Analysis of Attack Intensity on Autonomous Mobile Robots
Abstract
:1. Introduction
- The influence of different types of attacks on the navigation system was considered, which made it possible to subdivide them into classes;
- The effect of attacks on the navigation system were unified and ultimately represented through their levels of consequences and impact;
- A model of an attack on a navigation system was built, taking into account five methods of attack implementation;
- The unified response thresholds valid for any type of parameter were identified, which allows us to create universal correlation rules and simplify this process, as the trigger threshold is related to the degree of impact that the attack has on the finite subsystem;
- A methodology for classifying incidents and identifying key components of the system based on ontological models was developed, which makes it possible to predict risks and select an optimal system configuration.
2. Materials and Methods
2.1. AMR Model
2.2. Model of Destructive Impact on an AMR
- Blocking, which is associated with complete destabilization of subsystems and loss of control over an object, which leads to its loss or destruction;
- Destabilization, which is associated with a violation of the key functions of the object and which can result in incorrect execution or failure of the task by objects as well as damage to its components or subsystems;
- Violation, which is associated with a minor impact on parameters when deviations from target indicators are possible;
- Allowable fluctuations, which are natural fluctuations that occur during normal operation of the system, which can be associated both with errors in individual modules and with the presence of natural and man-made influence factors.
2.3. Methodology for Assessing the Impact of Attacks on an AMR
3. Results and Discussion
4. Conclusions
Author Contributions
Funding
Data Availability Statement
Conflicts of Interest
Abbreviations
A | Allowable Fluctuations |
AMR | Autonomous Mobile Robot |
AU | Autopilot |
B | Blocking |
BOC | Binary Offset Carrier |
BPSK | Binary Phase Shift Keying |
CA | Cloudiness Allowable |
CH | Cloudiness High |
CS | Communication System |
CU | Control Unit |
CV | Computer Vision |
CVS | Computer Vision System |
CW | Continuous Wave |
D | Destabilization |
DR | Detection Rate |
DTS | Data Transmission System |
EPH | Horizontal Position Error |
EPV | Vertical Position Error |
FAR | False Alarm Rate |
FC | Flight Controller |
GLONASS | Global Navigation Satellite System |
GNSS | Global Navigation Satellite System |
GPS | Global Positioning System |
HDOP | Horizontal Dilution of Precision |
IMU | Inertial Measurement Unit |
INS | Inertial Navigation System |
IP | Internet Protocol |
JMS | Jamming the Management Channel |
JNS | Jamming Navigation Signal |
JTC | Jamming of Telemetry Channel |
MDR | Missed Discovery Rate |
ML | Machine Learning |
MQTT | Message Queuing Telemetry Transport |
MS | Management System |
NS | Navigation System |
O | Operator |
OC | Onboard computer |
PRN | Pseudo-Random Noise |
PVT | Position, Velocity and Time |
S | System |
SDR | Software-Defined Radio |
SIEM | Security Information and Event Management |
SMC | Control Signal Spoofing |
SNR | Signal-to-Noise Ratio |
SNS | Navigation Signal Spoofing |
STC | Spoofing of Telemetry Channel |
N | Noise (Technogenic) |
TCP | Transmission Control Protocol |
