SCVMON: Data-oriented attack recovery for RVs based on safety-critical variable monitoring

Sangbin Park, Youngjoon Kim, Dong Hoon Lee

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    2 Citations (Scopus)

    Abstract

    There are many various data-oriented attacks on robotic vehicles (RVs) that change the inputs of an RV control program. While much research has been dedicated to detecting the attacks, the recovery mechanism has received relatively less attention. Without recovery after detection, an RV cannot continue with its assigned missions. Unfortunately, the existing recovery mechanisms have limitations that make it difficult to deploy these in real RVs, such that they require additional hardware/software or can only recover from the limited types of data-oriented attacks. To overcome these limitations, we propose a framework called SCVMON that detects and helps RVs recover from various data-oriented attacks that generate inappropriate control commands. Based on the observation that data-oriented attacks inevitably change the values of some variables in RV control programs, SCVMON systematically identifies the safety-critical variables (SCVs) that can affect the safety of RVs. For efficient recovery, we extract from SCVs a set of monitored safety-critical variables (mSCVs) that can reflect all input changes, and monitor them to detect and recover from various data-oriented attacks. SCVMON does not depend on the physical nature of a specific sensor or hardware, which is a significant benefit, and it can be applied through a simple software update. Our evaluation shows that SCVMON can quickly detect and recover from 20 types of dataoriented attacks. Also, SCVMON incurs only 0.3% storage overhead and up to 5.1% runtime overhead, proving that it is suitable for RVs.

    Original languageEnglish
    Title of host publicationProceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2023
    PublisherAssociation for Computing Machinery
    Pages547-563
    Number of pages17
    ISBN (Electronic)9798400707650
    DOIs
    Publication statusPublished - 2023 Oct 16
    Event26th International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2023 - Hong Kong, China
    Duration: 2023 Oct 162023 Oct 18

    Publication series

    NameACM International Conference Proceeding Series

    Conference

    Conference26th International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2023
    Country/TerritoryChina
    CityHong Kong
    Period23/10/1623/10/18

    Bibliographical note

    Publisher Copyright:
    © 2023 Copyright held by the owner/author(s).

    Keywords

    • Attack detection and recovery
    • CPS security
    • Dataoriented attack
    • Robotic vehicle
    • Safety-critical variables

    ASJC Scopus subject areas

    • Human-Computer Interaction
    • Computer Networks and Communications
    • Computer Vision and Pattern Recognition
    • Software

    Fingerprint

    Dive into the research topics of 'SCVMON: Data-oriented attack recovery for RVs based on safety-critical variable monitoring'. Together they form a unique fingerprint.

    Cite this