How We Built an AI-powered Multi-terrain Hacking Robot
Before Beryllium gained its name, it started as an experimentation project in our founder’s basement. While we are now a full-blown cybersecurity startup with industry-shaping tools like Nebula Pro, that experimental spirit is still at our core. Every now and then, we build a product just for the fun of it, to keep our creative energy charged. One of those products is Asteroid - an AI-powered, multi-terrain hacking robot designed to conduct cybersecurity missions in challenging environments where human involvement is either unfeasible or hazardous. Continue reading to discover the design logic behind Asteroid, and its potential audience.
Fun Fact: Asteroid’s design was partly inspired by the groundbreaking cybersecurity breach that occurred in 2022, where a financial firm on the U.S. East Coast was hacked using creatively modified consumer drones.
How Was Asteroid Designed?
Initially, it was unclear where we would apply Asteroid but it was clear it would be adaptive and autonomous, with the option for manual human control. As the experiment progressed, and the robot achieved semi-autonomy, its usefulness in cybersecurity became apparent. Once we hit this realization, we developed a distinct goal: to engineer a robot suitable for use in physical penetration testing, particularly in places that could be risky to go (no one wants to get arrested during an engagement, unless you don’t mind). Think of Hollywood celebrities living in isolated mansions, where a tester may be mimicking an intruder. Think of government facilities located in thick forests, where a tester may be simulating a foreign country’s potential attack tactics. The situations we are talking about would be those where drones are not suitable because they can be loud and easily spotted. Asteroid is quiet, operating at 40 decibels at low speeds.
We designed Asteroid with modularity and simplicity in mind. It is important that Asteroid does not have too many components that could present many opportunities for failure. Its perception system is entirely dependent on depth cameras, avoiding the complexity of lasers, ultrasonic sensors, or other similar technologies. Outfitted with seven cameras, this level of redundancy ensures Asteroid reliably provides its user with a thorough view of the testing environment. Furthermore, one of the front-facing cameras is configured to integrate with a virtual reality headset. This feature merges functionality with fun, providing an immersive experience, and allowing users to explore the testing environment through Asteroid’s lens.
For remote operation, Asteroid utilizes a 2.4GHz radio network, capable of functioning over distances up to a mile, which can be extended with through 5G networks. The dual-band network support (2.4GHz and 5G) provides a fail-safe mechanism in case one network encounters issues. Asteroid is equipped with essential tools for wireless penetration testing, featuring a design that is extensible to accommodate diverse needs. It includes a Wifi Pineapple Mark VII, complete with directional antennas, which extends the range at which a target can be engaged for wireless security assessments and comes in handy for deploying rogue access points.
The core of Asteroid's computational power is an Nvidia Jetson AGX Xavier, dedicated to AI operations and vision processing. This advanced processor leverages Arduino micro-controllers and a motor controllers for the seamless execution of low-level tasks. Furthermore, to unify its diverse components and functionalities, Asteroid employs the Robot Operating System (ROS), ensuring efficient coordination and communication across its various systems. This integration underscores Asteroid's sophisticated design, marrying advanced technology with practical utility in the realm of cybersecurity.
Fun Fact: Asteriod is fitted with Nebula Pro, an AI-powered PenTest Assistant, which plays a crucial role in enhancing Asteroid’s capabilities in offensive cybersecurity tasks. This advanced tool brings sophisticated AI algorithms to the forefront, aiding in complex decision-making and analysis during penetration testing.
Who is Asteroid For?
We think Asteroid would appeal to a wide array of security-minded professionals. For security researchers, Asteroid would broaden their operational reach, providing the opportunity to simulate land-based adversarial attacks. Educational institutions would also benefit from using Asteroid, expanding their perspective on the intersection of robotics and cybersecurity. Furthermore, military and police forces could consider its potential for stealthy reconnaissance in hostile environments.
Question: How would you use Asteriod? Let us know in the comments. We’ll read every response and possibly invite you for future development sessions.
What’s Next?
If you made it this far, you’ve just finished Part 1 of this five-post series. We’ve introduced you to Asteroid, discussed our design logic, and raised potential user groups. Here’s a glimpse of what's to come:
Part 2 - Advanced Mobility and Environmental Adaptation: we'll dive into Asteroid's all-terrain mobility, focusing on its tracked design and how it navigates diverse environments. We'll also explore its ability to understand its environment and detect obstacles, showcasing practical use cases.
Part 3 - Rogue Network Deployment and Directional Antennas: we’ll discuss the strategic deployment of rogue networks, the role of directional antennas in this process, and the ethical considerations involved. We'll also present operational scenarios to illustrate the effectiveness of these features in real-world applications.
Part 4 - Control Mechanisms and Virtual Reality Integration: we'll detail Asteroid's control options, including 5G, radio, and WiFi, and delve into its VR integration. Here, we’ll dive deeper into user experience and how these features enhance usability.
Part 5 - AI-Powered Ethical Hacking Tools and Future Developments: finally, we'll elaborate on the AI tools integrated with Asteroid, highlight its ability to conduct cybersecurity operations autonomously, discuss the ethical implications of using such technology in hacking, and look ahead to potential future developments.
By the end of this series, our aim is for you to have a comprehensive understanding of Asteroid, enough to suggest improvements or other potential applications. We hope you join in on this exciting exploration, as we uncover and discuss the usefulness of AI in cybersecurity.
