7 research outputs found
Stealthy Deception Attacks Against SCADA Systems
SCADA protocols for Industrial Control Systems (ICS) are vulnerable to
network attacks such as session hijacking. Hence, research focuses on network
anomaly detection based on meta--data (message sizes, timing, command
sequence), or on the state values of the physical process. In this work we
present a class of semantic network-based attacks against SCADA systems that
are undetectable by the above mentioned anomaly detection. After hijacking the
communication channels between the Human Machine Interface (HMI) and
Programmable Logic Controllers (PLCs), our attacks cause the HMI to present a
fake view of the industrial process, deceiving the human operator into taking
manual actions. Our most advanced attack also manipulates the messages
generated by the operator's actions, reversing their semantic meaning while
causing the HMI to present a view that is consistent with the attempted human
actions. The attacks are totaly stealthy because the message sizes and timing,
the command sequences, and the data values of the ICS's state all remain
legitimate.
We implemented and tested several attack scenarios in the test lab of our
local electric company, against a real HMI and real PLCs, separated by a
commercial-grade firewall. We developed a real-time security assessment tool,
that can simultaneously manipulate the communication to multiple PLCs and cause
the HMI to display a coherent system--wide fake view. Our tool is configured
with message-manipulating rules written in an ICS Attack Markup Language (IAML)
we designed, which may be of independent interest. Our semantic attacks all
successfully fooled the operator and brought the system to states of blackout
and possible equipment damage
Total synthesis and medicinal chemistry of antibacterial cyclic peptides
. As Supervisory Control and Data Acquisition (SCADA) systems control severalcritical infrastructures, they have connected to the internet. Consequently,SCADA systems face different sophisticated types of cyber adversaries. Thispaper suggests a Probability Risk Identification based Intrusion DetectionSystem (PRI-IDS) technique based on analysing network traffic of Modbus TCP/IPfor identifying replay attacks. It is acknowledged that Modbus TCP is usuallyvulnerable due to its unauthenticated and unencrypted nature. Our technique isevaluated using a simulation environment by configuring a testbed, which is acus- tom SCADA network that is cheap, accurate and scalable. The testbed isexploited when testing the IDS by sending individual packets from an attackerlocated on the same LAN as the Modbus master and slave. The experimentalresults demonstrated that the proposed technique can effectively andefficiently recognise replay attacks