Most of the communication protocols in the Industrial Control System (ICS) are vulnerable to cyber-attacks. Initially, the network protocol was designed for reliable performance, and thus did not incorporate data transmission security features. Therefore, ICS requires adequate data transmission security. This paper suggests improving the security of data transmission through a dynamic symmetric four-key-generators system, wherein the system anticipates cyberattacks by generating four keys before encryption. It involves four generators: a random initial key generator, a keystream generator, a key scheduling algorithm generator, and a pseudo-random number algorithm generator. In the receiver section, the system generates three keys before decryption to ensure data confidentiality and to avoid cyberattacks. The test results show that the proposed system keyspace is ≈22048 bits, meaning that the key is more secure from brute force attacks. As a result, the cipher data have a correlation value of 0.00007. The entropy value is 7.99, indicating that the cipher data is more secure. Also, speed tests show that the processing time still qualifies as realtime.
Background
Data transmissions using the DNP3 protocol over the internet in SCADA systems are vulnerable to interruption, interception, fabrication, and modification through man-in-the-middle (MITM) attacks. This research aims to improve the security of DNP3 data transmissions and protect them from MITM attacks.
Methods
This research describes a proposed new method of improving DNP3 security by introducing BRC4 encryption. This combines Beaufort encryption, in which plain text is encrypted by applying a poly-alphabetic substitution code based on the Beaufort table by subtracting keys in plain text, and RC4 encryption, a stream cipher with a variable-length key algorithm. This research contributes to improving the security of data transmission and accelerating key generation.
Results
Tests are carried out by key space analysis, correlation coefficient analysis, information entropy analysis, visual analysis, and time complexity analysis.The results show that to secure encryption processes from brute force attacks, a key of at least 16 characters is necessary. IL data correlation values were IL1 = −0.010, IL2 = 0.006, and IL3 = 0.001, respectively, indicating that the proposed method (BRC4) is better than the Beaufort or RC4 methods in isolation. Meanwhile, the information entropy values from IL data are IL1 = 7.84, IL2 = 7.98, and IL3 = 7.99, respectively, likewise indicating that the proposed method is better than the Beaufort or RC4 methods in isolation. Both results also show that the proposed method is secure from MITM attacks. Visual analysis, using a histogram, shows that ciphertext is more significantly distributed than plaintext, and thus secure from MITM attacks. The time complexity analysis results show that the proposed method algorithm is categorized as linear complexity.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.