Biblio

In this paper, we formulate a combinatorial optimization problem that aims to maximize the accuracy of a lower bound estimate of the probability of security of a multi-robot system (MRS), while minimizing the computational complexity involved in its calculation. Security of an MRS is defined using the well-known control theoretic notion of left invertiblility, and the probability of security of an MRS can be calculated using binary decision diagrams (BDDs). The complexity of a BDD depends on the number of disjoint path sets considered during its construction. Taking into account all possible disjoint paths results in an exact probability of security, however, selecting an optimal subset of disjoint paths leads to a good estimate of the probability while significantly reducing computation. To deal with the dynamic nature of MRSs, we introduce two methods: (1) multi-point optimization, a technique that requires some a priori knowledge of the topology of the MRS over time, and (2) online optimization, a technique that does not require a priori knowledge, but must construct BDDs while the MRS is operating. Finally, our approach is validated on an MRS performing a rendezvous objective while exchanging information according to a noisy state agreement process.

To bring a uniform development platform which seamlessly combines hardware components and software architecture of various developers across the globe and reduce the complexity in producing robots which help people in their daily ergonomics. ROS has come out to be a game changer. It is disappointing to see the lack of penetration of technology in different verticals which involve protection, defense and security. By leveraging the power of ROS in the field of robotic automation and computer vision, this research will pave path for identification of suspicious activity with autonomously moving bots which run on ROS. The research paper proposes and validates a flow where ROS and computer vision algorithms like YOLO can fall in sync with each other to provide smarter and accurate methods for indoor and limited outdoor patrolling. Identification of age,`gender, weapons and other elements which can disturb public harmony will be an integral part of the research and development process. The simulation and testing reflects the efficiency and speed of the designed software architecture.

With the growing use of the Robot Operating System (ROS), it can be argued that it has become a de-facto framework for developing robotic solutions. ROS is used to build robotic applications for industrial automation, home automation, medical and even automatic robotic surveillance. However, whenever ROS is utilized, security is one of the main concerns that needs to be addressed in order to ensure a secure network communication of robots. Cyber-attacks may hinder evolution and adaptation of most ROS-enabled robotic systems for real-world use over the Internet. Thus, it is important to address and prevent security threats associated with the use of ROS-enabled applications. In this paper, we propose a novel approach for securing ROS-enabled robotic system by integrating ROS with the Message Queuing Telemetry Transport (MQTT) protocol. We manage to secure robots' network communications by providing authentication and data encryption, therefore preventing man-in-the-middle and hijacking attacks. We also perform real-world experiments to assess how the performance of a ROS-enabled robotic surveillance system is affected by the proposed approach.

The Robot Operating System (ROS) are being deployed for multiple life critical activities such as self-driving cars, drones, and industries. However, the security has been persistently neglected, especially the image flows incoming from camera robots. In this paper, we perform a structured security assessment of robot cameras using ROS. We points out a relevant number of security flaws that can be used to take over the flows incoming from the robot cameras. Furthermore, we propose an intrusion detection system to detect abnormal flows. Our defense approach is based on images comparisons and unsupervised anomaly detection method. We experiment our approach on robot cameras embedded on a self-driving car.

Robotic Operating System(ROS) security research is currently in a preliminary state, with limited research in tools or models. Considering the trend of digitization of robotic systems, this lack of foundational knowledge increases the potential threat posed by security vulnerabilities in ROS. In this article, we present a new tool to assist further security research in ROS, ROSploit. ROSploit is a modular two-pronged offensive tool covering both reconnaissance and exploitation of ROS systems, designed to assist researchers in testing exploits for ROS.

The purpose of this work is to analyze the security model of a robotized system, to analyze the approaches to assessing the security of this system, and to develop our own framework. The solution to this problem involves the use of developed frameworks. The analysis will be conducted on a robotic system of robots. The prefix structures assume that the robotic system is divided into levels, and after that it is necessary to directly protect each level. Each level has its own characteristics and drawbacks that must be considered when developing a security system for a robotic system.

