References of "Rivera, Sean 50030384"
     in
Bookmark and Share    
Full Text
See detailSecuring Robots: An Integrated Approach for Security Challenges adn Monitoring for the Robotic Operating System
Rivera, Sean UL

Doctoral thesis (2021)

Robotic systems are proliferating in our society due to their capacity to carry out physical tasks on behalf of human beings, with current applications in the military, industrial, agricultural, and ... [more ▼]

Robotic systems are proliferating in our society due to their capacity to carry out physical tasks on behalf of human beings, with current applications in the military, industrial, agricultural, and domestic fields. The Robotic Operating System (ROS) is the de-facto standard for the development of modular robotic systems. Manufacturing and other industries use ROS for their robots, while larger companies such as Windows and Amazon have shown interest in supporting it, with ROS systems projected to make up most robotic systems within the next five years. However, a focus on security is needed as ROS is notorious for the absence of security mechanisms, placing people in danger both physically and digitally. This dissertation presents the security shortcomings in ROS and addresses them by developing a modular, secure framework for ROS. The research focuses on three features: internal system defense, external system verification, and automated vulnerability detection. This dissertation provides an integrated approach for the security of ROS-enabled robotic systems to set a baseline for the continual development of ROS security. Internal system defense focuses on defending ROS nodes from attacks and ensuring system safety in compromise. ROS-Defender, a firewall for ROS leveraging Software Defined Networking (SDN), and ROS-FM, an extension to ROS-Defender that uses the extended Berkely Packet Filter(eBPF), are discussed. External system verification centers on when data becomes the enemy, encompassing sensor attacks, network infrastructure attacks, and inter-system attacks. In this section, the use of machine learning to address sensor attacks is demonstrated, eBPF is utilized to address network infrastructure attacks, and consensus algorithms are leveraged to mitigate inter-system attacks. Automated vulnerability detection is perhaps the most important, focusing on detecting vulnerabilities and providing immediate mitigating solutions to avoid downtime or system failure. Here, ROSploit, an automated vulnerability scanner for ROS, and DiscoFuzzer, a fuzzing system designed for robots, are discussed. ROS-Immunity combines all the components for an integrated tool that, in conjunction with Secure-ROS, provides a suite of defenses for ROS systems against malicious attackers. [less ▲]

Detailed reference viewed: 63 (9 UL)
Full Text
Peer Reviewed
See detailLeveraging eBPF to preserve user privacy for DNS, DoT, and DoH queries
Rivera, Sean UL; Gurbani, Vijay; Lagraa, Sofiane UL et al

in Proceedings of the 15th International Conference on Availability, Reliability and Security (2020, August)

The Domain Name System (DNS), a fundamental protocol that controls how users interact with the Internet, inadequately provides protection for user privacy. Recently, there have been advancements in the ... [more ▼]

The Domain Name System (DNS), a fundamental protocol that controls how users interact with the Internet, inadequately provides protection for user privacy. Recently, there have been advancements in the field of DNS privacy and security in the form of the DNS over TLS (DoT) and DNS over HTTPS (DoH) protocols. The advent of these protocols and recent advancements in large-scale data processing have drastically altered the threat model for DNS privacy. Users can no longer rely on traditional methods, and must instead take active steps to ensure their privacy. In this paper, we demonstrate how the extended Berkeley Packet Filter (eBPF) can assist users in maintaining their privacy by leveraging eBPF to provide privacy across standard DNS, DoH, and DoT communications. Further, we develop a method that allows users to enforce application-specific DNS servers. Our method provides users with control over their DNS network traffic and privacy without requiring changes to their applications while adding low overhead. [less ▲]

Detailed reference viewed: 64 (5 UL)
Full Text
Peer Reviewed
See detailAuto-encoding Robot State against Sensor Spoofing Attacks
Rivera, Sean UL; Lagraa, Sofiane UL; Iannillo, Antonio Ken UL et al

in International Symposium on Software Reliability Engineering (2019, October)