TPA | Timed Probabilistic Automata |
UAV | Unmanned Aerial Vehicle |
UDP | User Datagram Protocol |
V | Violation |
VDOP | Vertical Dilution of Precision |
WA | Wind Speed Allowable |
WH | Wind Speed High |
References
- Umar, A.; Giwa, M.A.; Kassim, A.Y.; Ilyasu, M.U.; Abdulwahab, I.; Agbon, E.E.; Ogedengbe, M.T. Development of an Android-based, voice-controlled autonomous robotic vehicle. Eng. Proc. 2023, 58, 48. [Google Scholar] [CrossRef]
- Loganathan, A.; Ahmad, N.S. A systematic review on recent advances in autonomous mobile robot navigation. Eng. Sci. Technol. Int. J. 2023, 40, 101343. [Google Scholar] [CrossRef]
- Yaacoub, J.-P.A.; Noura, H.N.; Salman, O.; Chehab, A. Robotics cyber security: Vulnerabilities, attacks, countermeasures, and recommendations. Int. J. Inf. Secur. 2022, 21, 115–158. [Google Scholar] [CrossRef] [PubMed]
- Elikhchi, H.D.; Hamid, T.; Akpoduado, M. Robotics cyber security issues. In Lecture Notes in Networks and Systems, Proceedings of the ICACTCE’23—The International Conference on Advances in Communication Technology and Computer Engineering. ICACTCE 2023, Bolton, UK, 24–25 February 2023; Iwendi, C., Boulouard, Z., Kryvinska, N., Eds.; Springer: Cham, Switzerland, 2023; Volume 735. [Google Scholar] [CrossRef]
- Botta, A.; Rotbei, S.; Zinno, S.; Ventre, G. Cyber security of robots: A comprehensive survey. Intell. Syst. Appl. 2023, 18, 200237. [Google Scholar] [CrossRef]
- Grishaeva, S.A.; Borzov, V.I. Information security risk management. In Proceedings of the 2020 International Conference Quality Management, Transport and Information Security, Information Technologies (IT&QM&IS), Yaroslavl, Russia, 7–11 September 2020; pp. 96–98. [Google Scholar] [CrossRef]
- Aleksandrova, S.V.; Vasiliev, V.A.; Aleksandrov, M.N. Problems of implementing information security management systems. In Proceedings of the 2020 International Conference Quality Management, Transport and Information Security, Information Technologies (IT&QM&IS), Yaroslavl, Russia, 7–11 September 2020; pp. 78–81. [Google Scholar] [CrossRef]
- Aleksandrov, M.N.; Vasiliev, V.A.; Aleksandrova, S.V. Implementation of the risk-based approach methodology in information security management systems. In Proceedings of the 2021 International Conference on Quality Management, Transport and Information Security, Information Technologies (IT&QM&IS), Yaroslavl, Russia, 6–10 September 2021; pp. 137–139. [Google Scholar] [CrossRef]
- Meng, L.; Zhang, L.; Yang, L.; Yang, W. A GPS-adaptive spoofing detection method for the small UAV cluster. Drones 2023, 7, 461. [Google Scholar] [CrossRef]
- Sun, Y.; Yu, M.; Wang, L.; Li, T.; Dong, M. A deep-learning-based GPS signal spoofing detection method for small UAVs. Drones 2023, 7, 370. [Google Scholar] [CrossRef]
- Sajid, J.; Hayawi, K.; Malik, A.W.; Anwar, Z.; Trabelsi, Z. A fog computing framework for intrusion detection of energy-based attacks on UAV-assisted smart farming. Appl. Sci. 2023, 13, 3857. [Google Scholar] [CrossRef]
- Zhou, S.; Wang, T.; Yang, L.; He, Z.; Cao, S. A self-supervised fault detection for UAV based on unbalanced flight data representation learning and wavelet analysis. Aerospace 2023, 10, 250. [Google Scholar] [CrossRef]
- Nayfeh, M.; Li, Y.; Shamaileh, K.A.; Devabhaktuni, V.; Kaabouch, N. Machine learning modeling of GPS features with applications to UAV location spoofing detection and classification. Comput. Secur. 2023, 126, 103085. [Google Scholar] [CrossRef]