The usage of robot is rapidly growth in our society. The communication link and applications connect the robots to their clients or users. This communication link and applications are normally connected through some kind of network connections. This network system is amenable of being attached and vulnerable to the security threats. It is a critical part for ensuring security and privacy for robotic platforms. The paper, also discusses about several cyber-physical security threats that are only for robotic platforms. The peer to peer applications use in the robotic platforms for threats target integrity, availability and confidential security purposes. A Remote Administration Tool (RAT) was introduced for specific security attacks. An impact oriented process was performed for analyzing the assessment outcomes of the attacks. Tests and experiments of attacks were performed in simulation environment which was based on Gazbo Turtlebot simulator and physically on the robot. A software tool was used for simulating, debugging and experimenting on ROS platform. Integrity attacks performed for modifying commands and manipulated the robot behavior. Availability attacks were affected for Denial-of-Service (DoS) and the robot was not listened to Turtlebot commands. Integrity and availability attacks resulted sensitive information on the robot.

The Robot Operating System (ROS) is a widely adopted standard robotic middleware. However, its preliminary design is devoid of any network security features. Military grade unmanned systems must be guarded against network threats. ROS 2 is built upon the Data Distribution Service (DDS) standard and is designed to provide solutions to identified ROS 1 security vulnerabilities by incorporating authentication, encryption, and process profile features, which rely on public key infrastructure. The Department of Defense is looking to use ROS 2 for its military-centric robotics platform. This paper seeks to demonstrate that ROS 2 and its DDS security architecture can serve as a functional platform for use in military grade unmanned systems, particularly in unmanned Naval aerial swarms. In this paper, we focus on the viability of ROS 2 to safeguard communications between swarms and a ground control station (GCS). We test ROS 2's ability to mitigate and withstand certain cyber threats, specifically that of rogue nodes injecting unauthorized data and accessing services that will disable parts of the UAV swarm. We use the Gazebo robotics simulator to target individual UAVs to ascertain the effectiveness of our attack vectors under specific conditions. We demonstrate the effectiveness of ROS 2 in mitigating the chosen attack vectors but observed a measurable operational delay within our simulations.

Autonomous technologies have been rapidly replacing the traditional manual intervention nearly in every aspect of our life. These technologies essentially require robots to carry out their automated processes. Nowadays, with the emergence of industry 4.0, robots are increasingly being remote-controlled via client-server connection, which creates uncommon vulnerabilities that allow attackers to target those robots. The development of an open source operational environment for robots, known as Robot Operating System (ROS) has come as a response to these demands. Security and privacy are crucial for the use of ROS as the chance of a compromise may lead to devastating ramifications. In this paper, an overview of ROS and the attacks targeting it are detailed and discussed. Followed by a review of the ROS security and digital investigation studies.

Robots operating alongside humans in field environments have the potential to greatly increase the situational awareness of their human teammates. A significant challenge, however, is the efficient conveyance of what the robot perceives to the human in order to achieve improved situational awareness. We believe augmented reality (AR), which allows a human to simultaneously perceive the real world and digital information situated virtually in the real world, has the potential to address this issue. Motivated by the emerging prevalence of practical human-wearable AR devices, we present a system that enables a robot to perform cooperative search with a human teammate, where the robot can both share search results and assist the human teammate in navigation to the search target. We demonstrate this ability in a search task in an uninstrumented environment where the robot identifies and localizes targets and provides navigation direction via AR to bring the human to the correct target.