In robotic systems, the physical world is highly coupled with cyberspace. New threats affect cyber-physical systems as they rely on several sensors to perform critical operations. The most sensitive ... [more ▼]

In robotic systems, the physical world is highly coupled with cyberspace. New threats affect cyber-physical systems as they rely on several sensors to perform critical operations. The most sensitive targets are their location systems, where spoofing attacks can force robots to behave incorrectly. In this paper, we propose a novel anomaly detection approach for sensor spoofing attacks, based on an auto-encoder architecture. After initial training, the detection algorithm works directly on the compressed data by computing the reconstruction errors. We focus on spoofing attacks on Light Detection and Ranging (LiDAR) systems. We tested our anomaly detection approach against several types of spoofing attacks comparing four different compression rates for the auto-encoder. Our approach has a 99% True Positive rate and a 10% False Negative rate for the 83% compression rate. However, a compression rate of 41% could handle almost all of the same attacks while using half the data. [less ▲]

Detailed reference viewed: 96 (23 UL)
Full Text
Peer Reviewed
See detailROS-Defender: SDN-based Security Policy Enforcement for Robotic Applications
Rivera, Sean UL; Lagraa, Sofiane UL; State, Radu UL et al

in IEEE Workshop on the Internet of Safe Things, Co-located with IEEE Security and Privacy 2019 (2019, May)

Abstract—In this paper we propose ROS-Defender, a holistic approach to secure robotics systems, which integrates a Security Event Management System (SIEM), an intrusion prevention system (IPS) and a ... [more ▼]

Abstract—In this paper we propose ROS-Defender, a holistic approach to secure robotics systems, which integrates a Security Event Management System (SIEM), an intrusion prevention system (IPS) and a firewall for a robotic system. ROS-Defender combines anomaly detection systems at application (ROS) level and network level, with dynamic policy enforcement points using software defined networking (SDN) to provide protection against a large class of attacks. Although SIEMs, IPS, and firewall have been previously used to secure computer networks, ROSDefender is applying them for the specific use case of robotic systems, where security is in many cases an afterthought. [less ▲]

Detailed reference viewed: 104 (7 UL)
Full Text
Peer Reviewed
See detailReal-time attack detection on robot cameras: A self-driving car application
Lagraa, Sofiane UL; Cailac, Maxime; Rivera, Sean UL et al

in International Conference on Robotic Computing (2019, February)

The Robot Operating System (ROS) are being deployed for multiple life critical activities such as self-driving cars, drones, and industries. However, the security has been persistently neglected ... [more ▼]

The Robot Operating System (ROS) are being deployed for multiple life critical activities such as self-driving cars, drones, and industries. However, the security has been persistently neglected, especially the image flows incoming from camera robots. In this paper, we perform a structured security assessment of robot cameras using ROS. We points out a relevant number of security flaws that can be used to take over the flows incoming from the robot cameras. Furthermore, we propose an intrusion detection system to detect abnormal flows. Our defense approach is based on images comparisons and unsupervised anomaly detection method. We experiment our approach on robot cameras embedded on a self-driving car. [less ▲]

Detailed reference viewed: 194 (16 UL)
Full Text
Peer Reviewed
See detailROSploit: Cybersecurity tool for ROS
Rivera, Sean UL; Lagraa, Sofiane UL; State, Radu UL

in International Conference on Robotic Computing (2019, February)

Abstract—Robotic Operating System(ROS) security research is currently in a preliminary state, with limited research in tools or models. Considering the trend of digitization of robotic systems, this lack ... [more ▼]

Abstract—Robotic Operating System(ROS) security research is currently in a preliminary state, with limited research in tools or models. Considering the trend of digitization of robotic systems, this lack of foundational knowledge increases the potential threat posed by security vulnerabilities in ROS. In this article, we present a new tool to assist further security research in ROS, ROSploit. ROSploit is a modular two-pronged offensive tool covering both reconnaissance and exploitation of ROS systems, designed to assist researchers in testing exploits for ROS. [less ▲]

Detailed reference viewed: 176 (5 UL)