Threat Actors and Methods of Attack to Social Robots in Public Spaces
Pages 262 - 273
Abstract
The use of social robots in critical domains such as education and healthcare, as well as in public spaces, raises important challenges in ethics, information governance, cybersecurity, and privacy. Studies have shown that commercial social robots can be compromised, highlighting the need for manufacturers, code developers, operators, and users to prioritize cybersecurity and privacy in the design and development, as well as operational phases. However, anticipating exact sources of cyber-attacks and various attack vectors is very difficult. As a starting point, this study aims to identify and analyze potential threat actors to social robots operating in public spaces, methods of attack that they might use, and vulnerable aspects of social robots to these threats. This study also examines social engineering attacks, and successful methods cybercriminals might use to install various forms of malware on social robots in public spaces.
References
[1]
Kirby R, Forlizzi J, and Simmons R Affective social robots Robot. Auton. Syst. 2010 58 3 322-332
[2]
Chui, M., Chung, R., van Heteren, A.: Using AI to help achieve sustainable development goals (2019)
[3]
Schmiedel, T., Zhong, V.J., Jäger, J.: Value-sensitive design for AI technologies: proposition of basic research principles based on social robotics research. Appl. Med. Manuf. 74
[4]
Leavitt N Mobile phones: the next frontier for hackers? Computer 2005 38 4 20-23
[5]
Abraham S and Chengalur-Smith I An overview of social engineering malware: trends, tactics, and implications Technol. Soc. 2010 32 3 183-196
[6]
Rødsethol, H., Ayele, Y.Z.: Social robots in public space: use case development. In: Proceedings of the 32nd European Safety and Reliability Conference (ESREL 2022) (2022)
[7]
Szor, P.: The Art of Computer Virus Research and Defense: Art Comp Virus Res Defense _p1. Pearson Education (2005)
[8]
Kolodenker, E., Koch, W., Stringhini, G., Egele, M.: Paybreak: defense against cryptographic ransomware. In: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, pp. 599–611 (2017)
[9]
Genç, Z.A., Lenzini, G., Ryan, P.: The cipher, the random and the ransom: a survey on current and future ransomware. Adv. Cybersecur. 2017 (2017)
[10]
Cabaj K and Mazurczyk W Using software-defined networking for ransomware mitigation: the case of cryptowall IEEE Netw. 2016 30 6 14-20
[11]
Lu, L., Yegneswaran, V., Porras, P., Lee, W.: Blade: an attack-agnostic approach for preventing drive-by malware infections. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, pp. 440–450 (2010)
[12]
Roseline SA and Geetha S A comprehensive survey of tools and techniques mitigating computer and mobile malware attacks Comput. Electr. Eng. 2021 92 107143
[13]
Mosteanu, N.R.: Artificial intelligence and cyber security–a shield against cyberattack as a risk business management tool–case of European countries. Qual.-Access Success 21(175) (2020)
[14]
Moallem, A.: Social engineering. In: Human-Computer Interaction and Cybersecurity Handbook, pp. 139–156. CRC Press (2018)
[15]
Krombholz K, Hobel H, Huber M, and Weippl E Advanced social engineering attacks J. Inf. Secur. Appl. 2015 22 113-122
[16]
Harnish R Cybersecurity in the world of social engineering Cybersecur. Our Digit. Lives 2015 2 143
[17]
Stanton, J.M., Stam, K.R.: The Visible Employee: Using Workplace Monitoring and Surveillance to Protect Information Assets–Without Compromising Employee Privacy or Trust. Information Today, Inc. (2006)
[18]
Frye DW Frye DW Email, instant messaging and phishing Network Security Policies and Procedures 2007 Boston Springer 131-152
[19]
Jasper, S.: Strategic Cyber Deterrence: The Active Cyber Defense Option. Rowman & Littlefield (2017)
[20]
Prasad R and Rohokale V Cyber Security: The Lifeline of Information and Communication Technology 2020 Cham Springer
[21]
Scales, P., Aycard, O., Auberge, V.: Studying navigation as a form of interaction: a design approach for social robot navigation methods. In: 2020 IEEE International Conference on Robotics and Automation (ICRA), pp. 6965–6972. IEEE (2020)
[22]
Fan W, Kevin L, and Rong R Social engineering: IE based model of human weakness for attack and defense investigations IJ Comput. Netw. Inf. Secur. 2017 9 1 1-11
[23]
Yan Q and Yu FR Distributed denial of service attacks in software-defined networking with cloud computing IEEE Commun. Mag. 2015 53 4 52-59
[24]
Cheema, A., Tariq, M., Hafiz, A., Khan, M.M., Ahmad, F., Anwar, M.: Prevention techniques against distributed denial of service attacks in heterogeneous networks: a systematic review. Secur. Commun. Netw. 2022 (2022)
[25]
Sood AK and Enbody RJ Targeted cyberattacks: a superset of advanced persistent threats IEEE Secur. Priv. 2012 11 1 54-61
[26]
Virvilis, N., Vanautgaerden, B., Serrano, O.S.: Changing the game: the art of deceiving sophisticated attackers. In: 2014 6th International Conference On Cyber Conflict (CyCon 2014), pp. 87–97. IEEE (2014)
[27]
Goode S and Lacey D Detecting complex account fraud in the enterprise: the role of technical and non-technical controls Decis. Support Syst. 2011 50 4 702-714
[28]
Saxena N, Hayes E, Bertino E, Ojo P, Choo K-KR, and Burnap P Impact and key challenges of insider threats on organizations and critical businesses Electronics 2020 9 9 1460
[29]
Owens, J., Matthews, J.: A study of passwords and methods used in brute-force SSH attacks. In: USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET) (2008)
Recommendations
A survey of detection methods for XSS attacks
AbstractCross-site scripting attack (abbreviated as XSS) is an unremitting problem for the Web applications since the early 2000s. It is a code injection attack on the client-side where an attacker injects malicious payload into a vulnerable ...
Towards a User-centred Security Framework for Social Robots in Public Spaces
EASE '23: Proceedings of the 27th International Conference on Evaluation and Assessment in Software EngineeringThe use of social robots in public spaces is becoming increasingly popular due to their ability to provide personalized services to users. However, the convergence of different technologies and software applications has raised concerns regarding ...
Social engineering attack examples, templates and scenarios
The field of information security is a fast-growing discipline. Even though the effectiveness of security measures to protect sensitive information is increasing, people remain susceptible to manipulation and thus the human element remains a weak link. ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
© The Author(s), under exclusive license to Springer Nature Switzerland AG 2023.
Publisher
Springer-Verlag
Berlin, Heidelberg
Publication History
Published: 23 July 2023
Author Tags
Qualifiers
- Article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 23 Feb 2025