Hacking into an unmanned vehicle

Professors at the University of South Australia and Charles Sturt University have developed an algorithm to detect and intercept man-in-the-middle (MitM) attacks on unmanned military robots.
MitM attacks are a type of cyberattack where the data traffic between two parties, in this case, the robot and its legitimate controllers, is intercepted either to eavesdrop or to inject false data in the stream.
Cyber algorithm neutralises malicious robot attack


"The robot operating system (ROS) is extremely susceptible to data breaches and electronic hijacking because it is so highly networked," comments Professor Anthony Finn, who participated in the study.

"The advent of Industry 4, marked by the evolution in robotics, automation, and the Internet of Things, has demanded that robots work collaboratively, where sensors, actuators, and controllers need to communicate and exchange information with one another via cloud services."

"The downside of this is that it makes them highly vulnerable to cyberattacks."

The university researchers developed an algorithm using machine learning techniques to detect these attempts and shut them down in seconds.

Recorded sensor data. Attack begins at 300 seconds
Recorded sensor data. Attack begins at 300 seconds (IEEE)
The algorithm was tested in a replica of the GVR-BOT used by the U.S. Army (TARDEC), and recorded successful attack prevention 99% of the time, with false positives occurring in less than 2% of the tested cases.
The robot used in the tests
The robot used in the tests (unisa.edu.au)

Discerning MitM attacks

Detecting MitM targeting crewless vehicles and robots is complex as these systems operate under fault-tolerant modes, so distinguishing between normal operations and fault conditions can be hazy.
Also, robotic systems can be compromised at various levels, from the core system to its sub-systems and their sub-components, causing an operational problem that could render the robot dysfunctional..
All the different nodes an MitM actor can attack
All the different nodes an MitM actor can attack (IEEE)

The university researchers developed a system that analyzed the robot's network traffic data to detect attempts to compromise it. This system uses node-based methods, scrutinizes packet data, and uses a flow-statistic-based system that reads metadata from the packet header.

The detailed technical paper released by the researchers delves into the specifics of the deep learning CNN (convolutional neural network) model that was developed for this purpose, comprising multiple layers and filters that raise the reliability of the cyberattack detection outcome.

Real tests conducted on the replica bot with simulated cyber-attacks targeting various systems produced excellent results and high identification accuracy even after only 2-3 epochs of model training.

One of the performance tables generated during the tests
One of the performance tables generated during the tests (IEEE)
Optimized versions of this novel protection system could find applications in similar but more demanding robotic applications, like unmanned aircraft.
"We are also interested in investigating the efficacy of our intrusion detection system on different robotic platforms, such as unmanned aerial vehicles, whose dynamics are reasonably faster and more complex compared to a ground robot," concludes the paper published on IEEE's portal.

Related Articles: 

Australian researchers have designed an algorithm that can intercept a man-in-the-middle (MitM) cyberattack on an unmanned military robot and ...
Asia Pacific Defence Reporter · Northrop Grumman · Jan 15, 2021

Simpson Manufacturing shuts down IT systems after cyberattack

Lyca Mobile investigates customer data leak after cyberattack

Meet LostTrust ransomware — A likely rebrand of the MetaEncryptor gang

Building automation giant Johnson Controls hit by ransomware attack

Government of Bermuda links cyberattack to Russian hackers