Detecting cyber-physical threats in an autonomous robotic vehicle using Bayesian Networks

Robotic vehicles and especially autonomous robotic vehicles can be attractive targets for attacks that cross the cyber-physical divide, that is cyber attacks or sensory channel attacks affecting the ability to navigate or complete a mission. Detection of such threats is typically limited to knowledge-based and vehicle-specific methods, which are applicable to only specific known attacks, or methods that require computation power that is prohibitive for resource-constrained vehicles. Here, we present a method based on Bayesian Networks that can not only tell whether an autonomous vehicle is under attack, but also whether the attack has originated from the cyber or the physical domain. We demonstrate the feasibility of the approach on an autonomous robotic vehicle built in accordance with the Generic Vehicle Architecture specification and equipped with a variety of popular communication and sensing technologies. The results of experiments involving command injection, rogue node and magnetic interference attacks show that the approach is promising

Behaviour-based anomaly detection of cyber-physical attacks on a robotic vehicle

Security is one of the key challenges in cyber-physical systems, because by their nature, any cyber attack against them can have physical repercussions. This is a critical issue for autonomous vehicles; if compromised in terms of their communications or computation they can cause considerable physical damage due to their mobility. Our aim here is to facilitate the automatic detection of cyber attacks on a robotic vehicle. For this purpose, we have developed a detection mechanism, which monitors real-time data from a large number of sources onboard the vehicle, including its sensors, networks and processing. Following a learning phase, where the vehicle is trained in a non-attack state on what values are considered normal, it is then subjected to a series of different cyber-physical and physical-cyber attacks. We approach the problem as a binary classification problem of whether the robot is able to self-detect when and whether it is under attack. Our experimental results show that the approach is promising for most attacks that the vehicle is subjected to. We further improve its performance by using weights that accentuate the anomalies that are less common thus improving overall performance of the detection mechanism for unknown attacks

Threat evaluation based on automatic sensor signal characterisation and anomaly detection

Autonomous cyber physical systems are increasingly common in a wide variety of application domains, with a correspondingly wide range of functionalities and types of sensing and actuation. At the same time, the variety and frequency of cyber attacks is increasing in correspondence with the increasing popularity and functionality of these systems, from in-vehicle driver assistance to smart city infrastructure and robotics. These technologies rely on a variety of sensors, actuating nodes and control communications. Each sensor adds context by which the autonomous system can better understand its environment, but each sensor also provides opportunities for attack, as has been observed in a variety of attacks on different systems. In this paper, we introduce a model to observe signal characteristics, including noise level patterns, on sensor data streams and incorporate this information to differentiate between normal or abnormal behaviour of a robotic vehicle. This model forms the basis of an automated threat detection scheme, which we test using a purpose-built testbed. Experiments are conducted in a controlled environment using stochastic elements to introduce certain levels of randomness during the experiment. The results indicate that the system is able to distinguish the behaviour of a robotic vehicle under different levels of environmental volatility and is able to identify a sensory channel attack against it

Decision tree-based detection of denial of service and command injection attacks on robotic vehicles

Mobile cyber-physical systems, such as automobiles, drones and robotic vehicles, are gradually becoming attractive targets for cyber attacks. This is a challenge because intrusion detection systems built for conventional computer systems tend to be unsuitable. They can be too demanding for resource-restricted cyber-physical systems or too inaccurate due to the lack of real- world data on actual attack behaviours. Here, we focus on the security of a small remote-controlled robotic vehicle. Having observed that certain types of cyber attacks against it exhibit physical impact, we have developed an intrusion detection system that takes into account not only cyber input features, such as network traffic and disk data, but also physical input features, such as speed, physical jittering and power consumption. As the system is resource-restricted, we have opted for a decision tree-based approach for generating simple detection rules, which we evaluate against denial of service and command injection attacks. We observe that the addition of physical input features can markedly reduce the false positive rate and increase the overall accuracy of the detection

Self-configurable cyber-physical intrusion detection for smart homes using reinforcement learning

