=Paper=
{{Paper
|id=Vol-3676/BISEC_paper_1
|storemode=property
|title=None
|pdfUrl=https://ceur-ws.org/Vol-3676/short_01.pdf
|volume=Vol-3676
|authors=Adrián Campazas-Vega,Alberto Miguel-Diez,Mario Hermida-López,Claudia Álvarez-Aparicio,Ignacio Samuel Crespo-Martínez,Ángel Manuel Guerrero-Higueras
}}
==None==
https://ceur-ws.org/Vol-3676/short_01.pdf
Cybersecurity Issues in Robotic Platforms
Adrián Campazas-Vega1,* , Alberto Miguel-Diez1 , Mario Hermida-López1 ,
Claudia Álvarez-Aparicio1 , Ignacio Samuel Crespo-Martínez1 and
Ángel Manuel Guerrero-Higueras1
1
Grupo de Robótica de la Universidad de León, Campus de Vegazana, 24071 León, Spain
Abstract
The use of robots has increased dramatically in recent years. Currently, there are multiple types of robots, from service robots,
designed to help people in any kind of environment (home, work, hospitals...), to quadruped platforms, developed for critical
infrastructures or the military field. Security in those platforms is crucial, since robots present vulnerabilities, they can pose a
risk to both their integrity and that of the people/objects around them. In this work, a security evaluation of the Unitree A1, a
quadruped robot, and the humanoid robot Pepper has been carried out, to know the security flaws that may be present, as
well as the implications that it may have for the user, the environment, or the integrity of the robot. The final goal of the
work is that the vulnerabilities found will be taken into account by other researchers or companies that develop that kind of
robot and take into account those security problems.
Keywords
Pentesting, robot, security, Unitree A1, Pepper
1. Introduction In addition to their civilian applications, these robots are
actively utilized in the military domain [2]. Similarly, the
The use of robots has exponentially increased in the last use of service robots has also significantly increased in
decade. Throughout the year 2022, the utilization and recent years. These robots are designed to interact and
deployment of industrial robots increased by 40% in the communicate with humans to assist in the completion of
United States and 6% in Spain, according to the Spanish everyday tasks.
Association of Robotics (AER) [1]. Industrial robotics has Similarly, to other types of devices, cybersecurity in
traditionally focused on the precise repetition of tasks, robotic environments is an important aspect that be-
surpassing the capabilities of a human being. However, comes critical when a robot is involved in highly sensitive
in recent years, there has been a particular emphasis tasks or interacts with people. Many issues with these
on the development of robotic platforms capable of per- platforms arise because manufacturers often prioritize
forming tasks that are difficult or dangerous for humans. manufacturing cost or design over conducting product
In this regard, the most impactful robotic platforms are security testing [3]. In addition to the lack of device se-
quadruped robots. These robots are characterized by sup- curity by manufacturers, it is worth noting that most of
porting their weight on four legs, typically mimicking the these robotic platforms are "plug and play," meaning that
morphology of a dog. The design of these devices offers end users often do not pay proper attention to configur-
advantages over bipedal robots due to their versatility ing the device correctly. This includes changing default
in adapting to various types of terrains. The characteris- passwords, which poses an additional security challenge.
tics of quadruped robots enable them to undertake tasks This paper aims to address some of the security issues
considered challenging or hazardous for humans. These presented by both quadruped robotic platforms and so-
tasks include bomb inspection and deactivation, radia- cial robots. Specifically, a security evaluation has been
tion detection, and critical infrastructure maintenance. conducted on the quadruped robot Unitree A1 and the
semi-humanoid robot Pepper, with the objective of iden-
BISEC’23: 14th International Conference on Business Information
tifying potential vulnerabilities and risks that could affect
Security, November 24, 2023, Niš, Serbia
*
Corresponding author. both humans and the robot itself, as well as the environ-
$ acamv@unileon.es (A. Campazas-Vega); ment in which it is deployed. The severity of the discov-
amigud00@estudiantes.unileon.es (A. Miguel-Diez); ered vulnerabilities has been assessed using the CVSSv3
mherml00@estudiantes.unileon.es (M. Hermida-López); (Common Vulnerability Scoring System version 3) stan-
calvaa@unileon.es (C. Álvarez-Aparicio); icrem@unileon.es
dard. This work and the methods employed can serve as
(I. S. Crespo-Martínez); am.guerrero@unileon.es
(Á. M. Guerrero-Higueras) a starting point for other researchers interested in eval-
� 0000-0001-8237-5962 (A. Campazas-Vega); 0000-0002-7465-8054 uating the security risks of other models of quadruped
(C. Álvarez-Aparicio); 0000-0002-3154-0144 (I. S. Crespo-Martínez); robots and social robots.
