[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to main content
Springer Nature Link
Log in

Defending Against APT Attacks in Robots: A Multi-phase Game-Theoretical Approach

  • Conference paper
  • First Online:
Decision and Game Theory for Security (GameSec 2024)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14908))

Included in the following conference series:

  • 94 Accesses

Abstract

In this work, we propose a two-phase game-theoretic framework to model and defend against Advanced Persistent Threat (APT) attacks in Autonomous Ground Robots (AGRs) running a ROS2-based autonomy stack for safety-critical navigation. In our scenario, the attacker seeks to penetrate the autonomous navigation system and take control over the AGR, causing it to crash into obstacles or fail in its navigation mission, potentially causing catastrophic damage. We use an attack tree abstraction to break the APT attack into two phases and analyze it using appropriate game-theoretical models and solutions to determine the optimal defense strategy for the defenders. For the first phase, we propose a variation of the popular cut-the-rope (CTR) security model by extending it to a probabilistic setting in which applying a spot-check at a given attack tree node does not necessarily result in a “cut” of the “rope”. We model this attack tree based on a curated library of real-world exploits in robotic systems and potential security measures that can counter these exploits. We show that this formulation admits a unique mixed Nash Equilibrium (NE) and determines the optimal defense policy for the first phase. Next, we address the scenario in which the defense mechanisms against the APT attack have failed to prevent the attacker from reaching the safety-critical target node in the network and the robotic asset is commandeered. We equip the robot system with a data-driven end-point Anomaly Detection System (ADS) that monitors the robot odometry data and detects anomalous entities being injected into the autonomy stack. We model this phase of the attack using a two-player zero-sum game where the defender needs to select optimal thresholds for the ADS monitor to balance the need for detecting data-poisoning attacks quickly while minimizing the possibility of false alarms and the attacker needs to select the intensity of the attack for the opposing objectives. We use experiments on a Nova Carter AGR running a Nav2-based autonomy stack within a Secure-ROS2 (SROS2) framework to inform the second-phase game-theoretic model and demonstrate the attack and defense mechanisms.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
£29.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
GBP 19.95
Price includes VAT (United Kingdom)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
GBP 49.99
Price includes VAT (United Kingdom)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
GBP 59.99
Price includes VAT (United Kingdom)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    https://robotics.segway.com/nova-carter/.

  2. 2.

    https://developer.nvidia.com/isaac/perceptor.

References

  1. Basiri, M.H., Pirani, M., Azad, N.L., Fischmeister, S.: Security of vehicle platooning: a game-theoretic approach. IEEE Access 7, 185565–185579 (2019)

    Article  Google Scholar 

  2. Deng, G., Xu, G., Zhou, Y., Zhang, T., Liu, Y.: On the (in)security of secure ROS2. In: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, CCS 2022, pp. 739–753. Association for Computing Machinery, New York (2022). https://doi.org/10.1145/3548606.3560681

  3. Ghafouri, A., Laszka, A., Abbas, W., Vorobeychik, Y., Koutsoukos, X.: A game-theoretic approach for selecting optimal time-dependent thresholds for anomaly detection. Auton. Agent. Multi-Agent Syst. 33, 430–456 (2019)

    Article  Google Scholar 

  4. Hu, P., Li, H., Fu, H., Cansever, D., Mohapatra, P.: Dynamic defense strategy against advanced persistent threat with insiders. In: 2015 IEEE Conference on Computer Communications (INFOCOM), pp. 747–755. IEEE (2015)

    Google Scholar 

  5. Huang, L., Zhu, Q.: Adaptive strategic cyber defense for advanced persistent threats in critical infrastructure networks. ACM SIGMETRICS Perform. Eval. Rev. 46(2), 52–56 (2019)

    Article  Google Scholar 

  6. Macenski, S., Booker, M., Wallace, J.: Open-source, cost-aware kinematically feasible planning for mobile and surface robotics. Arxiv (2024)

    Google Scholar 

  7. Macenski, S., Martín, F., White, R., Clavero, J.G.: The marathon 2: a navigation system. In: 2020 IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS), pp. 2718–2725. IEEE (2020)

    Google Scholar 

  8. Macenski, S., Moore, T., Lu, D.V., Merzlyakov, A., Ferguson, M.: From the desks of ROS maintainers: a survey of modern & capable mobile robotics algorithms in the robot operating system 2. Robot. Auton. Syst. 168, 104493 (2023)

