Securing Robots: An Integrated Approach for Security Challenges adn Monitoring for the Robotic Operating System

Doctoral thesis (2021)

Robotic systems are proliferating in our society due to their capacity to carry out physical tasks on behalf of human beings, with current applications in the military, industrial, agricultural, and ... [more ▼]

Robotic systems are proliferating in our society due to their capacity to carry out physical tasks on behalf of human beings, with current applications in the military, industrial, agricultural, and domestic fields. The Robotic Operating System (ROS) is the de-facto standard for the development of modular robotic systems. Manufacturing and other industries use ROS for their robots, while larger companies such as Windows and Amazon have shown interest in supporting it, with ROS systems projected to make up most robotic systems within the next five years. However, a focus on security is needed as ROS is notorious for the absence of security mechanisms, placing people in danger both physically and digitally. This dissertation presents the security shortcomings in ROS and addresses them by developing a modular, secure framework for ROS. The research focuses on three features: internal system defense, external system verification, and automated vulnerability detection. This dissertation provides an integrated approach for the security of ROS-enabled robotic systems to set a baseline for the continual development of ROS security. Internal system defense focuses on defending ROS nodes from attacks and ensuring system safety in compromise. ROS-Defender, a firewall for ROS leveraging Software Defined Networking (SDN), and ROS-FM, an extension to ROS-Defender that uses the extended Berkely Packet Filter(eBPF), are discussed. External system verification centers on when data becomes the enemy, encompassing sensor attacks, network infrastructure attacks, and inter-system attacks. In this section, the use of machine learning to address sensor attacks is demonstrated, eBPF is utilized to address network infrastructure attacks, and consensus algorithms are leveraged to mitigate inter-system attacks. Automated vulnerability detection is perhaps the most important, focusing on detecting vulnerabilities and providing immediate mitigating solutions to avoid downtime or system failure. Here, ROSploit, an automated vulnerability scanner for ROS, and DiscoFuzzer, a fuzzing system designed for robots, are discussed. ROS-Immunity combines all the components for an integrated tool that, in conjunction with Secure-ROS, provides a suite of defenses for ROS systems against malicious attackers. [less ▲]

Auto-encoding Robot State against Sensor Spoofing Attacks

in International Symposium on Software Reliability Engineering (2019, October)

In robotic systems, the physical world is highly coupled with cyberspace. New threats affect cyber-physical systems as they rely on several sensors to perform critical operations. The most sensitive ... [more ▼]

In robotic systems, the physical world is highly coupled with cyberspace. New threats affect cyber-physical systems as they rely on several sensors to perform critical operations. The most sensitive targets are their location systems, where spoofing attacks can force robots to behave incorrectly. In this paper, we propose a novel anomaly detection approach for sensor spoofing attacks, based on an auto-encoder architecture. After initial training, the detection algorithm works directly on the compressed data by computing the reconstruction errors. We focus on spoofing attacks on Light Detection and Ranging (LiDAR) systems. We tested our anomaly detection approach against several types of spoofing attacks comparing four different compression rates for the auto-encoder. Our approach has a 99% True Positive rate and a 10% False Negative rate for the 83% compression rate. However, a compression rate of 41% could handle almost all of the same attacks while using half the data. [less ▲]

Real-time attack detection on robot cameras: A self-driving car application

in International Conference on Robotic Computing (2019, February)

The Robot Operating System (ROS) are being deployed for multiple life critical activities such as self-driving cars, drones, and industries. However, the security has been persistently neglected ... [more ▼]

The Robot Operating System (ROS) are being deployed for multiple life critical activities such as self-driving cars, drones, and industries. However, the security has been persistently neglected, especially the image flows incoming from camera robots. In this paper, we perform a structured security assessment of robot cameras using ROS. We points out a relevant number of security flaws that can be used to take over the flows incoming from the robot cameras. Furthermore, we propose an intrusion detection system to detect abnormal flows. Our defense approach is based on images comparisons and unsupervised anomaly detection method. We experiment our approach on robot cameras embedded on a self-driving car. [less ▲]