Real Time MODBUS Transmissions and Cryptography Security Designs and Enhancements of Protocol Sensitive Information

Shahzad, Aamir; Lee, Malrey; Lee, Young Keun; Kim, Suntae; Xiong, Naixue; Choi, Jae Young; Cho, Younghwa

doi:10.3390/sym7031176

Cited by 73 publications

(38 citation statements)

References 56 publications

(116 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Under the first consideration, the APDU bytes were constructed and transmitted successfully several times (or 300 times) between the MTU and RTU and vice versa; here, we ensured and verified that the APDU bytes were accurately constructed and transmitted between the participant nodes. This consideration was investigated without the use of any security development, meaning that the APDU bytes were transmitted and all of the possible attacks such as Eavesdropping, Key Cracking, Man-in-the-Middle, Guessing Key (or Guessing Shared Key), Brute Force, Password Guessing, Frame Injection, Data Replay, and Data Deletion [ 5 , 56 , 57 ] were launched using built-in tools such as sniffer/dsniff, cracking tools, ethereal, ettercap, aircrack, airsnort, dinject/reinject, injection/jamming tools, and/or attack-detection mechanisms [ 54 , 55 , 56 , 57 , 60 , 61 , 62 , 63 , 64 , 65 , 66 , 67 , 68 , 69 , 70 , 71 ]; this resulted in an abnormal transmission (or attack transmission) for the SCADA/DNP3 system and the system performances were also measured in the absence of security development. Some attack tools are designated, however, and can be used for wireless transmissions, and we also employed and tested the testbed under the wireless-connectivity condition [ 72 , 73 , 74 ].…”

Section: Resultsmentioning

confidence: 99%

Design and Development of Layered Security: Future Enhancements and Directions in Transmission

Shahzad

Lee

Kim

et al. 2016

Sensors

Self Cite

View full text Add to dashboard Cite

Today, security is a prominent issue when any type of communication is being undertaken. Like traditional networks, supervisory control and data acquisition (SCADA) systems suffer from a number of vulnerabilities. Numerous end-to-end security mechanisms have been proposed for the resolution of SCADA-system security issues, but due to insecure real-time protocol use and the reliance upon open protocols during Internet-based communication, these SCADA systems can still be compromised by security challenges. This study reviews the security challenges and issues that are commonly raised during SCADA/protocol transmissions and proposes a secure distributed-network protocol version 3 (DNP3) design, and the implementation of the security solution using a cryptography mechanism. Due to the insecurities found within SCADA protocols, the new development consists of a DNP3 protocol that has been designed as a part of the SCADA system, and the cryptographically derived security is deployed within the application layer as a part of the DNP3 stack.

show abstract

Section: Resultsmentioning

confidence: 99%

Design and Development of Layered Security: Future Enhancements and Directions in Transmission

Shahzad

Lee

Kim

et al. 2016

Sensors

Self Cite

View full text Add to dashboard Cite

show abstract

“…The research scholars worked and provided solutions for Man-in-the middle attack, replay attacks etc. [20].…”

Section: Literature Surveymentioning

confidence: 99%

Detecting Flooding Attacks in Communication Protocol of Industrial Control Systems

Rajesh¹,

Satyanarayana²

2020

IJACSA

View full text Add to dashboard Cite

Industrial Control Systems (ICS) are normally using for monitoring and controlling various process plants like Oil & Gas refineries, Nuclear reactors, Power generation and transmission, various chemical plants etc., in the world. MODBUS is the most widely used communication protocol in these ICS systems, which is using for bi-directional data transfer of sensor data between data acquisition servers and Intelligent Electronic Devices (IED) like Programmable Logic Controllers (PLC) or Remote Telemetry Unit (RTU). The security of ICS systems is a major concern in safe and secure operations of these plants. This Modbus protocol is more vulnerable to cyber security attacks because security measures were not considered in mind at the time of protocol design. Denial-of-Service (DoS) attack or flooding attack is one of the prominent attacks for MODBUS, which affects the availability of the control system. In this paper, a new method was proposed, to detect user application-level flooding or DoS attacks and triggers alarm annunciator and displays suitable alarms in Supervisory Control and Data Acquisition system (SCADA) to draw the attention of administrators or engineers to take corrective action. This method detected highest percentage of attacks with less time compared to other methods. This method also considered all types of conditions, which triggers flooding attack in MODBUS protocol.

show abstract

“…In order to allow for, e.g., floating point variables, some vendors allow for combining registers to hold 32-bit and 64-bit values (Hadžiosmanović et al 2014). Security extensions for Modbus/TCP protocol have been proposed, e.g., (Fovino et al 2009;Shahzad et al 2015;Éva et al 2018), which, however, do require changes on the protocol level of operating devices. This is expected to be difficult as companies are reluctant to such changes and global standardization.…”

Section: Overview and Controlmentioning

confidence: 99%

An integrated testbed for locally monitoring SCADA systems in smart grids

2018

View full text Add to dashboard Cite

A testbed for evaluating if and how process-aware monitoring may increase the security of decentralized SCADA networks in power grids is presented. The testbed builds on the co-simulation framework Mosaik, and co-simulates in an integrated way, the power distribution network on different voltage levels, as well as the control network (Modbus/TCP). The existing simulators were extended to allow topology changes, and a controller (RTU) simulator connected to a SCADA server enabling remote control was implemented. Using the developed testbed, a recently proposed local monitoring approach was investigated. The results show that for so-called interlocks the proposed monitoring approach prevents the execution of 33.3% of the commands, that would result in an unsafe state of the power distribution grid. Furthermore, it is shown that unsafe transformer tap positions can also be avoided. To illustrate the relevance and importance of the proposed testbed, a detailed comparison of related work on process-aware intrusion detection approaches and testbeds combining (parts of) the control network and the power grid is provided.

show abstract

Real Time MODBUS Transmissions and Cryptography Security Designs and Enhancements of Protocol Sensitive Information

Cited by 73 publications

References 56 publications

Design and Development of Layered Security: Future Enhancements and Directions in Transmission

Design and Development of Layered Security: Future Enhancements and Directions in Transmission

Detecting Flooding Attacks in Communication Protocol of Industrial Control Systems

An integrated testbed for locally monitoring SCADA systems in smart grids

Contact Info

Product

Resources

About