slide1 n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
A Spotlight on Security and Privacy Risks with Future Household Robots: Attacks and Lessons PowerPoint Presentation
Download Presentation
A Spotlight on Security and Privacy Risks with Future Household Robots: Attacks and Lessons

Loading in 2 Seconds...

play fullscreen
1 / 10

A Spotlight on Security and Privacy Risks with Future Household Robots: Attacks and Lessons - PowerPoint PPT Presentation


  • 116 Views
  • Uploaded on

A Spotlight on Security and Privacy Risks with Future Household Robots: Attacks and Lessons Tamara Denning, Cynthia Matuszek , Karl Koscher , Joshua R. Smith and Tadayoshi Kohno. Introducing. From left to right: WowWee RoboSapien V2 WowWee Rovio Erector Spykee. Capabilities.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'A Spotlight on Security and Privacy Risks with Future Household Robots: Attacks and Lessons' - boris


Download Now An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

A Spotlight on Security and Privacy Risks with Future

Household Robots: Attacks and Lessons

Tamara Denning, Cynthia Matuszek, Karl Koscher, Joshua R. Smith and Tadayoshi Kohno.

slide2

Introducing...

From left to right:

WowWeeRoboSapien V2

WowWeeRovio

Erector Spykee

slide3

Capabilities

Prices correct as of late 2008.

slide4

Visibility

Rovio:

Visible to local attacker by SSID, MAC address

Visible to remote attacker by unique http interface, port 80 query

Spykee:

Visible to local attacker by SSID, MAC address

Visible to remote attacker by keep alive packets, port 9001 control request

RoboSapien:

Not visible

slide5

Vulnerabilities

Rovio

Passive adversary can intercept unencoded username and password

Audiovisual stream does not require password even when enabled

WEP support only, though WPA added in patch.

Spykee

Co-located mode sends credentials in the clear

Video stream unencrypted

Remote access more difficult, Diffie-Hellman key exchange vulnerable to MITM

WEP and WPA

slide6

Vulnerabilities

RoboSapien

Vulnerable to off-the-shelf controller and IR repeater

Compromised computer with IR port

Universal remote control with 802.11 wireless

Other compromised robots with IR transmitters

Other remote attacks possible, eg buffer overflow...

slide7

Attacks

  • Privacy
  • Security
  • Vandalism
  • Psychological
slide8

Design Questions

  • What is the intended function of the robot?
  • How mobile is the robot?
  • What sensors does the robot possess?
  • What actuators does the robot possess?
  • What communication protocols does the robot support?
  • Who are the intended users of the robot?
  • What is the robot’s intended operational environment?
  • Besides the intended users of the robot, what other people (and animals) will be in the robot’s environment?
  • What kind of development processes are in place?
slide9

Design Questions

  • Does the robot create new or amplify existing privacy vulnerabilities?
  • Does the robot create new or amplify existing physical integrity vulnerabilities?
  • Does the robot create new or amplify existing physical safety vulnerabilities?
  • Does the robot create new or amplify existing psychological vulnerabilities?
  • Can the robot be combined with other robots or technologies to facilitate an attack?
slide10

What else?

What steps need we take to prevent these issues in future?