In this work, we propose a probabilistic and predictive framework to strategize against zero-day attacks in Autonomous Ground Robots (AGRs) operating safety-critical missions using ROS2-based autonomy stacks. Zero-day attacks represent a severe threat in Advanced Persistent Threat (APT) scenarios, as they exploit previously unknown vulnerabilities that remain hidden from defenders, enabling undetected intrusions that can compromise the robot’s mission and safety. The physical security of the AGR is based on an endpoint anomaly detection system that can prevent catastrophic outcomes. Our approach models this security scenario using a two-phase game-theoretic framework. In Phase I, we model the defender’s incomplete knowledge of the attack tree using a Bayesian extensive form game-theoretic formulation of a network penetration attack, in which the defender maintains a prior belief over possible zero-day nodes and samples augmented attack tree realizations incorporating these hypothesized vulnerabilities. This enables computation of a robust spot-check policy by distributing defensive actions across known nodes informed by sampled structural uncertainties, thus increasing the likelihood of intercepting attackers traversing concealed or zero-day paths. The resulting mixed-strategy equilibrium defense policy efficiently allocates detection and response resources towards high-risk areas, improving system resilience against unforeseen attack vectors. In Phase II, we analyze the attack and defense strategies for an adversarial takeover of the low-level Model Predictive Controller node achieved through a successful Phase I attack. We model this scenario as a two-player Stackelberg game in the context of an end-point Active Inference (AIF) based Anomaly Detection System (ADS) that relies on dead-reckoning to monitor the robot trajectories and enforces an emergency shutdown if a significant deviation from nominal behavior is detected. The attacker seeks to cause a crash of the AGR by injecting malicious command velocities into the nominal command velocities, while the ADS seeks to detect the anomaly before the crash occurs.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Probabilistic and Predictive Strategies Against Zero-Day Advanced Persistent Threats in Robotic Systems

  • Asim Zoulkarni,
  • Sai Sandeep Damera,
  • John S. Baras

摘要

In this work, we propose a probabilistic and predictive framework to strategize against zero-day attacks in Autonomous Ground Robots (AGRs) operating safety-critical missions using ROS2-based autonomy stacks. Zero-day attacks represent a severe threat in Advanced Persistent Threat (APT) scenarios, as they exploit previously unknown vulnerabilities that remain hidden from defenders, enabling undetected intrusions that can compromise the robot’s mission and safety. The physical security of the AGR is based on an endpoint anomaly detection system that can prevent catastrophic outcomes. Our approach models this security scenario using a two-phase game-theoretic framework. In Phase I, we model the defender’s incomplete knowledge of the attack tree using a Bayesian extensive form game-theoretic formulation of a network penetration attack, in which the defender maintains a prior belief over possible zero-day nodes and samples augmented attack tree realizations incorporating these hypothesized vulnerabilities. This enables computation of a robust spot-check policy by distributing defensive actions across known nodes informed by sampled structural uncertainties, thus increasing the likelihood of intercepting attackers traversing concealed or zero-day paths. The resulting mixed-strategy equilibrium defense policy efficiently allocates detection and response resources towards high-risk areas, improving system resilience against unforeseen attack vectors. In Phase II, we analyze the attack and defense strategies for an adversarial takeover of the low-level Model Predictive Controller node achieved through a successful Phase I attack. We model this scenario as a two-player Stackelberg game in the context of an end-point Active Inference (AIF) based Anomaly Detection System (ADS) that relies on dead-reckoning to monitor the robot trajectories and enforces an emergency shutdown if a significant deviation from nominal behavior is detected. The attacker seeks to cause a crash of the AGR by injecting malicious command velocities into the nominal command velocities, while the ADS seeks to detect the anomaly before the crash occurs.