Journal of the Korea Institute of Information Security & Cryptology (정보보호학회논문지)

Korea Institute of Information Security and Cryptology (한국정보보호학회)
권호 표지
DOI QR코드

DOI QR Code

Attack Datasets for ROS Intrusion Detection Systems

ROS 침입 탐지 시스템을 위한 공격 데이터셋 구축

  • Hyunghoon Kim (Yonsei University) ;
  • Seungmin Lee (Yonsei University) ;
  • Jaewoong Heo (Soongsil University) ;
  • Hyo Jin Jo (Yonsei University)
  • 김형훈 (연세대학교) ;
  • 이승민 (연세대학교) ;
  • 허재웅 (숭실대학교) ;
  • 조효진 (연세대학교)
  • Received : 2024.06.07
  • Accepted : 2024.07.23
  • Published : 2024.08.31
Download PDF
⟨ Previous Next ⟩

Abstract

In recent decades, research and development in the field of industrial robotics, such as an unmanned ground vehicle (UGV) and an unmanned aerial vehicle (UAV), has been significant progress. In these advancements, it is important to use middleware, which facilitates communication and data management between different applications, and various industrial communication middleware protocols have been released. The robot operating system (ROS) is the most widely adopted as the main platform for robot system development among the communication middleware protocols. However, the ROS is known to be vulnerable to various cyber attacks, such as eavesdropping on communications and injecting malicious messages, because it was initially designed without security considerations. In response, numerous studies have proposed countermeasures to ROS vulnerabilities. In particular, some work has been proposed on generating ROS datasets for intrusion detection systems (IDS), but there is a lack of research in this area. In this paper, in order to contribute to improving the performance of ROS IDSs, we propose a new type of attack scenario that can occur in the ROS and build ROS attack datasets collected from a real robot system and make it available as an open dataset.

최근 수년 동안 무인지상차량 및 무인항공기와 같은 Robotics 분야에 대한 연구 및 개발이 활발히 진행되고 있다. 이러한 발전에는 서로 다른 애플리케이션 간의 통신 및 데이터 관리를 원활하게 해주는 미들웨어의 사용이 중요한 역할을 하고 있으며, 여러 가지의 산업용 통신 미들웨어 프로토콜들이 출시되고 있다. 그중 ROS (Robot Operating System)가 로봇 시스템 개발을 위한 주요 플랫폼으로 널리 사용되고 있지만, 초기 설계 과정에서 보안 측면을 전혀 고려하지 않았기 때문에 통신을 도청하거나 악의적인 메시지를 주입하는 등의 다양한 공격에 취약한 상태이다. 이에 대응하기 위해, ROS에 대한 보안 솔루션을 제안하는 많은 연구가 진행되고 있으며, 특히 침입 탐지 시스템을 위한 ROS 데이터셋을 제안하는 연구도 진행되었지만, 이와 같은 연구는 매우 부족한 상황이다. 본 논문에서는 ROS 침입 탐지 시스템의 성능 발전에 기여할 수 있도록 ROS 환경에서 발생 가능한 새로운 유형의 공격 시나리오를 제안하고, 실제 로봇 시스템으로부터 수집한 ROS 공격 데이터셋을 구축하며 오픈 데이터셋으로 제공한다.

Keywords

Acknowledgement

본 연구는 2024년 정부(방위산업체)의 재원으로 국방과학연구소의 지원을 받아 수행된 연구임 (UI2200575D)