0000-0001-8277-0700 (Á. M. Guerrero-Higueras) The rest of the article is organized as follows: In Sec-
© 2024 Copyright for this paper by its authors. Use permitted under Creative Commons License
Attribution 4.0 International (CC BY 4.0). tion 2, related works are presented. Section 3 introduces
CEUR
Workshop
Proceedings
http://ceur-ws.org
ISSN 1613-0073
CEUR Workshop Proceedings (CEUR-WS.org)
CEUR
ceur-ws.org
Workshop ISSN 1613-0073
Proceedings
�the architecture and characteristics of the robots Unitree
A1 and Pepper, along with the method for assessing the
severity of discovered vulnerabilities. Section 4 provides
details on the various experiments conducted and the
implications of exploiting the vulnerabilities in a real-
world environment. Finally, Section 5 offers the current
conclusions.
2. Related Works
Despite the growing popularity of quadruped robots,
there is limited research on the cybersecurity of these
robots. Most research in this field focuses on the physical
security of robots, such as collision prevention [4] and sta-
bility on different terrains [5]. However, there are some
works that examine overall security in robotic devices. In
[6], the authors analyzed potential security issues that dif-
ferent types of robots might have and listed some generic
recommendations that could be implemented to enhance
the overall security of robotics. One of the conclusions
reached by the authors is that cyberattacks on robots
Figure 1: Unitree A1 of the Robotics Group of the University
used in critical infrastructures and military environments of León.
are the most damaging and dangerous. It’s important to
note that the current use of quadruped robots primar-
ily focuses on these two areas. Another work related
to robotic security is presented in [3]. In this work, the 3.1. Unitree A1
authors identified security threats in the field of robotics,
As mentioned in Section 1, to conduct the cybersecurity
classified them based on the affected layer of the robot’s evaluation of quadruped robots, the Unitree A1 robot, as
architecture, and analyzed their impact and potential shown in Figure 1, has been utilized. The Unitree A1 is
countermeasures. Other works, such as [7] and [8], dis- manufactured by Unitree Robotics, a Chinese company
cuss security issues associated with ROS (Robot Operat- that has been producing quadruped devices since 2016
ing System). ROS is a set of software libraries and tools [10].
that help create applications for robots. While Pepper The Unitree A1 robot can reach a maximum speed of
and Unitree A1 do not come with ROS by default, it is 3.3 m/s at a particular moment and can carry objects with
possible to install ROS on the latter. a maximum weight of 5 kg. Additionally, it is equipped
Finally, regarding the specific analysis of the Pepper with sensors that enable it to maintain proper balance
robotic platform, in [9], the authors conducted a security during operation, preventing the robot from falling on
evaluation of the semi-humanoid robot "Pepper" from uneven terrain. The device has a battery life ranging
SoftBank Robotics. The authors demonstrated that this from 1 to 2.5 hours, depending on the mode in which it
robot had critical vulnerabilities that needed to be ad- is used [11].
dressed by the manufacturer. This article expands on Regarding the cameras and sensors, the Unitree A1 is
the work done in [9], confirming that years later, the equipped with a RealSense camera [12], located on its
vulnerabilities identified by the authors still exist and "head." This camera features a depth sensor that utilizes
uncovering new vulnerabilities in the platform. a combination of infrared and laser technologies to mea-
sure the distance between objects and the camera. This
enables it to capture 3D images and detect objects in real-
3. Materials and Methods time. In the field of robotics, these types of cameras are
In this section, the characteristics of the robots analyzed used to implement autonomous functions in the robot,
in this work are presented. Additionally, the methodol- allowing it to navigate around obstacles and create a 3D
ogy used to conduct the experiments and the evaluation map of the area in which the robot is deployed [13, 14].
method for these experiments are described. At the connectivity level, the quadruped robot has sev-
eral ports on the upper part of its "body" that the user
can utilize to interact with various interfaces of the robot.
These connections include four USB ports, two HDMI
�ports, and two Ethernet ports.