- Değirmenci, E.; Kırca, Y.S.; Özçelik, İ.; Yazıcı, A. ROSIDS23: Network intrusion detection dataset for robot operating system. Data Brief 2023, 51, 109739. [Google Scholar] [CrossRef]
- Tlili, F.; Ayed, S.; Fourati, L.C. Exhaustive distributed intrusion detection system for UAVs attacks detection and security enforcement (E-DIDS). Comput. Secur. 2024, 142, 103878. [Google Scholar] [CrossRef]
- Wang, Y.; Liu, Q.; Mihankhah, E.; Lv, C.; Wang, D. Detection and isolation of sensor attacks for autonomous vehicles: Framework, algorithms, and validation. IEEE Trans. Intell. Transp. Syst. 2022, 23, 8247–8259. [Google Scholar] [CrossRef]
- Sun, D.; Zhang, L.; Jin, K.; Ling, J.; Zheng, X. An intrusion detection method based on hybrid machine learning and neural network in the industrial control field. Appl. Sci. 2023, 13, 10455. [Google Scholar] [CrossRef]
- Ren, Y.; Restivo, R.D.; Tan, W.; Wang, J.; Liu, Y.; Jiang, B.; Wang, H.; Song, H. Knowledge distillation-based GPS spoofing detection for small UAV. Future Internet 2023, 15, 389. [Google Scholar] [CrossRef]
- Spravil, J.; Hemminghaus, C.; von Rechenberg, M.; Padilla, E.; Bauer, J. Detecting maritime GPS spoofing attacks based on NMEA sentence integrity monitoring. J. Mar. Sci. Eng. 2023, 11, 928. [Google Scholar] [CrossRef]
- Wei, X.; Sun, C.; Lyu, M.; Song, Q.; Li, Y. ConstDet: Control semantics-based detection for GPS spoofing attacks on UAVs. Remote Sens. 2022, 14, 5587. [Google Scholar] [CrossRef]
- Basan, E.S.; Sushkin, N.A.; Babenko, L.K. Methodology for Detecting Attacks in the Context of Destructive Influences. In Proceedings of the 2023 IEEE XVI International Scientific and Technical Conference Actual Problems of Electronic Instrument Engineering (APEIE), Novosibirsk, Russia, 10–12 November 2023; pp. 1120–1124. [Google Scholar] [CrossRef]
- Su, J.; He, J.; Cheng, P.; Chen, J. A stealthy GPS spoofing strategy for manipulating the trajectory of an unmanned aerial vehicle. IFAC-PapersOnLine 2016, 49, 291–296. [Google Scholar] [CrossRef]
- Van Der Merwe, J.R.; Zubizarreta, X.; Lukčin, I.; Rügamer, A.; Felber, W. Classification of spoofing attack types. In Proceedings of the 2018 European Navigation Conference (ENC), Gothenburg, Sweden, 14–17 May 2018; pp. 91–99. [Google Scholar] [CrossRef]
- Psiaki, M.L.; Humphreys, T.E. GNSS spoofing and detection. Proc. IEEE 2016, 104, 1258–1270. [Google Scholar] [CrossRef]
- Syam, W. GNSS Spoofing: A Fatal Attack on GNSS System That Is Difficult to Detect. Available online: https://www.wasyresearch.com/gnss-spoofing-a-fatal-attack-on-gnss-system-that-is-difficult-to-detect/ (accessed on 14 June 2024).
- Rao, B.R.; Kunysz, W.; Fante, R.; McDonald, K. GPS/GNSS Antennas; Artech House: Norwood, MA, USA, 2012; p. 420. ISBN 978-1-59693-150-3. [Google Scholar]
- Fiorina, J.; Domenicali, D. The non validity of the gaussian approximation for multi-user interference in ultra wide band impulse radio: From an inconvenience to an advantage—Transactions papers. IEEE Trans. Wirel. Commun. 2009, 8, 5483–5489. [Google Scholar] [CrossRef]
- Glomsvoll, Ø. Jamming of GPS & GLONASS Signals—A Study of GPS Performance in Maritime Environments under Jamming Conditions, and Benefits of Applying GLONASS in Northern Areas under Such Conditions. Available online: https://fhs.brage.unit.no/fhs-xmlui/handle/11250/2389675 (accessed on 4 May 2024).