References

  1. E. Garcia, M. A. Jimenez, P. G. DeSantos, and M. Armada, "The evolution of robotics research," IEEE Robotics & Automation Magazine, vol.14, no. 1, pp. 90-103, Mar. 2007.
  2. MQTT, "MQTT", https://mqtt.org/, 2024.06.07.
  3. M. Quigley, B. Gerkey, K. Conley, J. Faust T. Foote, J. Leibs, E. Berger, and R. Wheeler, "ROS: an open-source Robot Operating System," ICRA workshop on open source software, vol. 3, no. 3.2, p. 5, Jan. 2009.
  4. ZeroMQ, "ZeroMQ", https://zeromq.org/, 2024.06.07.
  5. S. Profanter, A. Tekat, K. Dorofeev, M. Rickert, and A. Knoll, "OPC UA versus ROS, DDS, and MQTT: Performance evaluation of industry 4.0 protocols," IEEE International Conference on Industrial Technology, pp. 955-962, Feb. 2019.
  6. E. Tsardoulias and P. Mitkas, "Robotic frameworks, architectures and middleware comparison," arXiv preprint arXiv:1711.06842, Nov. 2017.
  7. P. Estefo, J. Simmonds, R. Robbes, and J. Fabry, "The robot operating system: Package reuse and community dynamics," Journal of Systems and Software, vol. 151, pp. 226-242, Feb. 2019.
  8. J. McClean, C. Stull, C. Farrar, and D. Mascarenas, "A preliminary cyber-physical security assessment of the robot operating system (ros)," Proceedings of the SPIE - The International Society for Optical Engineering, vol. 8741, pp. 341-348, May. 2013.
  9. B. Dieber, B. Breiling, S. Taurer, S. Kacianka, S. Rass, and P. Schartner, "Security for the robot operating system," Robotics and Autonomous Systems, vol. 98, pp. 192-203, Oct. 2017.
  10. B. Dieber, R. White, S. Taurer, B. Breiling, G. Caiazza, H. Christensen, and A. Cortesi, "Penetration testing ROS," Robot Operating System(ROS)The Complete Reference (Volume4),pp. 183-225, Jun. 2020.
  11. R. White, D. H. I. Christensen, andD. M. Quigley, "SROS: Securing ROS over the wire, in the graph, and through the kernel," arXiv preprintarXiv:1611.07060, Nov. 2016.
  12. N. Goerke, D. Timmermann, and I. Baumgart, "Who controls your robot? an evaluation of ros security mechanisms," In 2021 7th International conference on auto-mation, robotics and applications (ICARA), pp. 60-66, Feb. 2021.
  13. S. Lagraa, M. Cailac, S. Rivera, F. Beck, and R. State, "Real-time attack detection on robot cameras: A self-driving car application," In 2019 Third IEEE International Conference on Robotic Computing (IRC), pp.102-109, Feb. 2019.
  14. R. A. Antunes, B. L. Dalmazo, and P. L. J. Drews, "Detecting data injection attacks in ROS systems using machine learning," In 2022 Latin American Robotics Symposium (LARS), 2022 Brazilian Symposium on Robotics (SBR), and 2022 Workshop on Robotics in Education (WRE), pp.1-6, Oct. 2022.
  15. E. Degirmenci, Y. S. Kirca, I. Ozcelik, and A. Yazici, "ROSIDS23: Network intrusion detection dataset for robot operating system," Data in Brief, vol. 51, p. 109739, Nov. 2023.
  16. I. F. Kilincer, F. Ertam, and A. Sengur, "Machine learning methods for cyber security intrusion detection: Datasets and comparative study," Computer Networks, vol. 188, Feb. 2021.
  17. S. Rajapaksha, G. Madzudzo, H. Kalutarage, A. Petrovski, and M. O. Al-Kadri, "CAN-MIRGU: A comprehensive CAN bus attack dataset from moving vehicles for intrusion detection system evaluation," In Network and Distributed Systems Security (NDSS) Symposium, Feb. 2024.
  18. GitHub, "ROS2", https://github.com/ros2, 2024.06.07.
  19. ROS Metrics, "ROS Metrics", https://metrics.ros.org/rosdistro_rosdistro.html, 2024.06.07.
  20. V. Mayoral-Vilches, M. Pinzger, S. Rass, B. Dieber, and E. Gil-Uriarte, "Can ros be used securely in industry? red teaming ros-industrial," arXiv preprint arXiv:2009.08211, Sep. 2020.
  21. GitHub, "CICFlowMeter", https://github.com/ahlashkari/CICFlowMeter, 2024.06.07
  22. ROS Wiki, "ROS Shutdown", https://wiki.ros.org/rospy/Overview/Initialization%20and%20Shutdown, 2024.06.07.
  23. Ouster, "VLP-16 User Manual", https://velodynelidar.com/wp-content/uploads/2019/12/63-9243-Rev-E-VLP-16-User-Manual.pdf, 2024.06.07.
  24. D. Moore, C. Shannon, D. J. Brown, G. M. Voelker, and S. Savage, "Inferring internet denial-of-service activity," vol. 24, no. 2, pp. 115-139, ACM Transactions on Computer Systems (TOCS), May. 2006.