Design and Implementation of Fuzzing Technology for OPC Protocol

Wang, Ting; Xiong, Qingrong; Gao, Haihui; Peng, Yong; Dai, Zhijiang; Yi, Shengwei

doi:10.1109/iih-msp.2013.112

Cited by 12 publications

(6 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The work of Qi et al [152] extends the work of Wang et al [153] that detected flaws in OPC, Distributed Component Object Model (DCOM), and Remote Procedure Call (RPC) parts of the ecosystem by leveraging a custom fuzzer called OPCMFuzzer. Puys et al [154] have formally analyzed OPC-UA protocol and identified flaws in the cryptographic signing of messages, as well as in the authentication mechanisms.…”

Section: Other Protocolsmentioning

confidence: 92%

Industrial and Critical Infrastructure Security: Technical Analysis of Real-Life Security Incidents

Makrakis¹,

Kolias

Kambourakis

et al. 2021

IEEE Access

View full text Add to dashboard Cite

Critical infrastructures and industrial organizations aggressively move towards integrating elements of modern Information Technology (IT) into their monolithic Operational Technology (OT) architectures. Yet, as OT systems progressively become more and more interconnected, they silently have turned into alluring targets for diverse groups of adversaries. Meanwhile, the inherent complexity of these systems, along with their advanced-in-age nature, prevents defenders from fully applying contemporary security controls in a timely manner. Forsooth, the combination of these hindering factors has led to some of the most severe cybersecurity incidents of the past years. This work contributes a full-fledged and upto-date survey of the most prominent threats and attacks against Industrial Control Systems and critical infrastructures, along with the communication protocols and devices adopted in these environments. Our study highlights that threats against critical infrastructure follow an upward spiral due to the mushrooming of commodity tools and techniques that can facilitate either the early or late stages of attacks. Furthermore, our survey exposes that existing vulnerabilities in the design and implementation of several of the OTspecific network protocols and devices may easily grant adversaries the ability to decisively impact physical processes. We provide a categorization of such threats and the corresponding vulnerabilities based on various criteria. As far as we are aware, this is the first time an exhaustive and detailed survey of this kind is attempted.

show abstract

Section: Other Protocolsmentioning

confidence: 92%

Industrial and Critical Infrastructure Security: Technical Analysis of Real-Life Security Incidents

Makrakis¹,

Kolias

Kambourakis

et al. 2021

IEEE Access

View full text Add to dashboard Cite

show abstract

“…Auto-Fuzz [38] is an open-source network protocol fuzzing framework. There are also some fuzzers specific to certain protocols, such as for OPC protocol [39] and TLS libraries [40,41]. Moreover, KiF [42] is a dedicated SIP fuzzer that was released in 2007, but unfortunately, it does not apply to Android phones.…”

Section: Related Workmentioning

confidence: 99%

Understanding Android VoIP Security: A System-Level Vulnerability Assessment

En¹,

Deng

2020

Detection of Intrusions and Malware, and Vulnerability Assessment

View full text Add to dashboard Cite

VoIP is a class of new technologies that deliver voice calls over the packet-switched networks, which surpasses the legacy circuitswitched telecom telephony. Android provides the native support of VoIP, including the recent VoLTE and VoWiFi standards. While prior works have analyzed the weaknesses of VoIP network infrastructure and the privacy concerns of third-party VoIP apps, no efforts were attempted to investigate the (in)security of Android's VoIP integration at the system level. In this paper, we first demystify Android VoIP's protocol stack and all its four attack surfaces. We then propose a novel vulnerability assessment approach that assembles on-device Intent/API fuzzing, networkside packet fuzzing, and targeted code auditing. By testing Android from version 7.0 to the recent 9.0, we have discovered 8 zero-day Android VoIP vulnerabilities, all of which were confirmed by Google with bug bounty awards. The security consequences are serious, including denying voice calls, caller ID spoofing, unauthorized call operations, and remote code execution. To mitigate these vulnerabilities and further improve Android VoIP security, we uncover a new root cause that requires developers' attention during their design and implementation.

show abstract

“…Alarm Frame Random implements a fuzzing method for the profinet protocol. Ting Wang proposed a method for the OPC protocol fuzzing [9]. Xiong Qi et al implemented an OPC-MFuzzer tool for OPC-based vulnerability exploiting based on the work of Ting Wang et al [10].…”

Section: Iec 61850 Fuzzing Toolmentioning

confidence: 99%

A Vulnerability Mining System Based on Fuzzing for IEC 61850 Protocol

Tu¹,

Zhang²,

Qin³

et al. 2017

Proceedings of the 2017 5th International Conference on Frontiers of Manufacturing Science and Measuring Technology (FMSMT 2017

View full text Add to dashboard Cite

Abstract. In this paper, we proposed an effective vulnerability mining system for IEC61850 protocol in the Smart Grid. First of all, we introduce the basic structures and features of IEC61850 protocol. Next, we summarize the possible vulnerabilities of it. Finally a fuzzing tester named IECFuzzer is designed and implemented using the technique of fuzzing. A lot of simulation results show that IECFuzzer can not only be used to exploit the potential denial-of-service vulnerabilities of IEC61850 protocol, but also to verify the robustness of PLC devices using IEC61850 protocol.

show abstract

Design and Implementation of Fuzzing Technology for OPC Protocol

Cited by 12 publications

References 6 publications

Industrial and Critical Infrastructure Security: Technical Analysis of Real-Life Security Incidents

Industrial and Critical Infrastructure Security: Technical Analysis of Real-Life Security Incidents

Understanding Android VoIP Security: A System-Level Vulnerability Assessment

A Vulnerability Mining System Based on Fuzzing for IEC 61850 Protocol

Contact Info

Product

Resources

About