Teleoperation of the robot can be performed using a
mobile application developed by the manufacturer or
by using the controller that comes with the robot. The
controller includes two joysticks and a directional pad
(D-pad) for easy robot maneuvering. According to the
manual, the controller connects directly to the robot’s
control board via radio frequency. On the other hand,
Unitree’s mobile application is compatible with both iOS
and Android devices. The app allows users to control the
robot, view the real-time camera feed, and utilize a simu-
lator of the Unitree A1. However, despite the robot being
available for commercial use since 2020, some features
of the app may not work correctly or require specific pa-
rameter configurations. Furthermore, Unitree provides
users with a Software Development Kit (SDK) to develop
custom code for the robot. This SDK enables developers
to create their own applications and functionalities for
the Unitree A1.
3.2. Pepper
Pepper is the world’s first social humanoid robot capable
of recognizing human faces and basic emotions. It is
optimized for interaction and can engage with people Figure 2: Appearance of the Pepper service robot.
through conversation or its touchscreen interface. Pepper
is designed for intuitive and natural interaction. It finds
common applications in various fields such as hospitality, between 0.1 and 3.9 is considered to have low severity.
retail, healthcare, education, entertainment, and personal Vulnerabilities with a score between 4.0 and 6.9 are classi-
assistance. Its appearance is depicted in Figure 2. fied as having moderate severity. Finally, vulnerabilities
Pepper has 20 degrees of freedom to achieve more nat- with a score between 7.0 and 10.0 are considered to have
ural and expressive movements. Additionally, it features high severity. This scoring system provides a clear way
voice recognition available in 15 languages and percep- to assess the seriousness of vulnerabilities and helps or-
tion modules to recognize and interact with the person ganizations prioritize their remediation efforts.
in front of it. In terms of physical sensors, the robot CVSS defines metrics to assess the likelihood that a
is equipped with touch sensors, LEDs, microphones for vulnerability will be exploited. The metrics defined by
multimodal interaction, infrared sensors, bumpers, an in- the CVSSv3 standard can be seen in Table 1.
ertial unit, and 2D and 3D cameras to enable autonomous
and omnidirectional navigation. Pepper provides an API
that allows for the development of custom applications 3.4. Methodology
and functionalities for this robotic platform. The methodology used for the analysis of robotic plat-
forms is similar to that employed in conventional com-
3.3. Evaluation puter systems. Below, we outline the three stages carried
out to assess the security of the Unitree A1 robot and the
To assess the severity of the discovered vulnerabilities, Pepper service robot:
the Common Vulnerability Scoring System (CVSS) ver-
sion 3 has been employed [15]. CVSS, or Common Vul- • Information Gathering: In this step, informa-
nerability Scoring System, is an open and widely used tion is collected about the robotic platform, in-
framework that defines metrics for communicating the cluding the type of hardware and sensors used
characteristics, impact, and severity of vulnerabilities af- by the device, the operating system it runs on,
fecting security elements. It provides a standardized way the services it executes, and the nature of the
to evaluate and communicate the seriousness of security communications that take place.
vulnerabilities. • Vulnerability Analysis: Tests are conducted
CVSSv3 categorizes vulnerabilities with a numerical to identify vulnerabilities in the robotic system.
value between 0 and 10. A vulnerability with a score This analysis encompasses both hardware and
�Table 1
Metrics associated with the CVSS vector in version 3
Symbol Description
AV Attack Vector: Determines how the vulnerability can be exploited, assessing the accessibility requirements.
The values of this metric are:
• Network (N)
• Adjacent (A)
• Local (L)
• Physical (P)
AC Attack Complexity: Determines the attack complexity required to make use of the vulnerability. The values
of this metric are:
• Low (L)
• High (H)
PR Privileges Required: Determines the level of privileges an attacker must have before he can successfully
exploit a vulnerability. The values of this metric are:
• None (N)
• Low (L)
• High (H)
UI User Interaction: Determines if user intervention is necessary for successful exploitation of the vulnerability.