    Article  Google Scholar 

  9. Macenski, S., Martin, F., White, R., Ginés Clavero, J.: The marathon 2: a navigation system. In: 2020 IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS) (2020)

    Google Scholar 

  10. Moulard, T., Hortala, J., Perez, X., Olalde, G., Erice, B., Olalde, O., Mayoral, D.: ROS 2 robotic systems threat model (2019). https://design.ros2.org/articles/ros2_threat_model.html. Last Modified: 2021-01

  11. Rass, S., König, S., Panaousis, E.: Cut-the-rope: a game of stealthy intrusion. In: Alpcan, T., Vorobeychik, Y., Baras, J.S., Dán, G. (eds.) GameSec 2019. LNCS, vol. 11836, pp. 404–416. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-32430-8_24

    Chapter  Google Scholar 

  12. Rass, S., König, S., Wachter, J., Mayoral-Vilches, V., Panaousis, E.: Game-theoretic apt defense: an experimental study on robotics. Comput. Secur. 132, 103328 (2023)

    Article  Google Scholar 

  13. Sahabandu, D.: A game-theoretic framework for detecting advanced persistent threats. Ph.D. thesis, University of Washington (2023)

    Google Scholar 

  14. Vilches, V.M., et al.: Towards an open standard for assessing the severity of robot security vulnerabilities, the robot vulnerability scoring system (RVSS) (2021). https://arxiv.org/abs/1807.10357

  15. Yan, H., Zhang, Q., Xie, J., Lu, Z., Chen, S., Guo, D.: An intelligent game theory framework for detecting advanced persistent threats. In: 2021 IEEE 27th International Conference on Parallel and Distributed Systems (ICPADS), pp. 450–457. IEEE (2021)

    Google Scholar 

  16. Yang, L.X., Li, P., Zhang, Y., Yang, X., Xiang, Y., Zhou, W.: Effective repair strategy against advanced persistent threat: a differential game approach. IEEE Trans. Inf. Forensics Secur. 14(7), 1713–1728 (2018)

    Article  Google Scholar 

  17. Zhang, L., Zhu, T., Hussain, F.K., Ye, D., Zhou, W.: A game-theoretic method for defending against advanced persistent threats in cyber systems. IEEE Trans. Inf. Forensics Secur. 18, 1349–1364 (2022)

    Article  Google Scholar 

  18. Zhu, Q., Rass, S.: On multi-phase and multi-stage game-theoretic modeling of advanced persistent threats. IEEE Access 6, 13958–13971 (2018). https://doi.org/10.1109/ACCESS.2018.2814481

    Article  Google Scholar 

  19. Zhu, Q., Rass, S., Dieber, B., Vilches, V.M.: An introduction to robot system cybersecurity. arXiv preprint arXiv:2103.05789 (2021)

Download references

Author information

Authors and Affiliations

  1. University of Maryland, College Park, MD, 20740, USA

    Asim Zoulkarni, Sai Sandeep Damera, M. S. Praveen Kumar & John S. Baras

Authors
  1. Asim Zoulkarni
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sai Sandeep Damera
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. M. S. Praveen Kumar
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. John S. Baras
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Asim Zoulkarni .

Editor information

Editors and Affiliations

  1. Rutgers University, New Brunswick, NJ, USA

    Arunesh Sinha

  2. University of Florida, Gainesville, FL, USA

    Jie Fu

  3. New York University, Brooklyn, NY, USA

    Quanyan Zhu

  4. Washington University in St. Louis, St. Louis, MO, USA

    Tao Zhang

Rights and permissions

Reprints and permissions

Copyright information

© 2025 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Zoulkarni, A., Damera, S.S., Praveen Kumar, M.S., Baras, J.S. (2025). Defending Against APT Attacks in Robots: A Multi-phase Game-Theoretical Approach. In: Sinha, A., Fu, J., Zhu, Q., Zhang, T. (eds) Decision and Game Theory for Security. GameSec 2024. Lecture Notes in Computer Science, vol 14908. Springer, Cham. https://doi.org/10.1007/978-3-031-74835-6_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-74835-6_14

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-74834-9

  • Online ISBN: 978-3-031-74835-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation