正在进行的工作:通过选择性队列饱和攻击危及实时以太网设备的安全性

2020 16th IEEE International Conference on Factory Communication Systems (WFCS) Pub Date : 2020-04-01 DOI:10.1109/WFCS47810.2020.9114505

P. Ferrari, E. Sisinni, Abusayeed Saifullah, Raphael Machado, Alan Oliveira de Sá, M. Felser

{"title":"正在进行的工作:通过选择性队列饱和攻击危及实时以太网设备的安全性","authors":"P. Ferrari, E. Sisinni, Abusayeed Saifullah, Raphael Machado, Alan Oliveira de Sá, M. Felser","doi":"10.1109/WFCS47810.2020.9114505","DOIUrl":null,"url":null,"abstract":"The industrial control systems (ICS) are using Real-Time Ethernet (RTE) protocols for many years. Today, Ethernet based control systems are widely used in industries. The Time Sensitive Networking (TSN) initiative will definitely push their further diffusion. With the introduction of Industry 4.0, production machines and their components have been connected to the Internet. Currently adopted RTE protocols do not require authentication, and hence may exchange data also with potentially malicious partners. In this paper, a selective Denial of Service (DoS) attack is presented. The proposed Selective Queue Saturation Attack (SQSA) is aimed to jam the message queue of the RTE communication stack in selected devices. The SQSA minimizes the chances of being detected by keeping its requirements (in term generated traffic) as low as possible. The SQSA has been applied to a real scenario based on PROFINET. The results of the use case demonstrate: the feasibility of the proposed attack; the reduced footprint compared to known DoS attacks (more than one thousand times less); and the selectivity of the attack, which can disrupt the realtime behavior of even a single target node inside the RTE network.","PeriodicalId":272431,"journal":{"name":"2020 16th IEEE International Conference on Factory Communication Systems (WFCS)","volume":"90 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Work-in-Progress: Compromising Security of Real-time Ethernet Devices by means of Selective Queue Saturation Attack\",\"authors\":\"P. Ferrari, E. Sisinni, Abusayeed Saifullah, Raphael Machado, Alan Oliveira de Sá, M. Felser\",\"doi\":\"10.1109/WFCS47810.2020.9114505\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The industrial control systems (ICS) are using Real-Time Ethernet (RTE) protocols for many years. Today, Ethernet based control systems are widely used in industries. The Time Sensitive Networking (TSN) initiative will definitely push their further diffusion. With the introduction of Industry 4.0, production machines and their components have been connected to the Internet. Currently adopted RTE protocols do not require authentication, and hence may exchange data also with potentially malicious partners. In this paper, a selective Denial of Service (DoS) attack is presented. The proposed Selective Queue Saturation Attack (SQSA) is aimed to jam the message queue of the RTE communication stack in selected devices. The SQSA minimizes the chances of being detected by keeping its requirements (in term generated traffic) as low as possible. The SQSA has been applied to a real scenario based on PROFINET. The results of the use case demonstrate: the feasibility of the proposed attack; the reduced footprint compared to known DoS attacks (more than one thousand times less); and the selectivity of the attack, which can disrupt the realtime behavior of even a single target node inside the RTE network.\",\"PeriodicalId\":272431,\"journal\":{\"name\":\"2020 16th IEEE International Conference on Factory Communication Systems (WFCS)\",\"volume\":\"90 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-04-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 16th IEEE International Conference on Factory Communication Systems (WFCS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/WFCS47810.2020.9114505\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 16th IEEE International Conference on Factory Communication Systems (WFCS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/WFCS47810.2020.9114505","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

摘要

工业控制系统(ICS)多年来一直使用实时以太网(RTE)协议。如今，基于以太网的控制系统广泛应用于工业领域。时间敏感网络(TSN)计划肯定会推动它们进一步扩散。随着工业4.0的引入，生产机器及其组件已连接到互联网。目前采用的RTE协议不需要身份验证，因此也可能与潜在的恶意伙伴交换数据。提出了一种选择性拒绝服务(DoS)攻击方法。提出的选择性队列饱和攻击(SQSA)的目的是在选定的设备中阻塞RTE通信栈的消息队列。SQSA通过将其需求(就生成的流量而言)保持在尽可能低的水平来最小化被检测到的可能性。SQSA已应用于基于PROFINET的实际场景。用例的结果证明了所提议攻击的可行性;与已知的DoS攻击相比，减少了足迹(减少了一千多倍);攻击的选择性，甚至可以破坏RTE网络内单个目标节点的实时行为。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Work-in-Progress: Compromising Security of Real-time Ethernet Devices by means of Selective Queue Saturation Attack

The industrial control systems (ICS) are using Real-Time Ethernet (RTE) protocols for many years. Today, Ethernet based control systems are widely used in industries. The Time Sensitive Networking (TSN) initiative will definitely push their further diffusion. With the introduction of Industry 4.0, production machines and their components have been connected to the Internet. Currently adopted RTE protocols do not require authentication, and hence may exchange data also with potentially malicious partners. In this paper, a selective Denial of Service (DoS) attack is presented. The proposed Selective Queue Saturation Attack (SQSA) is aimed to jam the message queue of the RTE communication stack in selected devices. The SQSA minimizes the chances of being detected by keeping its requirements (in term generated traffic) as low as possible. The SQSA has been applied to a real scenario based on PROFINET. The results of the use case demonstrate: the feasibility of the proposed attack; the reduced footprint compared to known DoS attacks (more than one thousand times less); and the selectivity of the attack, which can disrupt the realtime behavior of even a single target node inside the RTE network.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2020 16th IEEE International Conference on Factory Communication Systems (WFCS)

自引率

0.00%

发文量