Can you still see me? Identifying robot operations over end-to-end encrypted channels

Ryan Shah; Chuadhry Mujeeb Ahmed; Shishir Nagaraja

doi:10.1145/3507657.3529659

Can you still see me? Identifying robot operations over end-to-end encrypted channels

Ryan Shah, Chuadhry Mujeeb Ahmed, Shishir Nagaraja

Computer And Information Sciences

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution book

9 Downloads (Pure)

Abstract

Connected robots play a key role in automating industrial workflows. Robots can expose sensitive operational information to remote adversaries. Despite the use of end-to-end encryption, a passive adversary could fingerprint and reconstruct the entire workflows being carried out and developing a detailed understanding of how facilities operate. In this paper, we investigate whether a remote passive attacker can accurately fingerprint robot movements and reconstruct operational workflows. Using a neural network-based traffic analysis approach, we found that attackers can predict TLS-encrypted robot movements with around ~60% accuracy, increasing to near perfect accuracy in realistic settings. Ultimately, simply adopting best cybersecurity practices is not enough to stop even weak (passive) adversaries.

Original language	English
Title of host publication	WiSec 2022 - Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks
Subtitle of host publication	Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks
Place of Publication	New York
Pages	298-300
Number of pages	3
ISBN (Electronic)	9781450392167
DOIs	https://doi.org/10.1145/3507657.3529659
Publication status	Published - 16 May 2022

Publication series

Name	WiSec 2022 - Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks

Keywords

robotics
security
side channel
traffic analysis
neural network

Access to Document

10.1145/3507657.3529659

Shah-etal-ACM-WiSec-2022-Can-you-still-see-me-identifying-robot-operationsFinal published version, 564 KBLicence: CC BY-NC 4.0

Industrial CASE Account - University of Strathclyde 2017 | Shah, Ryan
Nagaraja, S., Revie, C., Ahmed, C. M., Weir, G. & Shah, R.
EPSRC (Engineering and Physical Sciences Research Council)
1/10/18 → 15/02/23
Project: Research Studentship Case - Internally allocated

Traffic Samples for Traffic Analysis Side Channel Attack for Teleoperated Robots
Shah, R. (Creator) & Revie, C. (Supervisor), University of Strathclyde, 6 Mar 2023
DOI: 10.15129/95ca9dd4-13ac-4ff1-b42d-360930a7f598
Dataset

Cite this

Shah, R., Ahmed, C. M., & Nagaraja, S. (2022). Can you still see me? Identifying robot operations over end-to-end encrypted channels. In WiSec 2022 - Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks: Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks (pp. 298-300). (WiSec 2022 - Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks).. https://doi.org/10.1145/3507657.3529659

Shah, Ryan ; Ahmed, Chuadhry Mujeeb ; Nagaraja, Shishir. / Can you still see me? Identifying robot operations over end-to-end encrypted channels. WiSec 2022 - Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks: Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks. New York, 2022. pp. 298-300 (WiSec 2022 - Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks).

@inproceedings{a216798c09414a94a8bbe0e05d4b5ba4,

title = "Can you still see me? Identifying robot operations over end-to-end encrypted channels",

abstract = "Connected robots play a key role in automating industrial workflows. Robots can expose sensitive operational information to remote adversaries. Despite the use of end-to-end encryption, a passive adversary could fingerprint and reconstruct the entire workflows being carried out and developing a detailed understanding of how facilities operate. In this paper, we investigate whether a remote passive attacker can accurately fingerprint robot movements and reconstruct operational workflows. Using a neural network-based traffic analysis approach, we found that attackers can predict TLS-encrypted robot movements with around ~60% accuracy, increasing to near perfect accuracy in realistic settings. Ultimately, simply adopting best cybersecurity practices is not enough to stop even weak (passive) adversaries.",

keywords = "robotics, security, side channel, traffic analysis, neural network",

author = "Ryan Shah and Ahmed, {Chuadhry Mujeeb} and Shishir Nagaraja",

year = "2022",

month = may,

day = "16",

doi = "10.1145/3507657.3529659",

language = "English",

isbn = "9781450392167",

series = "WiSec 2022 - Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks",

pages = "298--300",

booktitle = "WiSec 2022 - Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks",

}

Shah, R, Ahmed, CM & Nagaraja, S 2022, Can you still see me? Identifying robot operations over end-to-end encrypted channels. in WiSec 2022 - Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks: Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks. WiSec 2022 - Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks, New York, pp. 298-300. https://doi.org/10.1145/3507657.3529659

Can you still see me? Identifying robot operations over end-to-end encrypted channels. / Shah, Ryan; Ahmed, Chuadhry Mujeeb; Nagaraja, Shishir.

WiSec 2022 - Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks: Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks. New York, 2022. p. 298-300 (WiSec 2022 - Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution book

TY - GEN

T1 - Can you still see me? Identifying robot operations over end-to-end encrypted channels

AU - Shah, Ryan

AU - Ahmed, Chuadhry Mujeeb

AU - Nagaraja, Shishir

PY - 2022/5/16

Y1 - 2022/5/16

N2 - Connected robots play a key role in automating industrial workflows. Robots can expose sensitive operational information to remote adversaries. Despite the use of end-to-end encryption, a passive adversary could fingerprint and reconstruct the entire workflows being carried out and developing a detailed understanding of how facilities operate. In this paper, we investigate whether a remote passive attacker can accurately fingerprint robot movements and reconstruct operational workflows. Using a neural network-based traffic analysis approach, we found that attackers can predict TLS-encrypted robot movements with around ~60% accuracy, increasing to near perfect accuracy in realistic settings. Ultimately, simply adopting best cybersecurity practices is not enough to stop even weak (passive) adversaries.

AB - Connected robots play a key role in automating industrial workflows. Robots can expose sensitive operational information to remote adversaries. Despite the use of end-to-end encryption, a passive adversary could fingerprint and reconstruct the entire workflows being carried out and developing a detailed understanding of how facilities operate. In this paper, we investigate whether a remote passive attacker can accurately fingerprint robot movements and reconstruct operational workflows. Using a neural network-based traffic analysis approach, we found that attackers can predict TLS-encrypted robot movements with around ~60% accuracy, increasing to near perfect accuracy in realistic settings. Ultimately, simply adopting best cybersecurity practices is not enough to stop even weak (passive) adversaries.

KW - robotics

KW - security

KW - side channel

KW - traffic analysis

KW - neural network

U2 - 10.1145/3507657.3529659

DO - 10.1145/3507657.3529659

M3 - Conference contribution book

SN - 9781450392167

T3 - WiSec 2022 - Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks

SP - 298

EP - 300

BT - WiSec 2022 - Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks

CY - New York

ER -

Shah R, Ahmed CM, Nagaraja S. Can you still see me? Identifying robot operations over end-to-end encrypted channels. In WiSec 2022 - Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks: Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks. New York. 2022. p. 298-300. (WiSec 2022 - Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks). Epub 2022 May 16. doi: 10.1145/3507657.3529659

Can you still see me? Identifying robot operations over end-to-end encrypted channels

Abstract

Publication series

Keywords

Access to Document

Fingerprint

Projects

Industrial CASE Account - University of Strathclyde 2017 | Shah, Ryan

Datasets

Traffic Samples for Traffic Analysis Side Channel Attack for Teleoperated Robots

Cite this