This paper explores an innovative approach to the telerobotics reasoning architecture and networking, which offer a reliable and adaptable operational process for complex tasks. There are many operational challenges in the remote control for manufacturing that can be introduced by the network communications and Iatency. A new protocol, named compact Reliable UDP (compact-RUDP), has been developed to combine both data channelling and media streaming for robot teleoperation. The original approach ensures connection reliability by implementing a TCP-like sliding window with UDP packets. The protocol provides multiple features including data security, link status monitoring, bandwidth control, asynchronous file transfer and prioritizing transfer of data packets. Experiments were conducted on a 5DOF robotic arm where a cutting tool was mounted at its distal end. A light sensor was used to guide the robot movements, and a camera device to provide a video stream of the operation. The data communication reliability is evaluated using Round-Trip Time (RTT), and advanced robot path planning for distributed decision making between endpoints. The results show 88% correlation between the remotely and locally operated robots. The file transfers and video streaming were performed with no data loss or corruption on the control commands and data feedback packets.

Cyber-physical systems contribute to building new infrastructure in the modern world. These systems help realize missions reducing costs and risks. The seas being a harsh and dangerous environment are a perfect application of them. Unmanned Surface vehicles (USV) allow realizing normal and new tasks reducing risk and cost i.e. surveillance, water cleaning, environmental monitoring or search and rescue operations. Also, as they are unmanned vehicles they can extend missions to unpleasing and risky weather conditions. The novelty of these systems makes that new command and control platforms need to be developed. In this paper, we describe an implemented architecture with 5 separated levels. This structure increases security by defining roles and by limiting information exchanges.

This paper revealed the development and implementation of the wearable sensors based on transient responses of textile chemical sensors for odorant detection system as wearable sensor of humanoid robot. The textile chemical sensors consist of nine polymer/CNTs nano-composite gas sensors which can be divided into three different prototypes of the wearable humanoid robot; (i) human axillary odor monitoring, (ii) human foot odor tracking, and (iii) wearable personal gas leakage detection. These prototypes can be integrated into high-performance wearable wellness platform such as smart clothes, smart shoes and wearable pocket toxic-gas detector. While operating mode has been designed to use ZigBee wireless communication technology for data acquisition and monitoring system. Wearable humanoid robot offers several platforms that can be applied to investigate the role of individual scent produced by different parts of the human body such as axillary odor and foot odor, which have potential health effects from abnormal or offensive body odor. Moreover, wearable personal safety and security component in robot is also effective for detecting NH3 leakage in environment. Preliminary results with nine textile chemical sensors for odor biomarker and NH3 detection demonstrates the feasibility of using the wearable humanoid robot to distinguish unpleasant odor released when you're physically active. It also showed an excellent performance to detect a hazardous gas like ammonia (NH3) with sensitivity as low as 5 ppm.

In recent years, humanoid robots have become quite ubiquitous finding wide applicability in many different fields, spanning from education to entertainment and assistance. They can be considered as more complex cyber-physical systems (CPS) and, as such, they are exposed to the same vulnerabilities. This can be very dangerous for people acting that close with these robots, since attackers by exploiting their vulnerabilities, can not only violate people's privacy, but, more importantly, they can command the robot behavior causing them bodily harm, thus leading to devastating consequences. In this paper, we propose a solution not yet investigated in this field, which relies on the use of secure enclaves, which in our opinion could represent a valuable solution for coping with most of the possible attacks, while suggesting developers to adopt such a precaution during the robot design phase.

In this paper, the design as well as complete implementation of a robot which can be autonomously controlled for surveillance. It can be seamlessly integrated into an existing security system already present. The robot's inherent ability allows it to map the interiors of an unexplored building and steer autonomously using its self-ruling and pilot feature. It uses a 2D LIDAR to map its environment in real-time and HD camera records suspicious activity. It also features an in-built display with touch based commands and voice recognition that enables people to interact with the robot during any situation.

