Data Tampering Attack Design for ROS-Based Object Detection and Tracking Robotic Platform

Abstract

In the past few years, the functions of robots have been largely enriched and deployed in numerous fields. Advanced robots are equipped with apparatuses such as cameras, radars and servo motors, which enhances the ability to interact with humans and perceive the physical world. With the integration of cloud services, robots are getting highly networked. The utilization of communication networks makes the system more dynamic, but also destroys the closeness of the system and makes the system vulnerable to cyber-attacks. Especially, attackers controlling robots through malicious attacks may damage the physical environment and threaten human life. Robot Operating System (ROS) is one of the most popular frameworks for robot software development. However, ROS has many security problems. In this paper, we study the vulnerabilities of the ROS communication framework and design threat models for the TCPROS protocol and ROS Master/Slave API respectively. TCPROS has the shortcomings of plaintext transmission and is lack of identity verification. To solve this problem, we propose an effective method for tampering with control commands. Then, a tool is designed to destroy the ROS graph through the ROS Master/Slave API. We use ROS-based mobile robots equipped with RGB-D cameras and introduce Yolo, a real-time target detection system based on convolutional neural networks, to build a target detection and tracking platform. The proposed attack strategy is verified on the robotic platform. Experimental results show that the designed attack strategy can effectively tamper the data between nodes and destroy the system's stability.