally against a variety of scenarios involving denial of service, command injection and two types of malware attacks. We observe that the addition of physical features noticeably improves the detection accuracy for two of the four attack types and reduces the detection latency for all four.

“…In our previous work [7], we have identified the need for a robust classification method for behavioural characteristics of a robotic vehicle under attack using both physical and cyber input features. Towards this goal, we start our investigation with a knowledge-based approach, which depends on the existence of a known attack pattern.…”

Section: Intrusion Detection Using Decision Treesmentioning

confidence: 99%

“…This is more so for vehicles that are not autonomous but controlled by a user over a communication channel. In previous research, we have identified that, depending on implementation approach and attack type, a robot under a denial of service attack on its communication channel might be forced to shut down, to continue moving blindly, to jitter, or to delay changing direction [7], [8] etc. Here, we try to make use of these physical manifestations of two practically usable cyber attacks [9]: denial of service and command injection to investigate whether we can use them meaningfully as part of an on-board intrusion detection system.…”

Section: Introductionmentioning

confidence: 99%

Decision tree-based detection of denial of service and command injection attacks on robotic vehicles

Vuong

2015 IEEE International Workshop on Information Forensics and Security (WIFS)

Gan

et al. 2015

Self Cite

Abstract-Mobile cyber-physical systems, such as automobiles, drones and robotic vehicles, are gradually becoming attractive targets for cyber attacks. This is a challenge because intrusion detection systems built for conventional computer systems tend to be unsuitable. They can be too demanding for resource-restricted cyber-physical systems or too inaccurate due to the lack of realworld data on actual attack behaviours. Here, we focus on the security of a small remote-controlled robotic vehicle. Having observed that certain types of cyber attacks against it exhibit physical impact, we have developed an intrusion detection system that takes into account not only cyber input features, such as network traffic and disk data, but also physical input features, such as speed, physical jittering and power consumption. As the system is resource-restricted, we have opted for a decision tree-based approach for generating simple detection rules, which we evaluate against denial of service and command injection attacks. We observe that the addition of physical input features can markedly reduce the false positive rate and increase the overall accuracy of the detection.