Robot designed to defend factories against cyberthreats

April 3, 2018 by Josh Brown, Georgia Institute of Technology
Credit: Georgia Institute of Technology

It's small enough to fit inside a shoebox, yet this robot on four wheels has a big mission: keeping factories and other large facilities safe from hackers.

Meet the HoneyBot.

Developed by a team of researchers at the Georgia Institute of Technology, the diminutive device is designed to lure in digital troublemakers who have set their sights on industrial facilities. HoneyBot will then trick the bad actors into giving up valuable information to cybersecurity professionals.

The decoy robot arrives as more and more devices – never designed to operate on the Internet – are coming online in homes and factories alike, opening up a new range of possibilities for hackers looking to wreak havoc in both the digital and physical world.

"Robots do more now than they ever have, and some companies are moving forward with, not just the assembly line robots, but free-standing robots that can actually drive around factory floors," said Raheem Beyah, the Motorola Foundation Professor and interim Steve W. Chaddick School Chair in Georgia Tech's School of Electrical and Computer Engineering. "In that type of setting, you can imagine how dangerous this could be if a hacker gains access to those machines. At a minimum, they could cause harm to whatever products are being produced. If it's a large enough robot, it could destroy parts or the . In a worst-case scenario, it could injure or cause death to the humans in the vicinity."

Internet security professionals long have employed decoy computer systems known as "honeypots" as a way to throw cyberattackers off the trail. The research team applied the same concept to the HoneyBot, which is partially funded with a grant from the National Science Foundation. Once hackers gain access to the decoy, they leave behind valuable information that can help companies further secure their networks.

Credit: Georgia Institute of Technology

"A lot of cyberattacks go unanswered or unpunished because there's this level of anonymity afforded to malicious actors on the internet, and it's hard for companies to say who is responsible," said Celine Irvene, a Georgia Tech graduate student who worked with Beyah to devise the new robot. "Honeypots give security professionals the ability to study the attackers, determine what methods they are using, and figure out where they are or potentially even who they are."

The gadget can be monitored and controlled through the internet. But unlike other remote-controlled robots, the HoneyBot's special ability is tricking its operators into thinking it is performing one task, when in reality it's doing something completely different.

"The idea behind a honeypot is that you don't want the attackers to know they're in a honeypot," Beyah said. "If the attacker is smart and is looking out for the potential of a honeypot, maybe they'd look at different sensors on the robot, like an accelerometer or speedometer, to verify the robot is doing what it had been instructed. That's where we would be spoofing that information as well. The hacker would see from looking at the sensors that acceleration occurred from point A to point B."

In a factory setting, such a HoneyBot robot could sit motionless in a corner, springing to life when a hacker gains access – a visual indicator that a malicious actor is targeting the facility.

Rather than allowing the to then run amok in the physical world, the robot could be designed to follow certain commands deemed harmless – such as meandering slowly about or picking up objects – but stopping short of actually doing anything dangerous.

So far, their technique seems to be working.

In experiments designed to test how convincing the false would be to individuals remotely controlling the device, volunteers in December 2017 used a virtual interface to control the robot and could not to see what was happening in real life. To entice the volunteers to break the rules, at specific spots within the maze, they encountered forbidden "shortcuts" that would allow them to finish the maze faster.

In the real maze back in the lab, no shortcut existed, and if the participants opted to go through it, the robot instead remained still. Meanwhile, the volunteers – who have now unwittingly become hackers for the purposes of the experiment – were fed simulated sensor data indicating they passed through the shortcut and continued along.

"We wanted to make sure they felt that this was doing this real thing," Beyah said.

In surveys after the experiment, participants who actually controlled the device the whole time and those who were being fed simulated data about the fake shortcut both indicated that the data was believable at similar rates.

"This is a good sign because it indicates that we're on the right track," Irvene said.

Explore further: How realistic are those robots in Star Wars?

Related Stories

How realistic are those robots in Star Wars?

February 22, 2018

Computer Science and Engineering Professor Robin Murphy of Texas A&M University has taken a serious look at the robots of Star Wars fame and judges how realistic they are in a recent Science Robotics Focus piece—in it, ...

Software enables robots to be controlled in virtual reality

December 14, 2017

Even as autonomous robots get better at doing things on their own, there will still be plenty of circumstances where humans might need to step in and take control. New software developed by Brown University computer scientists ...

Researchers study human movement to build better robots

November 7, 2017

Draw a figure eight in the air. It might feel like one swift movement. But in fact, the velocity of your hand and arm likely varies, traveling faster through the straight parts and slowing down during the curves.

Recommended for you

Robots as tools and partners in rehabilitation

August 17, 2018

In future decades, the need for effective strategies for medical rehabilitation will increase significantly, because patients' rate of survival after diseases with severe functional deficits, such as a stroke, will increase. ...

Security gaps identified in internet protocol IPsec

August 15, 2018

In collaboration with colleagues from Opole University in Poland, researchers at Horst Görtz Institute for IT Security (HGI) at Ruhr-Universität Bochum (RUB) have demonstrated that the internet protocol IPsec is vulnerable ...

3 comments

Adjust slider to filter visible comments by rank

Display comments: newest first

Porgie
not rated yet Apr 03, 2018
I know lets put a device without wheels or eyes in a box between the home device and the internet and pretend we are a lamp switch or a thermostat and then trap them that way. And you save money on wheels and eyes and all that other stuff. All the hacker is looking for is a digital signature so give them one. Something you think they are looking for then fry their hard drive when they latch on.
FishGod
5 / 5 (1) Apr 04, 2018
HoneyBot, NYET!
(Drives into hydraulic press)
IwinUlose
1 / 5 (3) Apr 05, 2018
.... And you save money on wheels and eyes and all that other stuff....


It's not very clearly stated, but I believe that adorable little guy in the picture is for the purpose of affirming that very notion:
In surveys after the experiment, participants who actually controlled the device the whole time and those who were being fed simulated data about the fake shortcut both indicated that the data was believable at similar rates.

"This is a good sign because it indicates that we're on the right track," Irvene said.


The title of the article didn't help much either. I was really hoping for lasers or something with hypodermics for teeth like the Hound from Fahrenheit 451.

"Robot designed to [help confirm practical theories about how to] defend factories against cyberthreats"

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.