A Robot Operating System (ROS) plays a significant role in organizing industrial robots for manufacturing. With an increasing number of the robots, the operators integrate a ROS with networked communication to share the data. This cyber-physical nature exposes the ROS to cyber attacks. To this end, this paper proposes a cross-layer approach to achieve secure and resilient control of a ROS. In the physical layer, due to the delay caused by the security mechanism, we design a time-delay controller for the ROS agent. In the cyber layer, we define cyber states and use Markov Decision Process to evaluate the tradeoffs between physical and security performance. Due to the uncertainty of the cyber state, we extend the MDP to a Partially Observed Markov Decision Process (POMDP). We propose a threshold solution based on our theoretical results. Finally, we present numerical examples to evaluate the performance of the secure and resilient mechanism.

Robots are becoming more and more prevalent in many real world scenarios. Housekeeping, medical aid, human assistance are a few common implementations of robots. Military and Security are also major areas where robotics is being researched and implemented. Robots with the purpose of surveillance in war zones and terrorist scenarios need specific functionalities to perform their tasks with precision and efficiency. In this paper, we present a model of Military Surveillance Robot developed using Robot Operating System. The map generation based on Kinect sensor is presented and some test case scenarios are discussed with results.

Malicious domain names are consistently changing. It is challenging to keep blacklists of malicious domain names up-to-date because of the time lag between its creation and detection. Even if a website is clean itself, it does not necessarily mean that it won't be used as a pivot point to redirect users to malicious destinations. To address this issue, this paper demonstrates how to use linkage analysis and open-source threat intelligence to visualize the relationship of malicious domain names whilst verifying their categories, i.e., drive-by download, unwanted software etc. Featured by a graph-based model that could present the inter-connectivity of malicious domain names in a dynamic fashion, the proposed approach proved to be helpful for revealing the group patterns of different kinds of malicious domain names. When applied to analyze a blacklisted set of URLs in a real enterprise network, it showed better effectiveness than traditional methods and yielded a clearer view of the common patterns in the data.

{Static characteristic extraction method Control flow-based features proposed by Ding has the ability to detect malicious code with higher accuracy than traditional Text-based methods. However, this method resolved NP-hard problem in a graph, therefore it is not feasible with the large-size and high-complexity programs. So, we propose the C500-CFG algorithm in Control flow-based features based on the idea of dynamic programming, solving Ding's NP-hard problem in O(N2) time complexity, where N is the number of basic blocks in decom-piled executable codes. Our algorithm is more efficient and more outstanding in detecting malware than Ding's algorithm: fast processing time, allowing processing large files, using less memory and extracting more feature information. Applying our algorithms with IoT data sets gives outstanding results on 2 measures: Accuracy = 99.34%

We classify .NET files as either benign or malicious by examining directed graphs derived from the set of functions comprising the given file. Each graph is viewed probabilistically as a Markov chain where each node represents a code block of the corresponding function, and by computing the PageRank vector (Perron vector with transport), a probability measure can be defined over the nodes of the given graph. Each graph is vectorized by computing Lebesgue antiderivatives of hand-engineered functions defined on the vertex set of the given graph against the PageRank measure. Files are subsequently vectorized by aggregating the set of vectors corresponding to the set of graphs resulting from decompiling the given file. The result is a fast, intuitive, and easy-to-compute glass-box vectorization scheme, which can be leveraged for training a standalone classifier or to augment an existing feature space. We refer to this vectorization technique as PageRank Measure Integration Vectorization (PMIV). We demonstrate the efficacy of PMIV by training a vanilla random forest on 2.5 million samples of decompiled. NET, evenly split between benign and malicious, from our in-house corpus and compare this model to a baseline model which leverages a text-only feature space. The median time needed for decompilation and scoring was 24ms. 11Code available at https://github.com/gtownrocks/grafuple.

