Pritam Dash, Mehdi Karimibuiki, and Karthik Pattabiraman, To appear in the ACM Journal on Digital Threats: Research and Practice (DTRAP). Acceptance Date: August 2020. [ PDF ]
Expanded version of our ACSAC’19 paper.
Abstract:Robotic vehicles (RV) are increasing in adoption in many industrial sectors. RVs use auto-pilot software for perception and navigation and rely on sensors and actuators for operating autonomously in the physical world. Control algorithms have been used in RVs to minimize the effects of noisy sensors, prevent faulty actuator output, and recently, in detecting attacks against RVs. In this paper, we show the vulnerabilities in control-based intrusion detection techniques and propose three kinds of stealthy attacks that evade detection and disrupt RV missions. We also propose automated algorithms for performing the attacks without requiring the attacker to expend significant effort or know specific details of the RV, making the attacks applicable to a wide range of RVs. We demonstrate the attacks on eight RV systems including three real vehicles in the presence of an Intrusion Detection System (IDS) using control-based techniques to monitor RV’s runtime behavior and detect attacks. We find that the control-based techniques are incapable of detecting our stealthy attacks, and that the attacks can have significant adverse impact on the RV’s mission (e.g., deviate from its target significantly or cause the RV to crash).
email: firstname.lastname@example.orgPhone: 604-827-4245 (please email first)
Address: Rm. 4048, Fred Kaiser Building, 2332 Main Mall, Vancouver, BC V6T1Z4.
- An Empirical Study of the Impact of Single and Multiple Bit-Flip Errors in Programs
- New Wine in an Old Bottle: N-Version Programming for Machine Learning Components
- Stealthy Attacks Against Robotic Vehicles Protected by Control-based Intrusion Detection Techniques
- How Far Have We Come in Detecting Anomalies in Distributed Systems? An Empirical Study with a Statement-level Fault Injection Method
- TensorFI: A Flexible Fault Injection Framework for TensorFlow Applications
- GPU-TRIDENT: Efficient Modeling of Error Propagation in GPU Programs
- How Effective are Smart Contract Static Analysis Tools ? Evaluating Smart Contract Static Analysis Tools Using Bug Injection
- TraceSanitizer – Eliminating the Effects of Non-determinism on Error Propagation Analysis
- Improving the Accuracy of IR-Level Fault Injection
- Out of Control: Stealthy Attacks on Robotic Vehicles Protected by Control-Based Techniques