- Pu, H.; He, L.; Cheng, P.; Chen, J.; Sun, Y. CORMAND2: A deception attack against industrial robots. Engineering 2023, 32, 186–201. [Google Scholar] [CrossRef]
- Goh, C.C.; Kanagaraj, E.; Kamarudin, L.M.; Zakaria, A.; Nishizaki, H.; Mao, X. IV-AQMS: HTTP and MQTT protocol from a realistic testbed. In Proceedings of the 2019 IEEE International Conference on Sensors and Nanotechnology, Penang, Malaysia, 24–25 July 2019; pp. 1–4. [Google Scholar] [CrossRef]
- Pan, Y.; Wu, D.; Du, D.; Wang, H. Design and performance analysis of protocol conversion between 5G and Modbus TCP. In Proceedings of the 2023 42nd Chinese Control Conference (CCC), Tianjin, China, 24–26 July 2023; pp. 6262–6267. [Google Scholar] [CrossRef]
- Xu, H.; Zhang, H.; Sun, J.; Xu, W.; Wang, W.; Li, H.; Zhang, J. Experimental analysis of MAVLink protocol vulnerability on UAVs security experiment platform. In Proceedings of the 2021 3rd International Conference on Industrial Artificial Intelligence (IAI), Shenyang, China, 8–11 November 2021; pp. 1–6. [Google Scholar] [CrossRef]
- Huang, X.; Tian, Y.; He, Y.; Tong, E.; Niu, W.; Li, C.; Liu, J.; Chang, L. Exposing spoofing attack on flocking-based unmanned aerial vehicle cluster: A threat to swarm intelligence. Secur. Commun. Netw. 2020, 2020, 8889122. [Google Scholar] [CrossRef]
- Pärlin, K.; Alam, M.M.; Le Moullec, Y. Jamming of UAV remote control systems using software defined radio. In Proceedings of the 2018 International Conference on Military Communications and Information Systems (ICMCIS), Warsaw, Poland, 22–23 May 2018; pp. 1–6. [Google Scholar] [CrossRef]
- Xue, L.; Ma, B.; Liu, J.; Yu, Y. Jamming attack against remote state estimation over multiple wireless channels: A reinforcement learning based game theoretical approach. ISA Trans. 2022, 130, 1–9. [Google Scholar] [CrossRef] [PubMed]
- Yang, L.; Wen, C. Optimal jamming attack system against remote state estimation in wireless network control systems. IEEE Access 2021, 9, 51679–51688. [Google Scholar] [CrossRef]
- Jung, J.H.; Hong, M.Y.; Choi, H.; Yoon, J.W. An analysis of GPS spoofing attack and efficient approach to spoofing detection in PX4. IEEE Access 2024, 12, 46668–46677. [Google Scholar] [CrossRef]
- Basan, E.; Basan, A.; Nekrasov, A.; Fidge, C.; Sushkin, N.; Peskova, O. GPS-spoofing attack detection technology for UAVs based on Kullback–Leibler divergence. Drones 2022, 6, 8. [Google Scholar] [CrossRef]
- Basan, E.; Basan, A.; Nekrasov, A.; Fidge, C.; Gamec, J.; Gamcová, M. A self-diagnosis method for detecting UAV cyber attacks based on analysis of parameter changes. Sensors 2021, 21, 509. [Google Scholar] [CrossRef]
- Shafiee, E.; Mosavi, M.R.; Moazedi, M. Detection of spoofing attack using machine learning based on multi-layer neural network in single-frequency GPS receivers. J. Navig. 2018, 71, 169–188. [Google Scholar] [CrossRef]
- Saputro, J.A.; Hartadi, E.E.; Syahral, M. Implementation of GPS attacks on DJI Phantom 3 standard drone as a security vulnerability test. In Proceedings of the 2020 1st International Conference on Information Technology, Advanced Mechanical and Electrical Engineering (ICITAMEE), Yogyakarta, Indonesia, 13–14 October 2020; pp. 95–100. [Google Scholar] [CrossRef]
- Basan, E.; Basan, A.; Nekrasov, A.; Fidge, C.; Ishchukova, E.; Basyuk, A.; Lesnikov, A. Trusted operation of cyber-physical processes based on assessment of the system’s state and operating mode. Sensors 2023, 23, 1996. [Google Scholar] [CrossRef]
Research | Attacks | Attributes | Methods | Results |
---|---|---|---|---|
ROSIDS23: Network intrusion detection data set for a robot operating system [14] | DoS, unauthorized publish, unauthorized subscribe, and sub-scriber flood | 84 attributes to detect an attack, which are mainly related to packet parameters | To create the data set, the authors used the method of full-scale modeling in laboratory conditions | The data set only covers four types of attacks. The study focuses primarily on TCP/UDP and HTTP protocols, which are the default in ROSs |