The modern Internet of Things (IoT)-based smart home is a challenging environment to secure: devices change, new vulnerabilities are discovered and often remain unpatched, and different users interact with their devices differently and have different cyber risk attitudes. A security breach’s impact is not limited to cyberspace, as it can also affect or be facilitated in physical space, for example, via voice. In this environment, intrusion detection cannot rely solely on static models that remain the same over time and are the same for all users. We present MAGPIE, the first smart home intrusion detection system that is able to autonomously adjust the decision function of its underlying anomaly classification models to a smart home’s changing conditions (e.g., new devices, new automation rules and user interaction with them). The method achieves this goal by applying a novel probabilistic cluster-based reward mechanism to non-stationary multi-armed bandit reinforcement learning. MAGPIE rewards the sets of hyperparameters of its underlying isolation forest unsupervised anomaly classifiers based on the cluster silhouette scores of their output. Experimental evaluation in a real household shows that MAGPIE exhibits high accuracy because of two further innovations: it takes into account both cyber and physical sources of data; and it detects human presence to utilise models that exhibit the highest accuracy in each case. MAGPIE is available in open source format, together with its evaluation datasets, so it can benefit from future advances in unsupervised and reinforcement learning and be able to be enriched with further sources of data as smart home environments and attacks evolve

A taxonomy and survey of cyber-physical intrusion detection approaches for vehicles

With the growing threat of cyber and cyber-physical attacks against automobiles, drones, ships, driverless pods and other vehicles, there is also a growing need for intrusion detection approaches that can facilitate defence against such threats. Vehicles tend to have limited processing resources and are energy-constrained. So, any security provision needs to abide by these limitations. At the same time, attacks against vehicles are very rare, often making knowledge-based intrusion detection systems less practical than behaviour-based ones, which is the reverse of what is seen in conventional computing systems. Furthermore, vehicle design and implementation can differ wildly between different types or different manufacturers, which can lead to intrusion detection designs that are vehicle-specific. Equally importantly, vehicles are practically defined by their ability to move, autonomously or not. Movement, as well as other physical manifestations of their operation may allow cyber security breaches to lead to physical damage, but can also be an opportunity for detection. For example, physical sensing can contribute to more accurate or more rapid intrusion detection through observation and analysis of physical manifestations of a security breach. This paper presents a classification and survey of intrusion detection systems designed and evaluated specifically on vehicles and networks of vehicles. Its aim is to help identify existing techniques that can be adopted in the industry, along with their advantages and disadvantages, as well as to identify gaps in the literature, which are attractive and highly meaningful areas of future research

A taxonomy of cyber-physical threats and impact in the smart home

In the past, home automation was a small market for technology enthusiasts. Interconnectivity between devices was down to the owner’s technical skills and creativity, while security was non-existent or primitive, because cyber threats were also largely non-existent or primitive. This is not the case any more. The adoption of Internet of Things technologies, cloud computing, artificial intelligence and an increasingly wide range of sensing and actuation capabilities has led to smart homes that are more practical, but also genuinely attractive targets for cyber attacks. Here, we classify applicable cyber threats according to a novel taxonomy, focusing not only on the attack vectors that can be used, but also the potential impact on the systems and ultimately on the occupants and their domestic life. Utilising the taxonomy, we classify twenty five different smart home attacks, providing further examples of legitimate, yet vulnerable smart home configurations which can lead to second-order attack vectors. We then review existing smart home defence mechanisms and discuss open research problems

Detecting cyber-physical threats against autonomous robotic systems in routine missions

Autonomous cyber physical systems are increasingly common in a wide variety of application domains, with a correspondingly wide range of functionalities and types of sensing and actuation. At the same time, the variety and frequency of cyber attacks is increasing in correspondence with the increasing popularity and functionality of these systems, from in-vehicle driver assistance to smart city infrastructure and robotics. These technologies rely on a variety of sensors, actuating nodes and control communications. Each sensor adds context by which the autonomous system can better understand its environment, but each sensor also provides opportunities for attack, as has been observed in a variety of attacks on different systems. Cyber-physical threats are increasing significantly because society is increasingly dependent on cyber-physical and Internet of things systems and devices. Cyber-physical attacks are executed by people with different motivations, intentional or not. A robotic vehicle testbed has been built and used as a testbed to develop a methodology that is capable of identifying possible threats and their causes. The design of the robotic vehicle testbed is documented with explanations in terms of its sensors, actuators and it operates. A key goal has been to develop a methodology that can automatically characterise the behaviour of the robotic testbed and be able to identify cyber-physical threats in a real-world environment. This testbed environment has met all the requirements for the experimental scenarios that we have identified. A model to observe signal characteristics, including noise level patterns on sensor data streams and incorporating this information to characterise normal or abnormal behaviour of a robotic vehicle is introduced. Following a learning phase, where the vehicle is trained in a non-attack state on the values that are considered normal, it is then subjected to a series of different cyber attacks that have physical impact (cyber-physical attacks) and physical attacks that have cyber impact (physical-cyber attacks). The problem has been approached as a binary classification problem as to whether the robot is able to self-detect if and when it is under attack. The experimental results show that the approach is promising for most attacks that the vehicle is subjected to