The levels of this metric are:
• None (N)
• Required (R)
S Scope: Determines whether successful exploitation of the vulnerability can indirectly affect other components
outside the scope of the system or application. The values of this metric are as follows:
• Unchanged (U)
• Changed (C)
C Confidentiality Impact: Confidentiality is the ownership of a document, message or data that is only
authorized to be read or understood by certain persons or entities. The values of this metric are as follows:
• None (N)
• Low (L)
• High (H)
I Integrity Impact: Integrity is the property of a document, message or data that guarantees the veracity of
the information. The values for this metric are as follows:
• None (N)
• Low (L)
• High (H)
D Availability Impact: Availability is the property of a system, service, or application that is accessible without
impediments. The values for this metric are as follows:
• None (N)
• Low (L)
• High (H)
software aspects, as well as the systems deployed vulnerabilities. All vulnerabilities listed below are associ-
by the robot. ated with an impact vector generated using the CVSSv3
• Exploitation of Identified Vulnerabilities: Fi- standard, as discussed in Section 3. The discovered vul-
nally, identified vulnerabilities are exploited to de- nerabilities, which are explained below, are presented in
termine the extent to which these security flaws Table 2.
pose a risk to the safety of the robot itself and its
surrounding environment. 4.1. Common vulnerabilities in both
robots
4. Experimentation and Discussion In this subsection, we present the vulnerabilities that are
The evaluation conducted on these robots aims to iden- common to both robots.
tify vulnerabilities that may be present in the devices and
could be extrapolated to other robotic platforms. The fol-
lowing will demonstrate how both robots share common
�Table 2
Vulnerabilities of the evaluated robots
Vulnerability Impact Robot
Lack of protection against brute force attacks in SSH protocol High Unitree A1
Pepper
Lack of verification against MiTM attack High Unitree A1
Pepper
Denial of service to the robot’s Web server Moderate Unitree A1
Pepper
Unsecured physical ports High Unitree A1
Web server without authentication Moderate Unitree A1
API access without authentication High Pepper
Communication with the web server without encryption Moderate Pepper
4.1.1. Lack of protection against brute force
attacks in SSH protocol
One way to access the embedded computers inside the
robot is through the SSH protocol. This connection al-
lows for configuring certain aspects of the robot, such
as the AP password, and even controlling the robot us-
ing the installed SDK. Both the Unitree A1 robot and
Pepper do not implement security measures to prevent Figure 3: On the left, view of the teleoperator after being
brute-force attacks on the SSH servers installed in the attacked. On the right, real image of the robot’s situation.
robot. To verify that the SSH servers are vulnerable to
dictionary attacks or brute-force attacks, the open-source
tool Hydra has been used [16].
If an attacker gains access to the robot’s internal com- actual situation, potentially enabling an attacker to cause
puters, they could potentially control the robot remotely harm to the robot itself or its surrounding environment.
and even delete system files, rendering the device inop- To exploit this vulnerability, an ARP Spoofing attack
erable. Furthermore, since the default password for both was conducted using the "arpspoof" tool [17]. This at-
devices is considered insecure today and is present in tack is considered one of the most dangerous on LAN
a wide range of online dictionaries, this vulnerability is networks [18]. The attacker manipulates both the robot’s
deemed severe with a score of 9 and the following CVSS and the victim’s ARP tables, associating their MAC ad-
vector: AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H. dress with the victim’s IP address, thereby redirecting
all traffic to a machine controlled by the attacker. Subse-
quently, the attacker redirects the traffic arriving from
4.1.2. Lack of verification against MiTM attack
the user to a web server identical to the robot’s but un-
Neither the quadruped robot Unitree A1 nor the social der the attacker’s control. In this case, the web server
robot Pepper implement security measures to prevent deployed by the Unitree is MJPG-Streamer, which is pub-
an attacker with access to the robot’s network from per- licly available on GitHub [19].
forming a Man-in-the-Middle (MitM) attack. This would The consequences of such attacks can be critical in
allow the attacker to intercept unencrypted communica- certain environments. For instance, in Figure 3, can see
tions and manipulate them at will. Here’s an example of that the person operating the robot perceives an obstacle-
the vulnerability in the Unitree A1 robot: The A1 robot free corridor, while in reality, the robot is in a hazardous
deploys a web server that serves images from the robot’s situation near a set of stairs.
camera, allowing an operator to teleoperate the device This vulnerability has a high impact with a score
remotely. of 8.0 and the following associated CVSSv3 vector:
An attacker who has access to the network deployed by AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. A video has
the robot can carry out a MitM attack, altering the video been created to replicate the experiment performed [20].
transmission from the robot’s camera with another feed
controlled by the attacker, without the victim noticing 4.1.3. Denial of service to the robot’s Web server
any difference. If the robot is used in critical situations,
the operator controlling the robot will not perceive the The web servers deployed by both robots are vulnerable
to denial-of-service (DoS) attacks. The process to exe-
� simply by plugging them in. These devices are referred to
as Rubber Ducky [21]. Furthermore, the exposure of USB
ports also makes the robot vulnerable to attacks carried
out with a USB killer device [22]. This type of device dis-
charges a high-voltage surge, damaging the components
of the connected device. This vulnerability has a high
impact with a score of 7.5, and the associated CVSSv3
vector is AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L.