Machine learning modeling of GPS features with applications to UAV location spoofing detection and classification [13] | Two spoofing attack types are investigated in this work: static and dynamic | 27 extracted features from the GPS module | ML-based approach for real-time detection and classification of GPS spoofing attacks | The resulting performance evaluation of these classifiers shows a detection rate (DR), misdetection rate (MDR), and false alarm rate FAR) better than 92%, 13%, and 4%, respectively, together with a sub-millisecond detection time |
Exhaustive distributed intrusion detection system for UAV attacks detection and security enforcement (E-DIDS) [15] | GPS spoofing attack, GPS jamming attack, MiTM attack, UAVCAN replay attack, UAVCAN flooding attack, injection attack, and DoS attack | 12 state components behavior standards | Distributed intrusion detection systems (DIDS) are a specialized subset of conventional IDSs designed for implementation in distributed environments | E-DIDS efficiently detects multiple attacks on different UAVs subsets with good global accuracy that reached 98.6% and low resource consumption. The authors worked only with ready-made data sets and did not test the work in real time |
Detection and isolation of sensor attacks for autonomous vehicles: Framework, algorithms, and validation [16] | GPS DoS attack, GPS FDI attack, GPS stealthy attack, and LiDAR replay attack | 13 experimental parameters | This module analyzes online measurements of GPS and LiDAR through three attack detectors, each of which combines an EKF-based pose estimator with a CUSUM discriminator | The proposed approach has a much higher alarm accuracy and a shorter detection time than the conventional approach in GPS stealthy attack scenarios. The attack identification still depends on the detector for each sensor |
An intrusion detection method based on hybrid machine learning and neural networks in industrial control [17] | DDoS, SQL injection, XSS attacks, Brute Force, BENIGN | The data set contains 78 columns and 1,048,575 rows | An ETM-TBD model based on hybrid machine learning and neural network models, a hyperparameter optimization method based on Bayesian optimization used to optimize the parameters of the four basic machine learners in the model | The detection accuracy rate of the data set is 97.24%, and the average F1 score is 0.9665. The approach cannot handle unknown network traffic attacks well. If they are system encounters an unknown type of attack, it is generally categorized as a known, but similar, attack type |
Knowledge distillation-based GPS spoofing detection for a small UAV [18] | GPS spoofing | 12 parameters | The approach is to obtain a lightweight detection model in the UAV system so that GPS spoofing attacks can be detected from a long distance. With long-short term memory (LSTM), a lightweight detection model on the ground control stations is proposed | Only one type of attack is detected, the attack is detected using the base station |
Detecting maritime GPS spoofing attacks based on NMEA sentence integrity monitoring [19] | GPS spoofing: replay attacker, the meaconing attacker, and the simulator attacker | 11 attributes | MAritime Nmea-based Anomaly detection (MANA), a novel low-cost framework for GPS spoofing detection. MANA monitors NMEA-0183 data and advantageously combines several software-based methods | MANA’s detection capabilities in many scenarios. Although the approach is sufficient for many scenarios, there is a limitation: all methods are weighted equally, requiring strict thresholds to avoid false positives |
ConstDet: Control semantics-based detection for GPS spoofing attacks on UAVs [20] | GPS spoofing | 12 flight data features | ConstDet, based on the control semantics using ML algorithms. The control semantics represent the principles of the UAV control process using flight data | The detection rate of ConstDet is 97.70% |
AMR Systems | Considered Units/Systems | Actuating Mechanisms |
---|---|---|
Remote control system | Control Unit (CU) (required) |
|
Data Transmission System (DTS) (required) |
| |
Flight Controller (FC) (optional) |
| |
Global Navigation Satellite System (GNSS) (optional) |
| |
Inertial Navigation System (INS) (required) |
| |
Computer Vision System (CVS) (optional) |
| |
Autonomous control system | Onboard computer (OC) (optional) |
|
Autopilot (AU) (required) |
| |
Global Navigation Satellite System (GNSS) (optional) |
| |
Inertial Navigation System (INS) (required) |
| |
