UBC research highlights need to safeguard drones and robotic cars against cyber attacks

delivery drone

November 27, 2019

Robotic vehicles like Amazon delivery drones or Mars rovers can be hacked more easily than people may think, new research from the University of British Columbia suggests.

The researchers, based at UBC's faculty of applied science, designed three types of stealth attack on robotic vehicles that caused the machines to crash, miss their targets or complete their missions much later than scheduled.

The attacks required little to no human intervention to succeed on both real and simulated drones and rovers.

"We saw major weaknesses in robotic vehicle software that could allow attackers to easily disrupt the behaviour of many different kinds of these machines," said Karthik Pattabiraman, the electrical and computer engineering professor who supervised the study. "Especially worrisome is the fact that none of these attacks could be detected by the most commonly used detection techniques."

Robotic vehicles use special algorithms to stay on track while in motion, as well as to flag unusual behaviour that could signal an attack. But some degree of deviation from the travel plan is typically allowed to account for external factors like friction and wind — and it's these deviations that attackers can exploit to throw the vehicles off course.

The UBC team developed an automated process that enables an attacker to quickly learn the allowed deviations of robotic vehicles running conventional protection systems. The hacker can then use the information to launch a series of automated attacks that the vehicle cannot detect until it's too late.

"Robotic vehicles are already playing an important role in surveillance, warehouse management and other contexts, and their use will only become more widespread in the future," says Pritam Dash, an electrical and computer engineering graduate student at UBC and the study's lead author. "We need safety measures to prevent rogue drones and rovers from causing serious economic, property and even bodily harm."

The researchers offer the basis for a few such countermeasures — including self-adjusting deviation thresholds — in a recent paper describing their findings. They will present their work at the Annual Computer Security Applications Conference in San Juan, Puerto Rico, next month.

 

Let's Work Together

Join us. Bring research and innovation insight to your biggest challenges. We work with industry, non-profit and government partners to accelerate solutions for the future.

Partner with Us
UBC Crest The official logo of the University of British Columbia. Arrow An arrow indicating direction. Arrow in Circle An arrow indicating direction. Caret An arrowhead indicating direction. E-commerce Cart A shopping cart. Time A clock. Chats Two speech clouds. Facebook The logo for the Facebook social media service. Social Media The globe is the default icon for a social media platform. TikTok The logo for the TikTok social media platform. Calendar Location Home A house in silhouette. Information The letter 'i' in a circle. Instagram The logo for the Instagram social media service. Linkedin The logo for the LinkedIn social media service. Location Pin A map location pin. Mail An envelope. Telephone An antique telephone. Play A media play button. Search A magnifying glass. Arrow indicating share action A directional arrow. Speech Bubble A speech bubble. Star An outline of a star. Twitter The logo for the Twitter social media service. Urgent Message An exclamation mark in a speech bubble. User A silhouette of a person. Vimeo The logo for the Vimeo video sharing service. Youtube The logo for the YouTube video sharing service. Future of work A logo for the Future of Work category. Inclusive leadership A logo for the Inclusive leadership category. Planetary health A logo for the Planetary health category. Solutions for people A logo for the Solutions for people category. Thriving cities A logo for the Thriving cities category. University for future A logo for the University for future category.