Can you still see me? Reconstructing robot operations over end-to-end encrypted channels

Ryan Shah, Chuadhry Mujeeb Ahmed, Shishir Nagaraja

Research output: Working paperWorking Paper/Preprint

27 Downloads (Pure)

Abstract

Connected robots play a key role in Industry 4.0, providing automation and higher efficiency for many industrial workflows. Unfortunately, these robots can leak sensitive information regarding these operational workflows to remote adversaries. While there exists mandates for the use of end-to-end encryption for data transmission in such settings, it is entirely possible for passive adversaries to fingerprint and reconstruct entire workflows being carried out -- establishing an understanding of how facilities operate. In this paper, we investigate whether a remote attacker can accurately fingerprint robot movements and ultimately reconstruct operational workflows. Using a neural network approach to traffic analysis, we find that one can predict TLS-encrypted movements with around 60% accuracy, increasing to near-perfect accuracy under realistic network conditions. Further, we also find that attackers can reconstruct warehousing workflows with similar success. Ultimately, simply adopting best cybersecurity practices is clearly not enough to stop even weak (passive) adversaries.
Original languageEnglish
Place of PublicationIthaca, NY
Number of pages13
DOIs
Publication statusSubmitted - 17 May 2022

Keywords

  • industrial robot
  • security
  • privacy
  • TLS
  • side-channel attack
  • traffic analysis
  • SDN
  • neural network

Fingerprint

Dive into the research topics of 'Can you still see me? Reconstructing robot operations over end-to-end encrypted channels'. Together they form a unique fingerprint.

Cite this