Computer Vision System (CVS) (optional) |
|
Process | Description |
---|---|
Process 1.0. Launch the AMR | This process includes checking the functionality of all components. We do not detail this process here. |
Process 2.0. Fulfillment of the AMR’s target task | This “work process” is subdivided into several subprocesses. |
Process 2.1. Loading a target job for execution | At this stage, the operator issues a starting job to the AMR or a target function that the AMR performs. Here a data substitution attack can be especially significant since an attacker can change the AMR’s operation by replacing the operator’s message. For an AMR that performs a task remotely, attack vector will be relevant throughout Process 2.0. If the target function or task is issued remotely over the network, then vectors and are also relevant. The intensity of the impact of the attack depends on the level of the intruder. |
Process 2.2. Implementation of the target task | At this stage, the AMR is in autonomous or remote mode and performs the target task. |
Process 2.2.1. AMR terrain awareness during flight mission | At the same time, and most critical for an AMR which operates without operator communication, are attack vectors and . |
Process 2.2.2. Current information exchange with the operator | Despite the fact that an AMR can act completely autonomously, it may be necessary to transmit relevant information to the operator, who in turn can adjust the target task, so the attack vectors and are relevant. In the case of remote control, these attacks are critical for an AMR. In addition, if the attacker knows the command structure, then he can send his own fake commands without changing the real one. |
Process 2.2.3. Adjustment of the AMR target | This procedure can be performed by the AMR itself based on on-board calculations, or it can be performed by the operator even if the AMR operates autonomously. In this case, attack vectors , , and are relevant. In the case of autonomous correction, attacks of the type are relevant, since they can affect the task being corrected. |
Process 3. Completion of the target task | When the AMR achieves a goal or performs a target function, then certain further actions need to be taken. |
Process 3.1. Return to original state | The AMR, having completed its task, must return to its original position. For such a scenario, the most significant attack vectors are and as well as , , and denial-of-service attacks, since the AMR exchanges data with the operator. |
Process 3.2. Completion of the task to achieve the target function | In this scenario, the most dangerous attacks are physical access and impact attacks if the AMR is outside the controlled area, but these attacks are beyond the scope of the study. |
Process 3.3. Emergency completion of a task | This can be caused by natural factors, when there are objective preconditions (e.g., weather conditions), by critical AMR errors, or due to an attack. Thus, all attack vectors and weather conditions are relevant. |
Scenario | Type I Error | Type II Error | Detection Time, s | Probability of Detecting an Attack or Anomaly |
---|---|---|---|---|
Scenario 1 | 0 | 0.01 | 0.25 | 0.99 |
Scenario 2 | 0.03 | 0 | 0.25 | 0.97 |
Scenario 3 | 0.08 | 0 | 0.25 | 0.92 |
Scenario 4 | 0.1 | 0 | 0.25 | 0.9 |
Average value | 0.05 | 0.0025 | 0.25 | 0.95 |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2024 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Basan, E.; Basan, A.; Mushenko, A.; Nekrasov, A.; Fidge, C.; Lesnikov, A. Analysis of Attack Intensity on Autonomous Mobile Robots. Robotics 2024, 13, 101. https://doi.org/10.3390/robotics13070101
Basan E, Basan A, Mushenko A, Nekrasov A, Fidge C, Lesnikov A. Analysis of Attack Intensity on Autonomous Mobile Robots. Robotics. 2024; 13(7):101. https://doi.org/10.3390/robotics13070101
Chicago/Turabian StyleBasan, Elena, Alexander Basan, Alexey Mushenko, Alexey Nekrasov, Colin Fidge, and Alexander Lesnikov. 2024. "Analysis of Attack Intensity on Autonomous Mobile Robots" Robotics 13, no. 7: 101. https://doi.org/10.3390/robotics13070101
APA StyleBasan, E., Basan, A., Mushenko, A., Nekrasov, A., Fidge, C., & Lesnikov, A. (2024). Analysis of Attack Intensity on Autonomous Mobile Robots. Robotics, 13(7), 101. https://doi.org/10.3390/robotics13070101