Stealthy Attacks Against Robotic Vehicles Protected by Control-based Intrusion Detection Techniques

Pritam Dash, Mehdi Karimibuiki, and Karthik Pattabiraman, ACM Journal on Digital Threats: Research and Practice (DTRAP). Acceptance Date: August 2020. [ PDF ]

Expanded version of our ACSAC’19 paper.
Abstract:Robotic vehicles (RV) are increasing in adoption in many industrial sectors. RVs use auto-pilot software for perception and navigation and rely on sensors and actuators for operating autonomously in the physical world. Control algorithms have been used in RVs to minimize the effects of noisy sensors, prevent faulty actuator output, and recently, in detecting attacks against RVs. In this paper, we show the vulnerabilities in control-based intrusion detection techniques and propose three kinds of stealthy attacks that evade detection and disrupt RV missions. We also propose automated algorithms for performing the attacks without requiring the attacker to expend significant effort or know specific details of the RV, making the attacks applicable to a wide range of RVs. We demonstrate the attacks on eight RV systems including three real vehicles in the presence of an Intrusion Detection System (IDS) using control-based techniques to monitor RV’s runtime behavior and detect attacks. We find that the control-based techniques are incapable of detecting our stealthy attacks, and that the attacks can have significant adverse impact on the RV’s mission (e.g., deviate from its target significantly or cause the RV to crash).