4.2.2. Web server without authentication
Access to the live video feed from the robot’s camera
does not have an authentication system. Therefore, any
user connected to the network emitted by the robot can
view the real-time image either through the device’s web
server or via the mobile application. To be considered
secure, this functionality should require authentication.
This vulnerability has a moderate impact with
a score of 5.7 and the following CVSSv3 vector:
AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.
4.3. Pepper robot vulnerabilities
In this section, the vulnerabilities that exclusively affect
the social robot Pepper are presented.
Figure 4: Top view of Unitree A1.
4.3.1. API access without authentication
The API implemented by Pepper allows for complete
cute this attack is quite similar to the previous one, as it control of the device. Access to the API occurs without
relies on the ARP Spoofing technique in both cases. To any form of authentication, so an attacker only needs
exploit this vulnerability, the attacker must manipulate to be on the same network as the robot. Interaction
the victim’s and robot’s ARP tables to intercept traffic. with the API is done through port 9559 using the Python
Once the attack is successfully carried out, all packets programming language, although C++ and Java are also
are received by the attacker, who will then discard these supported.
packets, causing the legitimate user to lose the connec- This vulnerability has a high impact with a
tion to the web server. This vulnerability has a moderate score of 7.5, and the associated CVSSv3 vector is:
impact with a score of 5.7 and the following associated AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSSv3 vector: AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.
4.3.2. Communication with the web server
4.2. Unitree A1 robot vulnerabilities without encryption
This section shows vulnerabilities that exclusively affect The web server used by the robot utilizes unencrypted
the Unitree A1 robot. HTTP communication. An attacker connected to the net-
work can sniff the traffic and obtain the access credentials
4.2.1. Unsecured physical ports for the web server, as depicted in Figure 5.
This vulnerability has a moderate impact with
Figure 4 shows the port distribution of the robot. The
a score of 6.5 and the following CVSSv3 vector:
main vulnerability lies in the fact that the robot does
AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N.
not request any form of authentication when connected
through the provided ports.
The lack of authentication poses several security im- 5. Conclusions
plications, even without connecting standard input and
output devices such as a keyboard and monitor. Cur- The use of robotics is becoming increasingly widespread;
rently, there are USB-like devices that function as input however, it is essential that progress in this field is accom-
and output devices, enabling the execution of commands
�Figure 5: Capture of Pepper’s traffic showing the robot’s plaintext credentials.
panied by a thorough review of potential vulnerabilities ropean Union NextGenerationEU/PRTR.
in these devices.
In this work, a security evaluation has been conducted
on the quadruped robot Unitree A1 and the service robot References
Pepper. Several potential vulnerabilities have been iden-
[1] A. E. de Robótica y Automatización, La impor-
tified that could be exploited by an attacker to gain unau-
tancia de la ciberseguridad en la industria 4.0,
thorized access to the robot or control its movements and
https://www.aer-automation.com/wp-content/
actions. For each of the vulnerabilities discovered in this
uploads/2023/01/Ciberseguridad_AERPaper.pdf,
work, a Common Vulnerabilities and Exposures (CVE)
2023.
has been requested. The CVE program’s mission is to
[2] K. Geldenhuys, Killer robots are real, Servamus
identify, define, and catalog publicly disclosed cyberse-
Community-based Safety and Security Magazine
curity vulnerabilities.
116 (2023) 20–22.
