Novel denial-of-service attacks against cloud-based multi-robot systems

Abstract The development of robotics technology is accelerated by the strong support from cloud computing. Massive computation resources and services from the cloud make modern multi-robot systems more efficient and powerful. However, the introduction of cloud servers to multi-robot systems can also incur potential Denial-of-Service (DoS) threats, where an adversary can utilize the shared cloud resources to degrade or bring down the robot systems. In this paper, we conduct a comprehensive study about this security issue. By analyzing different attack vectors in cloud-robotic platforms, we propose three new DoS attacks, which manipulate the network resources, micro-architecture resources, and function parameters respectively. We conduct extensive evaluations and case studies to demonstrate the feasibility and severity of our techniques. We alert the robotics community to these catastrophic attacks on the safety and performance of cloud-robotic systems, and encourage building better defenses for higher reliability, in addition to automation and intelligence.

[1]  Dirk Grunwald,et al.  Microarchitectural denial of service: insuring microarchitectural fairness , 2002, 35th Annual IEEE/ACM International Symposium on Microarchitecture, 2002. (MICRO-35). Proceedings..

[2]  Ruby B. Lee,et al.  DoS Attacks on Your Memory in Cloud , 2017, AsiaCCS.

[3]  H. Howie Huang,et al.  Swiper: Exploiting Virtual Machine Vulnerability in Third-Party Clouds with Competition for I/O Resources , 2015, IEEE Transactions on Parallel and Distributed Systems.

[4]  Ivan Martinovic,et al.  Losing the Car Keys: Wireless PHY-Layer Insecurity in EV Charging , 2019, USENIX Security Symposium.

[5]  Raffaello D'Andrea,et al.  Rapyuta: The RoboEarth Cloud Engine , 2013, 2013 IEEE International Conference on Robotics and Automation.

[6]  Meikang Qiu,et al.  Jamming ACK Attack to Wireless Networks and a Mitigation Approach , 2008, IEEE GLOBECOM 2008 - 2008 IEEE Global Telecommunications Conference.

[7]  Xiaojun Wu,et al.  DAvinCi: A cloud computing framework for service robots , 2010, 2010 IEEE International Conference on Robotics and Automation.

[8]  Christina Delimitrou,et al.  Paragon: QoS-aware scheduling for heterogeneous datacenters , 2013, ASPLOS '13.

[9]  Ivan Martinovic,et al.  Wi-Fly?: Detecting Privacy Invasion Attacks by Consumer Drones , 2017, NDSS.

[10]  Onur Mutlu,et al.  Memory Performance Attacks: Denial of Memory Service in Multi-Core Systems , 2007, USENIX Security Symposium.

[11]  Warnakulasuriya Anil Chandana Fernando,et al.  Prediction of DoS attacks in external communication for self-driving vehicles using a fuzzy petri net model , 2016, 2016 IEEE International Conference on Consumer Electronics (ICCE).

[12]  Agostino Cortesi,et al.  Network Reconnaissance and Vulnerability Excavation of Secure DDS Systems , 2019, 2019 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW).

[13]  Dieter Fox,et al.  KLD-Sampling: Adaptive Particle Filters , 2001, NIPS.

[14]  Morgan Quigley,et al.  ROS: an open-source Robot Operating System , 2009, ICRA 2009.

[15]  David Mascareñas,et al.  A preliminary cyber-physical security assessment of the Robot Operating System (ROS) , 2013, Defense, Security, and Sensing.

[16]  Lingjia Tang,et al.  SMiTe: Precise QoS Prediction on Real-System SMT Processors to Improve Utilization in Warehouse Scale Computers , 2014, 2014 47th Annual IEEE/ACM International Symposium on Microarchitecture.

[17]  Guevara Noubir,et al.  Wireless Attacks on Aircraft Instrument Landing Systems , 2019, USENIX Security Symposium.

[18]  Guevara Noubir,et al.  Wireless attacks on aircraft landing systems: demo , 2019, WiSec.

[19]  Benjamin Farley,et al.  Resource-freeing attacks: improve your cloud performance (at your neighbor's expense) , 2012, CCS.

[20]  Huan Liu,et al.  A new form of DOS attack in a cloud and its avoidance mechanism , 2010, CCSW '10.

[21]  Pieter Abbeel,et al.  Image Object Label 3 D CAD Model Candidate Grasps Google Object Recognition Engine Google Cloud Storage Select Feasible Grasp with Highest Success Probability Pose EstimationCamera Robots Cloud 3 D Sensor , 2014 .