The limited information on the cyberattacks available in the unclassified regime, hardens standardizing the analysis. We address the problem of modeling and analyzing cyberattacks using a multimodal graph approach. We formulate the stages, actors, and outcomes of cyberattacks as a multimodal graph. Multimodal graph nodes include cyberattack victims, adversaries, autonomous systems, and the observed cyber events. In multimodal graphs, single-modality graphs are interconnected according to their interaction. We apply community and centrality analysis on the graph to obtain in-depth insights into the attack. In community analysis, we cluster those nodes that exhibit “strong” inter-modal ties. We further use centrality to rank the nodes according to their importance. Classifying nodes according to centrality provides the progression of the attack from the attacker to the targeted nodes. We apply our methods to two popular case studies, namely GhostNet and Putter Panda and demonstrate a clear distinction in the attack stages.

In cloud computing environments with many virtual machines, containers, and other systems, an epidemic of malware can be crippling and highly threatening to business processes. In this vision paper, we introduce a hierarchical approach to performing malware detection and analysis using several recent advances in machine learning on graphs, hypergraphs, and natural language. We analyze individual systems and their logs, inspecting and understanding their behavior with attentional sequence models. Given a feature representation of each system's logs using this procedure, we construct an attributed network of the cloud with systems and other components as vertices and propose an analysis of malware with inductive graph and hypergraph learning models. With this foundation, we consider the multicloud case, in which multiple clouds with differing privacy requirements cooperate against the spread of malware, proposing the use of federated learning to perform inference and training while preserving privacy. Finally, we discuss several open problems that remain in defending cloud computing environments against malware related to designing robust ecosystems, identifying cloud-specific optimization problems for response strategy, action spaces for malware containment and eradication, and developing priors and transfer learning tasks for machine learning models in this area.

The rapid growth of Android malware apps poses a great security threat to users thus it is very important and urgent to detect Android malware effectively. What's more, the increasing unknown malware and evasion technique also call for novel detection method. In this paper, we focus on API feature and develop a novel method to detect Android malware. First, we propose a novel selection method for API feature related with the malware class. However, such API also has a legitimate use in benign app thus causing FP problem (misclassify benign as malware). Second, we further explore structure relationships between these APIs and map to a matrix interpreted as the hand-refined API-based feature graph. Third, a CNN-based classifier is developed for the API-based feature graph classification. Evaluations of a real-world dataset containing 3,697 malware apps and 3,312 benign apps demonstrate that selected API feature is effective for Android malware classification, just top 20 APIs can achieve high F1 of 94.3% under Random Forest classifier. When the available API features are few, classification performance including FPR indicator can achieve effective improvement effectively by complementing our further work.

With the rapid development of the mobile Internet, Android has been the most popular mobile operating system. Due to the open nature of Android, c countless malicious applications are hidden in a large number of benign applications, which pose great threats to users. Most previous malware detection approaches mainly rely on features such as permissions, API calls, and opcode sequences. However, these approaches fail to capture structural semantics of applications. In this paper, we propose AMDroid that leverages function call graphs (FCGs) representing the behaviors of applications and applies graph kernels to automatically learn the structural semantics of applications from FCGs. We evaluate AMDroid on the Genome Project, and the experimental results show that AMDroid is effective to detect Android malware with 97.49% detection accuracy.

IoT malware detection using control flow graph (CFG)-based features and deep learning networks are widely explored. The main goal of this study is to investigate the robustness of such models against adversarial learning. We designed two approaches to craft adversarial IoT software: off-the-shelf methods and Graph Embedding and Augmentation (GEA) method. In the off-the-shelf adversarial learning attack methods, we examine eight different adversarial learning methods to force the model to misclassification. The GEA approach aims to preserve the functionality and practicality of the generated adversarial sample through a careful embedding of a benign sample to a malicious one. Intensive experiments are conducted to evaluate the performance of the proposed method, showing that off-the-shelf adversarial attack methods are able to achieve a misclassification rate of 100%. In addition, we observed that the GEA approach is able to misclassify all IoT malware samples as benign. The findings of this work highlight the essential need for more robust detection tools against adversarial learning, including features that are not easy to manipulate, unlike CFG-based features. The implications of the study are quite broad, since the approach challenged in this work is widely used for other applications using graphs.