On the Significance of Process Comprehension for Conducting Targeted ICS Attacks

Green, Ben; Krotofil, Marina; Abbasi, Ali

doi:10.1145/3140241.3140254

Cited by 33 publications

(43 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Now, let's conduct exploitation on ICS protocol vulnerabilities. Green et al [70] employed the testbed environment to conduct man-in-the-middle attack experiments against ICS systems, showing the importance of understanding the process when conducting targeted ICS attacks. However, what if we have little knowledge of the operating mechanism of ICS, and we just employ the ICS protocol vulnerabilities, can we successfully implement a attack?…”

Section: B Proof Of Conceptmentioning

confidence: 99%

Machine Learning Methods for Industrial Protocol Security Analysis: Issues, Taxonomy, and Directions

Men

Lv²,

Zhou

et al. 2020

IEEE Access

View full text Add to dashboard Cite

Machine learning has been widely studied in the security analysis of Industrial Control Systems (ICSs). However, in industrial scenarios, the amount of data as well as the speed of data generation are very different from standard machine learning data sets. Using these heterogeneous data and finding meaningful insights for practical security applications in ICSs is a big challenge. In addition, ICSs have been built for quite a long time. Security has not been seriously taken into account when ICSs were built. Security assessment or attack prevention cannot always be done in real time, as an ICS requires to be online all the time, especially when it comes to systems that affect critical infrastructure. In this work, we are motivated to a provide a clear and comprehensive survey of the state-of-the-art work that employs machine learning in security applications in ICSs, including vulnerability analysis, vulnerability detection and exploitation, anomaly detection and security assessment. Based on our in-depth survey, we highlight the issues of industrial protocol analysis with machine learning methods, provide the security applications with machine learning in ICSs and indicate the future directions.

show abstract

Section: B Proof Of Conceptmentioning

confidence: 99%

Machine Learning Methods for Industrial Protocol Security Analysis: Issues, Taxonomy, and Directions

Men

Lv²,

Zhou

et al. 2020

IEEE Access

View full text Add to dashboard Cite

show abstract

“…We now discuss the anatomy of the attack we have implemented on this converged OT-IIoT environment as modelled within our testbed. It is an evolution of our previous work on attacks in ICS environments [7]. The flow of the attack can be seen in Figure 9.…”

Section: Attack Overviewmentioning

confidence: 99%

Everything Is Awesome! or Is It? Cyber Security Risks in Critical Infrastructure

Rashid

Gardiner

Green

et al. 2019

Critical Information Infrastructures Security

Self Cite

View full text Add to dashboard Cite

Industrial Control Systems (ICS) play an important role in the monitoring, control and automation of critical infrastructure such as water, gas, oil and electricity. Recent years have seen a number of high profile cyber attacks on such infrastructure exemplified by Stuxnet and the Ukrainian Power Grid attacks. This naturally begs the question: how should we manage cyber security risks in such infrastructure on which the day-today functioning of societies rely? What are the complexities of managing security in a landscape shaped by the often competing demands of a variety of stakeholders, e.g., managers, control engineers, enterprise IT personnel and field site operators? What are the challenges posed by the convergence of Internet of Things (IoT) and critical infrastructure through the so-called Industrial Internet of Things (IIoT)? In this paper, we discuss insights from a multi-year programme of research investigating these issues and the challenges to addressing them.

show abstract

“…Step 1-The Thingworx cloud platform is compromised by exploiting one or more of the well known CVE vulnerabilities published 9 https://www.ptc.com/en/products/iiot 10 https://www.symantec.com/blogs/threat-intelligence/asus-supply-chain-attack for Tomcat 8.5 11 in the pre-configured state as shipped. In this state we are able to load our attack script to the Thingworx VM which, when executed, terminates the Thingworx process resulting in a loss of communication with Kepware.…”

Section: Compromising the Seccniot Demonstratormentioning

confidence: 99%

“…Over the last five years, we have designed and constructed ICS testbeds to support cyber security research. Our initial concepts, built out of Lancaster University [10], formed a starting point for the exploration of vulnerability scanners [1], intrusion detection systems [14], process comprehension [11], etc. This culminated in a set of design principles and lessons learnt, formulated to support other researchers in the design and construction of their own ICS testbeds [12].…”

Section: Introductionmentioning

confidence: 99%

Oops I Did it Again

Gardiner

Craggs

Green

et al. 2019

Proceedings of the ACM Workshop on Cyber-Physical Systems Security &Amp; Privacy - CPS-SPC'19

Self Cite

View full text Add to dashboard Cite

Research efforts in the security of Industrial Control Systems (ICS) have dramatically increased over the past few years. However, there is a limiting factor when work cannot be evaluated on real-world systems due to safety and operational reasons. This has led to multiple deployments of ICS testbeds covering multiple sectors including water treatment, power distribution and transportation networks. Over the last five years, we have designed and constructed ICS testbeds to support cyber security research. Our prior work in building testbeds culminated in a set of design principles and lessons learnt, formulated to support other researchers in designing and building their own ICS testbeds. In the last two years we have taken these lessons and used them to guide our own greenfield largescale, complex and process-diverse security testbed affording a rare opportunity to design and build from the ground up-one in which we have been able to look back and validate those past lessons and principles. In this work we describe the process of building our new ICS and Industrial Internet of Things (IIoT) testbed, and give an overview of its architecture. We then reflect on our past lessons, and contribute five previously unrecognised additional lessons based on this experience.

show abstract

On the Significance of Process Comprehension for Conducting Targeted ICS Attacks

Cited by 33 publications

References 11 publications

Machine Learning Methods for Industrial Protocol Security Analysis: Issues, Taxonomy, and Directions

Machine Learning Methods for Industrial Protocol Security Analysis: Issues, Taxonomy, and Directions

Everything Is Awesome! or Is It? Cyber Security Risks in Critical Infrastructure

Oops I Did it Again

Contact Info

Product

Resources

About