To continue advancing in the field of robotics, it is
[3] G. W. Clark, M. V. Doran, T. R. Andel, Cybersecurity
necessary to implement security measures such as user
issues in robotics, in: 2017 IEEE conference on
authentication and authorization, encryption of device
cognitive and computational aspects of situation
communications, and regular security testing to detect
management (CogSIMA), IEEE, 2017, pp. 1–5.
and address potential vulnerabilities in the software of
[4] R. Singh, T. Bera, Walking model of jansen
various robotic platforms. It is important to emphasize
mechanism-based quadruped robot and application
that the cybersecurity of quadruped and social robots is
to obstacle avoidance, Arabian Journal for Science
a critical issue that must be addressed by manufacturers,
and Engineering 45 (2020) 653–664.
developers, and users of these devices to ensure their
[5] Y. H. Lee, Y. H. Lee, H. Lee, L. T. Phan, H. Kang,
proper functioning and protect them against potential
U. Kim, J. Jeon, H. R. Choi, Trajectory design and
malicious attacks that could pose a security risk to the
control of quadruped robot for trotting over obsta-
robot itself or to people in its vicinity.
cles, in: 2017 IEEE/RSJ International Conference on
Intelligent Robots and Systems (IROS), IEEE, 2017,
Acknowledgment pp. 4897–4902.
[6] C. Cerrudo, L. Apa, Hacking robots before skynet,
This research has been partially supported un- IOActive Website (2017) 1–17.
der the grant PID2021-126592OB-C21 funded [7] S.-Y. Jeong, I.-J. Choi, Y.-J. Kim, Y.-M. Shin, J.-H.
by MCIN/AEI/10.13039/501100011033 and by Han, G.-H. Jung, K.-G. Kim, A study on ros vulnera-
ERDF A way of making Europe and under bilities and countermeasure, in: Proceedings of the
the Grant TED2021-132356B-I00 funded by Companion of the 2017 ACM/IEEE International
MCIN/AEI/10.13039/501100011033 and by the "Eu-
� Conference on Human-Robot Interaction, 2017, pp.
147–148.
[8] R. White, D. H. I. Christensen, D. M. Quigley,
Sros: Securing ros over the wire, in the graph, and
through the kernel, arXiv preprint arXiv:1611.07060
(2016).
[9] A. Giaretta, M. De Donno, N. Dragoni, Adding
salt to pepper: A structured security assessment
over a humanoid robot, in: Proceedings of the 13th
International Conference on Availability, Reliability
and Security, 2018, pp. 1–8.
[10] U. Robotics, Unitree, https://m.unitree.com/, 2022.
[11] U. Robotics, Unitree a1 user manual,
https://www.mybotshop.de/Datasheet/
UnitreeA1_User_Manual_v1.0.pdf/, 2020.
[12] F. L. Siena, B. Byrom, P. Watts, P. Breedon, Utilising
the intel realsense camera for measuring health
outcomes in clinical research, Journal of medical
systems 42 (2018) 1–10.
[13] J. Bayer, J. Faigl, On autonomous spatial exploration
with small hexapod walking robot using tracking
camera intel realsense t265, in: 2019 European
Conference on Mobile Robots (ECMR), IEEE, 2019,
pp. 1–6.
[14] J. Hu, Y. Niu, Z. Wang, Obstacle avoidance methods
for rotor uavs using realsense camera, in: 2017
Chinese Automation Congress (CAC), IEEE, 2017,
pp. 7151–7155.
[15] INCIBE, Métricas de evaluación de vulnerabilidades:
Cvss 3.0, https://.incibe-cert.es/blog/cvss3-0/, 2023.
[16] V. Hauser, Hydra, https://github.com/
vanhauser-thc/thc-hydra/, 2022.
[17] D. Song, arpspoof - intercept packets on a switched
lan, https://manpages.ubuntu.com/manpages/
bionic/man8/arpspoof.8.html, 2022.
[18] G. Jinhua, X. Kejian, Arp spoofing detection algo-
rithm using icmp protocol, in: 2013 International
Conference on Computer Communication and In-
formatics, IEEE, 2013, pp. 1–6.
[19] jacksonliam, Servidor web mjpg-streamer, https:
//github.com/jacksonliam/, 2021.
[20] A. Miguel, Ataque man in the middle al unitree a1,
https://bit.ly/3JGCGDl, 2023.
[21] INCIBE, Rubber ducky, ¿una simple memo-
ria usb?, https://www.incibe.es/empresas/blog/
rubber-ducky-simple-memoria-usb, 2023.
[22] O. Angelopoulou, S. Pourmoafi, A. Jones, G. Sharma,
Killing your device via your usb port, in: Proceed-
ings of the Thirteenth International Symposium on
Human Aspects of Information Security & Assur-
ance (HAISA 2019), The Centre for Security, Com-
munications and Network Research (CSCAN), 2019,
pp. 61–72.
