Abstract
There are many various data-oriented attacks on robotic vehicles (RVs) that change the inputs of an RV control program. While much research has been dedicated to detecting the attacks, the recovery mechanism has received relatively less attention. Without recovery after detection, an RV cannot continue with its assigned missions. Unfortunately, the existing recovery mechanisms have limitations that make it difficult to deploy these in real RVs, such that they require additional hardware/software or can only recover from the limited types of data-oriented attacks. To overcome these limitations, we propose a framework called SCVMON that detects and helps RVs recover from various data-oriented attacks that generate inappropriate control commands. Based on the observation that data-oriented attacks inevitably change the values of some variables in RV control programs, SCVMON systematically identifies the safety-critical variables (SCVs) that can affect the safety of RVs. For efficient recovery, we extract from SCVs a set of monitored safety-critical variables (mSCVs) that can reflect all input changes, and monitor them to detect and recover from various data-oriented attacks. SCVMON does not depend on the physical nature of a specific sensor or hardware, which is a significant benefit, and it can be applied through a simple software update. Our evaluation shows that SCVMON can quickly detect and recover from 20 types of dataoriented attacks. Also, SCVMON incurs only 0.3% storage overhead and up to 5.1% runtime overhead, proving that it is suitable for RVs.
Original language | English |
---|---|
Title of host publication | Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2023 |
Publisher | Association for Computing Machinery |
Pages | 547-563 |
Number of pages | 17 |
ISBN (Electronic) | 9798400707650 |
DOIs | |
Publication status | Published - 2023 Oct 16 |
Event | 26th International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2023 - Hong Kong, China Duration: 2023 Oct 16 → 2023 Oct 18 |
Publication series
Name | ACM International Conference Proceeding Series |
---|
Conference
Conference | 26th International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2023 |
---|---|
Country/Territory | China |
City | Hong Kong |
Period | 23/10/16 → 23/10/18 |
Bibliographical note
Publisher Copyright:© 2023 Copyright held by the owner/author(s).
Keywords
- Attack detection and recovery
- CPS security
- Dataoriented attack
- Robotic vehicle
- Safety-critical variables
ASJC Scopus subject areas
- Human-Computer Interaction
- Computer Networks and Communications
- Computer Vision and Pattern Recognition
- Software