[22]  Antonio Ken Iannillo,et al.  ROS-Immunity: Integrated Approach for the Security of ROS-enabled Robotic Systems , 2020 .

[23]  Srdjan Capkun,et al.  On the requirements for successful GPS spoofing attacks , 2011, CCS '11.

[24]  Peter Schartner,et al.  Secure communication for the robot operating system , 2017, 2017 Annual IEEE International Systems Conference (SysCon).

[25]  Rodrigo Sanches Miani,et al.  Evaluation of DoS attacks on Commercial Wi-Fi-Based UAVs , 2019, Int. J. Commun. Networks Inf. Secur..

[26]  Harkeerat Singh Bedi,et al.  Securing cloud infrastructure against co-resident DoS attacks using game theoretic defense mechanisms , 2012, ICACCI '12.

[27]  Patrick P. C. Lee,et al.  An experimental study of cascading performance interference in a virtualized environment , 2013, PERV.

[28]  Bin Zhao,et al.  Understanding the effects of hypervisor I/O scheduling for virtual machine performance interference , 2012, 4th IEEE International Conference on Cloud Computing Technology and Science Proceedings.

[29]  Oussama Khatib,et al.  Springer Handbook of Robotics , 2007, Springer Handbooks.

[30]  Vitor Guizilini,et al.  The Impact of DoS Attacks on the AR.Drone 2.0 , 2016, 2016 XIII Latin American Robotics Symposium and IV Brazilian Robotics Symposium (LARS/SBR).

[31]  Vijay Kumar,et al.  High speed navigation for quadrotors with limited onboard sensing , 2016, 2016 IEEE International Conference on Robotics and Automation (ICRA).

[32]  Yongdae Kim,et al.  Rocking Drones with Intentional Sound Noise on Gyroscopic Sensors , 2015, USENIX Security Symposium.

[33]  Peter Schartner,et al.  Security for the Robot Operating System , 2017, Robotics Auton. Syst..

[34]  Pierluigi Nuzzo,et al.  DoS-Resilient Multi-Robot Temporal Logic Motion Planning , 2019, 2019 International Conference on Robotics and Automation (ICRA).

[35]  Stefan Nürnberger,et al.  I Know Where You Parked Last Summer : Automated Reverse Engineering and Privacy Analysis of Modern Cars , 2020, 2020 IEEE Symposium on Security and Privacy (SP).

[36]  Lee H. Keel,et al.  Model-based resilient control for a multi-agent system against Denial of Service attacks , 2016, 2016 World Automation Congress (WAC).

[37]  Ruby B. Lee,et al.  Host-Based Dos Attacks and Defense in the Cloud , 2017, HASP@ISCA.

[38]  Meikang Qiu,et al.  Who Moved My Data? Privacy Protection in Smartphones , 2017, IEEE Communications Magazine.

[39]  Athanasios V. Vasilakos,et al.  Cloud robotics: Current status and open issues , 2016, IEEE Access.

[40]  Micael S. Couceiro,et al.  A novel solution for securing robot communications based on the MQTT protocol and ROS , 2019, 2019 IEEE/SICE International Symposium on System Integration (SII).

[41]  Peter Desnoyers,et al.  Scheduler Vulnerabilities and Coordinated Attacks in Cloud Computing , 2011, 2011 IEEE 10th International Symposium on Network Computing and Applications.

[42]  Lee H. Keel,et al.  Secured formation control for multi-agent systems under DoS attacks , 2016, 2016 IEEE Symposium on Technologies for Homeland Security (HST).

[43]  Dan Zhang,et al.  Distributed Secure Platoon Control of Connected Vehicles Subject to DoS Attack: Theory and Application , 2020, IEEE Transactions on Systems, Man, and Cybernetics: Systems.

[44]  Yongdae Kim,et al.  Illusion and Dazzle: Adversarial Optical Channel Exploits Against Lidars for Automotive Applications , 2017, CHES.

[45]  Ruby B. Lee,et al.  Machine Learning Based DDoS Attack Detection from Source Side in Cloud , 2017, 2017 IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud).

[46]  Meikang Qiu,et al.  Enabling Cloud Computing in Emergency Management Systems , 2014, IEEE Cloud Computing.

[47]  Peter Schartner,et al.  Application-level security for ROS-based applications , 2016, 2016 IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS).