Noemí DeCastro-García

Detection of Cyber-attacks to indoor real time localization systems for autonomous robots

Abstract Cyber-security for robotic systems is a growing concern. Many mobile robots rely heavily on Real Time Location Systems to operate safely in different environments. As a result, Real Time Location Systems have become a vector of attack for robots and autonomous systems, a situation which has not been studied well. This article shows that cyber-attacks on Real Time Location Systems can be detected by a system built using supervised learning. Furthermore it shows that some type of cyber-attacks on Real Time Location Systems, specifically Denial of Service and Spoofing, can be detected by a system built using Machine Learning techniques. In order to construct models capable of detecting those attacks, different supervised learning algorithms have been tested and validated using a dataset of real data recorded by a wheeled robot and a commercial Real Time Location System, based on Ultra Wideband beacons. Experimental results with a cross-validation analysis have shown that Multi-Layer Perceptron classifiers get the highest test score and the lowest validation error. Moreover, it is the model with less overfitting and more sensitivity for detecting Denial of Service and Spoofing cyber-attacks on Real Time Location Systems.

Empirical analysis of cyber-attacks to an indoor real time localization system for autonomous robots

Abstract Real Time Location Systems (RTLSs) are critical components of many mobile robots that rely on them to safely operate in different environments, and their cyber-security is a growing concern. The goal of this paper is to demonstrate that there are statistically meaningful differences in the data provided by beacon-based RTLSs between the case when there is an attacker or none, which can be used to detect attacks. A procedure to choose the more discriminant distribution of beacons is presented, as well as its empirical validation, based on data provided by a commercial RTLS used by a mobile robot for indoor navigation. In the evaluation, three basic alternatives to define the distribution of beacons were considered to see which one was more discriminant, that is, the one with more differences. Statistical differences in the data gathered by the mobile robot, when the localization system is under attack, and when it is not, have been found. It has been also verified that these differences are larger or smaller depending on the location of the beacons.

On Detecting and Removing Superficial Redundancy in Vector Databases

A mathematical model is proposed in order to obtain an automatized tool to remove any unnecessary data, to compute the level of the redundancy, and to recover the original and filtered database, at any time of the process, in a vector database. This type of database can be modeled as an oriented directed graph. Thus, the database is characterized by an adjacency matrix. Therefore, a record is no longer a row but a matrix. Then, the problem of cleaning redundancies is addressed from a theoretical point of view. Superficial redundancy is measured and filtered by using the 1-norm of a matrix. Algorithms are presented by Python and MapReduce, and a case study of a real cybersecurity database is performed.

Expert knowledge and data analysis for detecting advanced persistent threats

Abstract Critical Infrastructures in public administration would be compromised by Advanced Persistent Threats (APT) which today constitute one of the most sophisticated ways of stealing information. This paper presents an effective, learning based tool that uses inductive techniques to analyze the information provided by firewall log files in an IT infrastructure, and detect suspicious activity in order to mark it as a potential APT. The experiments have been accomplished mixing real and synthetic data traffic to represent different proportions of normal and anomalous activity.