Generic attack approaches for industrial control systems

Duggan, David Patrick

doi:10.2172/1177071

Cited by 8 publications

(18 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…These requirement differences mean that even when technically possible, blindly applying IT-based security mechanisms or procedures in industrial environments might lead to process malfunction or potentially safety-threatening scenarios, as they have been designed with different goals in mind. For instance, running antivirus software on PLCs might compromise the PLC's ability to perform real-time operations on a process, or conducting a penetration test can lead to dangerous scenarios [48].…”

Section: Industrial Network Since the Invention Of Thementioning

confidence: 99%

Towards Large-Scale, Heterogeneous Anomaly Detection Systems in Industrial Networks: A Survey of Current Trends

Iturbe

Garitano

Zurutuza

et al. 2017

Security and Communication Networks

View full text Add to dashboard Cite

Industrial Networks (INs) are widespread environments where heterogeneous devices collaborate to control and monitor physical processes. Some of the controlled processes belong to Critical Infrastructures (CIs), and, as such, IN protection is an active research field. Among different types of security solutions, IN Anomaly Detection Systems (ADSs) have received wide attention from the scientific community. While INs have grown in size and in complexity, requiring the development of novel, Big Data solutions for data processing, IN ADSs have not evolved at the same pace. In parallel, the development of Big Data frameworks such as Hadoop or Spark has led the way for applying Big Data Analytics to the field of cyber-security, mainly focusing on the Information Technology (IT) domain. However, due to the particularities of INs, it is not feasible to directly apply IT security mechanisms in INs, as IN ADSs face unique characteristics. In this work we introduce three main contributions. First, we survey the area of Big Data ADSs that could be applicable to INs and compare the surveyed works. Second, we develop a novel taxonomy to classify existing IN-based ADSs. And, finally, we present a discussion of open problems in the field of Big Data ADSs for INs that can lead to further development.

show abstract

Section: Industrial Network Since the Invention Of Thementioning

confidence: 99%

Towards Large-Scale, Heterogeneous Anomaly Detection Systems in Industrial Networks: A Survey of Current Trends

Iturbe

Garitano

Zurutuza

et al. 2017

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…In one case, a robotic arm inadvertently became active, and on another occasion a gas utility's ICS was locked up, stopping gas flowing for several hours [68].…”

Section: Technical Riskmentioning

confidence: 99%

Cyber Security for Industrial Control Systems

Peng¹,

Zhang²,

Chen³

2016

View full text Add to dashboard Cite

“…Similar to when a cyberattack is launched against a company's database or web server, the exploitation or misuse of the devices found on a SCADA network can have negative effects on both the clientele and the corporation [7]. However, unlike the IP networks in abundance today, SCADA systems are threatened not only by hackers wishing to exploit vulnerabilities in software or firmware but also by the tools commonly associated with monitoring, auditing, and securing networks.…”

Section: Introductionmentioning

confidence: 99%

Vulnerability Analysis of Network Scanning on SCADA Systems

Coffey

Smith

Μαγλαράς

et al. 2018

Security and Communication Networks

View full text Add to dashboard Cite

Supervisory Control and Data Acquisition (SCADA) systems and Industrial Control Systems (ICSs) have controlled the regulation and management of Critical National Infrastructure environments for decades. With the demand for remote facilities to be controlled and monitored, industries have continued to adopt Internet technology into their ICS and SCADA systems so that their enterprise can span across international borders in order to meet the demand of modern living. Although this is a necessity, it could prove to be potentially dangerous. The devices that make up ICS and SCADA systems have bespoke purposes and are often inherently vulnerable and difficult to merge with newer technologies. The focus of this article is to explore, test, and critically analyse the use of network scanning tools against bespoke SCADA equipment in order to identify the issues with conducting asset discovery or service detection on SCADA systems with the same tools used on conventional IP networks. The observations and results of the experiments conducted are helpful in evaluating their feasibility and whether they have a negative impact on how they operate. This in turn helps deduce whether network scanners open a new set of vulnerabilities unique to SCADA systems.

show abstract

Generic attack approaches for industrial control systems

Cited by 8 publications

References 0 publications

Towards Large-Scale, Heterogeneous Anomaly Detection Systems in Industrial Networks: A Survey of Current Trends

Towards Large-Scale, Heterogeneous Anomaly Detection Systems in Industrial Networks: A Survey of Current Trends

Cyber Security for Industrial Control Systems

Vulnerability Analysis of Network Scanning on SCADA Systems

Contact Info

Product

Resources

About