Scanning the Internet for ROS: A View of Security in Robotics Research
Because robots can directly perceive and affect the physical world, security issues take on particular importance. In this paper, we describe the results of our work on scanning the entire IPv4 address space of the Internet for instances of the Robot Operating System (ROS), a widely used robotics platform for research. Our results identified that a number of hosts supporting ROS are exposed to the public Internet, thereby allowing anyone to access robotic sensors and actuators. As a proof of concept, and with consent, we were able to read image sensor information and move the robot of a research group in a US university. This paper gives an overview of our findings, including the geographic distribution of publicly-accessible platforms, the sorts of sensor and actuator data that is available, as well as the different kinds of robots and sensors that our scan uncovered. Additionally, we offer recommendations on best practices to mitigate these security issues in the future.
NurtureToken New!

Token crowdsale for this paper ends in

Buy Nurture Tokens

Authors

Are you an author of this paper? Check the Twitter handle we have for you is correct.

Nicholas DeMarinis (add twitter)
Stefanie Tellex (add twitter)
Vasileios Kemerlis (edit)
George Konidaris (add twitter)
Rodrigo Fonseca (edit)
Ask The Authors

Ask the authors of this paper a question or leave a comment.

Read it. Rate it.
#1. Which part of the paper did you read?

#2. The paper contains new data or analyses that is openly accessible?
#3. The conclusion is supported by the data and analyses?
#4. The conclusion is of scientific interest?
#5. The result is likely to lead to future research?

Github
User:
None (add)
Repo:
None (add)
Stargazers:
0
Forks:
0
Open Issues:
0
Network:
0
Subscribers:
0
Language:
None
Youtube
Link:
None (add)
Views:
0
Likes:
0
Dislikes:
0
Favorites:
0
Comments:
0
Other
Sample Sizes (N=):
Inserted:
Words Total:
Words Unique:
Source:
Abstract:
None
08/12/18 05:53PM
8,202
2,643
Tweets
kanejaki: cvpaper.challengeのICRA速報で知ったこの論文がやばい(面白い) Scanning the Internet for ROS: A View of Security in Robotics Research https://t.co/XZmcFlT6W9
martimorta: @carlosjoseRG @IoTLiverpool Sure! It was about the danger of connecting ROS to an unprotected network, as a warning for new users, mostly inspired by https://t.co/EqHPblHZkT Even though rosbridge actually helps here
RyanKhurana: Increased reliance on robots may open up a wellspring of cybersecurity threats. https://t.co/pzgJDyXmhV https://t.co/JXmTRtT0If
bluebrain: RT @BenedictEvans: “Scanning the Internet for ROS: A View of Security in Robotics Research” 😲🤦🏻‍♂️ https://t.co/TZ4FcVNEj7
CGRIIorg: Very cool article which explores where #robots live on the #Internet. https://t.co/gpSA777VZv
jamesrgrinter: RT @BenedictEvans: “Scanning the Internet for ROS: A View of Security in Robotics Research” 😲🤦🏻‍♂️ https://t.co/TZ4FcVNEj7
MasterScrat: "Potentially unsecured robot platforms found by the researchers included a Baxter, PR2, JACO, Turtlebot, WAM, and – potentially the most worrying of all – an exposed DaVinci surgical robot." https://t.co/fRRPYESYLW
LGVichy: RT @BenedictEvans: “Scanning the Internet for ROS: A View of Security in Robotics Research” 😲🤦🏻‍♂️ https://t.co/TZ4FcVNEj7
os32za: RT @BenedictEvans: “Scanning the Internet for ROS: A View of Security in Robotics Research” 😲🤦🏻‍♂️ https://t.co/TZ4FcVNEj7
jbchaykowsky: RT @BenedictEvans: “Scanning the Internet for ROS: A View of Security in Robotics Research” 😲🤦🏻‍♂️ https://t.co/TZ4FcVNEj7
BenedictEvans: “Scanning the Internet for ROS: A View of Security in Robotics Research” 😲🤦🏻‍♂️ https://t.co/TZ4FcVNEj7
blattnerma: RT @arxiv_org: Scanning the Internet for ROS: A View of Security in Robotics Research. https://t.co/pErTN4e6cZ https://t.co/7L0GGUvgjH
JeanMarcJAzzi: RT @arxiv_org: Scanning the Internet for ROS: A View of Security in Robotics Research. https://t.co/pErTN4e6cZ https://t.co/7L0GGUvgjH
goodfellow_ian: Security researchers show that they are able to remotely move a robot in a university research lab. Many robots accidentally expose publicly available connections to the internet. https://t.co/kbqYZkIv9o https://t.co/Ouh77jlTd5
ardabbour: Researchers checked the internet for public IPs of robots, found many robots that can be controlled in dangerous ways. They even found an exposed DaVinci surgical robot! #ROS #Robotics #Security https://t.co/qPevo8Z1Ig
cynicalsecurity: N. DeMarinis et al., “Scanning the Internet for ROS: A View of Security in Robotics Research” https://t.co/D9Ff7bHrdJ
ralphholz: "With consent, we were able to move the robot of a research group in the US." - Scanning the Internet for ROS: A View of Security in Robotics Research - https://t.co/PKRae22lNF
M157q_News_RSS: Scanning the Internet for ROS: A View of Security in Robotics Research. (arXiv:1808.03322v1 [https://t.co/5Fm3Lre9eN]) https://t.co/EHG5oLZ6a1 Because robots
Images
Related