Featured Video
This Week in Quality Digest Live
Innovation Features
Rob Matheson
Algorithm makes the process of comparing 3D scans up to 1,000 times faster
Richard Wilson
Make sure your mobile QMS has these four features
Manufacturing Extension Partnership MEP
TechHelp can help inventors turn ideas into 3D CAD drawings, prototypes, a finished product
Dirk Dusharme @ Quality Digest
UPS becomes manufacturer, distributed management, and moonshine.
J. B. Silvers
Eliminate the middlemen

More Features

Innovation News
Other exhibits will feature machine tools to demonstrate tool setting, probing, machine monitoring, and robotic gauging
The custom-built, 727 cu in. Hemi engine will be raffled to support Victory Junction children’s camp
At annual entrepreneurship competition, eight teams pitched business ideas, and three took home cash prizes
Neuroscientists train a deep neural network to analyze speech and music
Preparing your organization for the new innovative culture
IoT solution includes advanced lab testing and real-world crowd testing
New system patches security holes left open by web browsers’ private-browsing functions
125 strategies to achieve maximum confidence, clarity, certainty, and creativity
MIT awards more than $1 million to organizations creating greater economic opportunity for workers

More News

Georgia Tech News Center

Innovation

HoneyBot Lures in Digital Troublemakers

A robot designed to defend factories against cyber threats

Published: Tuesday, April 10, 2018 - 12:02

It’s small enough to fit inside a shoebox, yet this robot on four wheels has a big mission: keeping factories and other large facilities safe from hackers.

Meet the HoneyBot. Developed by a team of researchers at the Georgia Institute of Technology, the diminutive device is designed to lure in digital troublemakers who have set their sights on industrial facilities. HoneyBot will then trick the bad actors into giving up valuable information to cybersecurity professionals.

Cybersecurity experts have a new tool in the fight against hackers: a decoy robot. Researchers at Georgia Tech built the “HoneyBot” to lure hackers into thinking they have taken control of a robot, but instead the robot gathers valuable information about the bad actors, helping businesses better protect themselves from future attacks.

The decoy robot arrives as more and more devices—never designed to operate on the internet—are coming online in homes and factories alike, opening up a new range of possibilities for hackers looking to wreak havoc in both the digital and physical worlds.

“Robots do more now than they ever have, and some companies are moving forward with not just the assembly line robots, but free-standing robots that can actually drive around factory floors,” says Raheem Beyah, the Motorola Foundation Professor and interim Steve W. Chaddick School Chair in Georgia Tech’s School of Electrical and Computer Engineering. “In that type of setting, you can imagine how dangerous this could be if a hacker gains access to those machines. At a minimum, the person could cause harm to whatever products are being produced. If it’s a large enough robot, it could destroy parts or the assembly line. In a worst-case scenario, it could injure or cause death to the humans in the vicinity.”

Internet security professionals have long employed decoy computer systems known, as “honeypots,” as a way to throw cyber attackers off the trail. The research team applied the same concept to the HoneyBot, which is partially funded with a grant from the National Science Foundation. Once hackers gain access to the decoy, they leave behind valuable information that can help companies further secure their networks.

“A lot of cyber attacks go unanswered or unpunished because there’s this level of anonymity afforded to malicious actors on the internet, and it’s hard for companies to say who is responsible,” says Celine Irvene, a Georgia Tech graduate student who worked with Beyah to devise the new robot. “Honeypots give security professionals the ability to study the attackers, determine what methods they are using, and figure out where they are or potentially even who they are.”

The gadget can be monitored and controlled through the internet. But unlike other remote-controlled robots, the HoneyBot’s special ability is tricking its operators into thinking it is performing one task, when in reality it’s doing something completely different.

“The idea behind a honeypot is that you don’t want the attackers to know he’s in a honeypot,” says Beyah. “If the attacker is smart and is looking out for the potential of a honeypot, maybe they’d look at different sensors on the robot, like an accelerometer or speedometer, to verify that the robot is doing what it had been instructed. That’s where we would be spoofing that information as well. The hacker would see from looking at the sensors that acceleration occurred from point A to point B.”

In a factory setting, such a HoneyBot robot could sit motionless in a corner, springing to life when a hacker gains access—a visual indicator that a malicious actor is targeting the facility.

Rather than allowing the hacker to then run amok in the physical world, the robot could be designed to follow certain commands deemed harmless—such as meandering slowly about or picking up objects—but stopping short of actually doing anything dangerous.

So far, the technique seems to be working.

In experiments designed to test how convincing the false sensor data would be to individuals remotely controlling the device, volunteers in December 2017 used a virtual interface to control the robot and could not to see what was happening in real life. To entice the volunteers to break the rules, at specific spots within the maze, they encountered forbidden “shortcuts” that would allow them to finish the maze faster.

In the real maze back in the lab, no shortcut existed, and if the participants opted to go through it, the robot instead remained still. Meanwhile, the volunteers—who have now unwittingly become hackers for the purposes of the experiment—were fed simulated sensor data indicating they passed through the shortcut and continued along.

“We wanted to make sure they felt that this robot was doing this real thing,” Beyah said.

In surveys after the experiment, participants who actually controlled the device the whole time and those who were being fed simulated data about the fake shortcut both indicated that the data were believable at similar rates.

“This is a good sign because it indicates that we’re on the right track,” says Irvene.

Discuss

About The Author

Georgia Tech News Center’s picture

Georgia Tech News Center

Georgia Tech News Center features articles, photographs, and video about research, innovation, and current events prepared by the Institute Communications staff. Sign up for news RSS feeds for access to its latest news. You can also monitor its Twitter feed. Located in Atlanta, Georgia, the Georgia Institute of Technology is a leading research university committed to improving the human condition through advanced science and technology.