Wentao Chen, Sam Der, Yunpeng Luo, Fayzah Alshammari, Qi Alfred Chen (University of California, Irvine)

Due to the cyber-physical nature of robotic vehicles, security is especially crucial, as a compromised system not only exposes privacy and information leakage risks, but also increases the risk of harm in the physical world. As such, in this paper, we explore the current vulnerability landscape of robotic vehicles exposed to and thus remotely accessible by any party on the public Internet. Focusing particularly on instances of the Robot Operating System (ROS), a commonly used open-source robotic software framework, we performed new Internet-wide scans of the entire IPv4 address space, identifying, categorizing, and analyzing the ROS-based systems we discovered. We further performed the first measurement of ROS scanners in the wild by setting up ROS honeypots, logging traffic, and analyzing the traffic we received. We found over 190 ROS systems on average being regularly exposed to the public Internet and discovered new trends in the exposure of different types of robotic vehicles, suggesting increasing concern regarding the cybersecurity of today’s ROS-based robotic vehicle systems.

View More Papers

COSPAS Search and Rescue Satellite Uplink: A MAC-Based Security...

Syed Khandker (New York University Abu Dhabi), Krzysztof Jurczok (Amateur Radio Operator), Christina Pöpper (New York University Abu Dhabi)

Read More

Leaking the Privacy of Groups and More: Understanding Privacy...

Jiangrong Wu (Sun Yat-sen University), Yuhong Nan (Sun Yat-sen University), Luyi Xing (Indiana University Bloomington), Jiatao Cheng (Sun Yat-sen University), Zimin Lin (Alibaba Group), Zibin Zheng (Sun Yat-sen University), Min Yang (Fudan University)

Read More

WIP: Hidden Hub Eavesdropping Attack in Matter-enabled Smart Home...

Song Liao, Jingwen Yan, Long Cheng (Clemson University)

Read More

WIP: AMICA: Attention-based Multi-Identifier model for asynchronous intrusion detection...

Natasha Alkhatib (Télécom Paris), Lina Achaji (INRIA), Maria Mushtaq (Télécom Paris), Hadi Ghauch (Télécom Paris), Jean-Luc Danger (Télécom Paris)

Read More