发布求助
文献互助 智能选刊 最新文献

Proceedings of the 3rd Annual Industrial Control System Security Workshop最新文献

筛选
英文 中文
Secure Data Provenance in Home Energy Monitoring Networks 家庭能源监测网络中的安全数据来源
Proceedings of the 3rd Annual Industrial Control System Security Workshop Pub Date : 2017-12-05 DOI: 10.1145/3174776.3174778
M. H. Chia, S. Keoh, Zhaohui Tang
{"title":"Secure Data Provenance in Home Energy Monitoring Networks","authors":"M. H. Chia, S. Keoh, Zhaohui Tang","doi":"10.1145/3174776.3174778","DOIUrl":"https://doi.org/10.1145/3174776.3174778","url":null,"abstract":"Smart grid empowers home owners to efficiently manage their smart home appliances within a Home Area Network (HAN), by real time monitoring and fine-grained control. However, it offers the possibility for a malicious user to intrude into the HAN and deceive the smart metering system with fraudulent energy usage report. While most of the existing works have focused on how to prevent data tampering in HAN's communication channel, this paper looks into a relatively less studied security aspect namely data provenance. We propose a novel solution based on Shamir's secret sharing and threshold cryptography to guarantee that the reported energy usage is collected from the specific appliance as claimed at a particular location, and that it reflects the real consumption of the energy. A byproduct of the proposed security solution is a guarantee of data integrity. A prototype implementation is presented to demonstrate the feasibility and practicality of the proposed solution.","PeriodicalId":224503,"journal":{"name":"Proceedings of the 3rd Annual Industrial Control System Security Workshop","volume":"8 1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116414138","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
Securing SCADA Applications Using OpenPLC With End-To-End Encryption 使用端到端加密的OpenPLC保护SCADA应用程序
Proceedings of the 3rd Annual Industrial Control System Security Workshop Pub Date : 2017-12-05 DOI: 10.1145/3174776.3174777
Thiago Alves, Thomas H. Morris, S. Yoo
{"title":"Securing SCADA Applications Using OpenPLC With End-To-End Encryption","authors":"Thiago Alves, Thomas H. Morris, S. Yoo","doi":"10.1145/3174776.3174777","DOIUrl":"https://doi.org/10.1145/3174776.3174777","url":null,"abstract":"During its nascent stages, Programmable Logic Controllers (PLC) were made robust to sustain tough industrial environments, but little care was taken to raise defenses against potential cyberthreats. The recent interconnectivity of legacy PLCs and SCADA systems with corporate networks and the internet has significantly increased the threats to critical infrastructure. To counter these threats, researchers have put their efforts in finding defense mechanisms that can protect the SCADA network and the PLCs. Encryption is a critical component of security and therefore has been used by many organizations to protect data on the network. However, since PLC vendors don't make available information about their hardware or software, it becomes challenging to embed encryption into their devices, especially if they rely on legacy protocols. This paper describes an alternative design using an open source PLC that was modified to encrypt all data it sends over the network, independently of the protocol used. Experimental results indicated that the encryption layer increased the security of the link without causing a significant overhead.","PeriodicalId":224503,"journal":{"name":"Proceedings of the 3rd Annual Industrial Control System Security Workshop","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130175214","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
DoS Exploitation of Allen-Bradley's Legacy Protocol through Fuzz Testing 通过模糊测试的DoS利用Allen-Bradley的遗留协议
Proceedings of the 3rd Annual Industrial Control System Security Workshop Pub Date : 2017-12-05 DOI: 10.1145/3174776.3174780
Francisco Tacliad, Thuy D. Nguyen, Mark A. Gondree
{"title":"DoS Exploitation of Allen-Bradley's Legacy Protocol through Fuzz Testing","authors":"Francisco Tacliad, Thuy D. Nguyen, Mark A. Gondree","doi":"10.1145/3174776.3174780","DOIUrl":"https://doi.org/10.1145/3174776.3174780","url":null,"abstract":"EtherNet/IP is a TCP/IP-based industrial protocol commonly used in industrial control systems (ICS). TCP/IP connectivity to the outside world has enabled ICS operators to implement more agile practices, but it also has exposed these cyber-physical systems to cyber attacks. Using a custom Scapy-based fuzzer to test for implementation flaws in the EtherNet/IP software of commercial programmable logic controllers (PLC), we uncover a previously unreported denial-of-service (DoS) vulnerability in the Ethernet/IP implementation of the Rockwell Automation/Allen-Bradley MicroLogix 1100 PLC that, if exploited, can cause the PLC to fault. ICS-CERT recently announces this vulnerability in the security advisory ICSA-17-138-03. This paper describes this vulnerability, the development of an EtherNet/IP fuzzer, and an approach to remotely monitor for faults generated when fuzzing.","PeriodicalId":224503,"journal":{"name":"Proceedings of the 3rd Annual Industrial Control System Security Workshop","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127701684","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
Timing Performance Profiling of Substation Control Code for IED Malware Detection 用于IED恶意软件检测的变电站控制代码时序性能分析
Proceedings of the 3rd Annual Industrial Control System Security Workshop Pub Date : 2017-12-05 DOI: 10.1145/3174776.3174779
J. Rrushi
{"title":"Timing Performance Profiling of Substation Control Code for IED Malware Detection","authors":"J. Rrushi","doi":"10.1145/3174776.3174779","DOIUrl":"https://doi.org/10.1145/3174776.3174779","url":null,"abstract":"We present a binary static analysis approach to detect intelligent electronic device (IED) malware based on the time requirements of electrical substations. We explore graph theory techniques to model the timing performance of an IED executable. Timing performance is subsequently used as a metric for IED malware detection. More specifically, we perform a series of steps to reduce a part of the IED malware detection problem into a classical problem of graph theory, namely finding single-source shortest paths on a weighted directed acyclic graph (DAG). Shortest paths represent execution flows that take the longest time to compute. Their clock cycles are examined to determine if they violate the real-time nature of substation monitoring and control, in which case IED malware detection is attained. We did this work with particular reference to implementations of protection and control algorithms that use the IEC 61850 standard for substation data representation and network communication. We tested our approach against IED exploits and malware, network scanning code, and numerous malware samples involved in recent ICS malware campaigns.","PeriodicalId":224503,"journal":{"name":"Proceedings of the 3rd Annual Industrial Control System Security Workshop","volume":"87 (2017) 2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133309962","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Proceedings of the 3rd Annual Industrial Control System Security Workshop 第三届工业控制系统安全研讨会论文集
Proceedings of the 3rd Annual Industrial Control System Security Workshop Pub Date : 1900-01-01 DOI: 10.1145/3174776
{"title":"Proceedings of the 3rd Annual Industrial Control System Security Workshop","authors":"","doi":"10.1145/3174776","DOIUrl":"https://doi.org/10.1145/3174776","url":null,"abstract":"","PeriodicalId":224503,"journal":{"name":"Proceedings of the 3rd Annual Industrial Control System Security Workshop","volume":"143 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123279418","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信