Cyber threats and defence approaches in SCADA systems

Kang, Dong-Ho; Kim, Byoungkoo; Na, Jung-Chan

doi:10.1109/icact.2014.6778974

Cited by 17 publications

(7 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This appliance monitors incoming and outgoing packets and allows them to route or drop based on filtering rules using layer three and four on OSI model. [8] An application firewall (or proxy server) is placed between a client application and a server, acting as an intermediary never allowing a direct connection between them. [3] The application firewall adds the capability of examining specific application traffic, such as FTP services, OPC servers or others.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Smart Behavioural Filter for Industrial Internet of Things

Corbò¹,

Foglietta²,

Palazzo³

et al. 2017

Mobile Netw Appl

View full text Add to dashboard Cite

We are currently experiencing the fourth industrial revolution. This is what the German government initiative, first, has identified with 'Industry 4.0'. The manufacturing future will be marked and will go through the new automation technologies that are being introduced with Industrial Internet of Things (I2oT). Industrial Control Systems (ICSs) are exploiting I2oT for reducing costs and improving efficiency. However, ICSs are already jeopardized by an increasingly large set of threat vectors. Those threats are used by malicious actors to misuse physical Critical Infrastructures that usually are vital services for well-being. I2oT implementation increases the threat surface, generating new possible vulnerabilities.Information Technology (IT) classical approaches to cyber attacks cannot be applied to ICS due to their extreme differences from main priorities to resource constrains. Therefore, innovative approaches and equipment must be developed to suit with ICS world. In this paper, a Smart Behavioural Filter (SBF) for the PLCs (Programmable Logic Controllers) is proposed aiming to secure the PLC itself against logic attacks, that are stealth for other more classical security approaches. An example of the considered logic attacks is many open and close commands towards a valve in a short time. Those logic attacks are usually a sequence of well-formed packets in which the content

show abstract

Section: Related Workmentioning

confidence: 99%

“…In [8], the various type of attacks on SCADA systems have been grouped into network protocol and application protocol attacks. In the network protocol attacks, the hacker exploits weak points of network protocols, such as Modbus TCP/IP, that have several serious vulnerabilities [7].…”

Section: Introductionmentioning

confidence: 99%

Smart Behavioural Filter for Industrial Internet of Things

Corbò¹,

Foglietta²,

Palazzo³

et al. 2017

Mobile Netw Appl

View full text Add to dashboard Cite

show abstract

“…This appliance monitors incoming and outgoing packets and allows them to route or drop based on filtering rules using layer three and four on OSI model. [2] An application firewall (or proxy server) is placed between a client application and a server, acting as an intermediary never allowing a direct connection between them. [9] The application firewall adds the capability of examining specific application traffic, such as FTP services, OPC servers or others.…”

Section: Related Workmentioning

confidence: 99%

“…In [2], the various type of attacks on SCADA systems have been grouped into network protocol and application protocol attacks. In the network protocol attacks, the hacker exploits weak points of network protocols, such as Modbus TCP/IP, that have a number of serious vulnerabilities [3].…”

Section: Introductionmentioning

confidence: 99%

Smart Behavioural Filter for SCADA Network

Corbò

Foglietta

Palazzo

et al. 2017

Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

View full text Add to dashboard Cite

Industrial Control Systems (ICS) are jeopardized from a large set of threat vectors, which exploit their vulnerabilities in order to impact the physical Critical Infrastructures they control. The Information Technology (IT) classical approach to cyber attacks can not be applied to ICS due to their extreme differences from main priorities to resource constrains. Therefore, innovative approaches and equipment must be developed in order to suit with ICS world. In this paper, a Smart Behavioural Filter (SBF) for the PLCs/RTUs is proposed aiming to secure the PLC/RTU itself against logic attacks, that are stealth for other more classical security approaches. Those logic attacks are usually anomaly behaviours, for instance a large number of open/close commands towards a valve. This smart field equipment can communicate with other equipment like itself in order to react in short time to cyber attacks and increase the resilience of the physical system. It can also generate alarms for the local Intrusion Detection System (IDS) The proposed equipment has been developed and validated in a real test-bed within the FP7 CockpitCI project. The results are promising.

show abstract

“…As a result, the number of cyber incidents is significantly increasing (Kang et al, 2014) which presents novel challenges for both academic researchers and industry experts.…”

Section: Introductionmentioning

confidence: 99%

OSCIDS: An Ontology based SCADA Intrusion Detection Framework

Balushi

McLaughlin

Sezer

2016

Proceedings of the 13th International Joint Conference on E-Business and Telecommunications

View full text Add to dashboard Cite

Abstract:This paper presents the design, development, and validation of an ontology based SCADA intrusion detection system. The proposed system analyses SCADA network communications and can derive additional information based on the background knowledge and ontology models to enhance the intrusion detection data. The developed intrusion model captures network communications, cyber attacks and the context within the SCADA domain. Moreover, a set of semantic rules were constructed to detect various attacks and extract logical relationships among these attacks. The presented framework was extensively evaluated and a comparison to the state of the art is provided.

show abstract

Cyber threats and defence approaches in SCADA systems

Cited by 17 publications

References 6 publications

Smart Behavioural Filter for Industrial Internet of Things

Smart Behavioural Filter for Industrial Internet of Things

Smart Behavioural Filter for SCADA Network

OSCIDS: An Ontology based SCADA Intrusion Detection Framework

Contact Info

Product

Resources

About