{"title":"OPC UA网络中不可信客户端攻击的模拟与检测","authors":"C. V. Neu, Ina Schiering, A. Zorzo","doi":"10.1145/3360664.3360675","DOIUrl":null,"url":null,"abstract":"The usage of machine to machine communication and Industrial Internet of Things is increasing nowadays, in particular in industry environments. Devices with low hardware capabilities may e.g. be used for sensing data, for example, on an industrial network. Specific protocols and frameworks were being developed for these use cases. One such framework is OPC UA, which allows signed and encrypted communication and therefore addresses already important security requirements. However, an attacker may also be able to encrypt malicious packets so that it may bypass security systems and/or empower the attack, as encrypted packets typically need more hardware consumption to be handled. In this paper the focus is on Denial of Service attacks in OPC UA networks. An analysis of possible Denial of Service attacks is presented and an approach to detect such attacks is implemented in the context of a simulation scenario. Our evaluations show how such attacks may affect server CPU consumption and could be very powerful when a large number of devices is compromised.","PeriodicalId":409365,"journal":{"name":"Proceedings of the Third Central European Cybersecurity Conference","volume":"13 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-11-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":"{\"title\":\"Simulating and Detecting Attacks of Untrusted Clients in OPC UA Networks\",\"authors\":\"C. V. Neu, Ina Schiering, A. Zorzo\",\"doi\":\"10.1145/3360664.3360675\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The usage of machine to machine communication and Industrial Internet of Things is increasing nowadays, in particular in industry environments. Devices with low hardware capabilities may e.g. be used for sensing data, for example, on an industrial network. Specific protocols and frameworks were being developed for these use cases. One such framework is OPC UA, which allows signed and encrypted communication and therefore addresses already important security requirements. However, an attacker may also be able to encrypt malicious packets so that it may bypass security systems and/or empower the attack, as encrypted packets typically need more hardware consumption to be handled. In this paper the focus is on Denial of Service attacks in OPC UA networks. An analysis of possible Denial of Service attacks is presented and an approach to detect such attacks is implemented in the context of a simulation scenario. Our evaluations show how such attacks may affect server CPU consumption and could be very powerful when a large number of devices is compromised.\",\"PeriodicalId\":409365,\"journal\":{\"name\":\"Proceedings of the Third Central European Cybersecurity Conference\",\"volume\":\"13 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-11-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"12\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the Third Central European Cybersecurity Conference\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3360664.3360675\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the Third Central European Cybersecurity Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3360664.3360675","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Simulating and Detecting Attacks of Untrusted Clients in OPC UA Networks
The usage of machine to machine communication and Industrial Internet of Things is increasing nowadays, in particular in industry environments. Devices with low hardware capabilities may e.g. be used for sensing data, for example, on an industrial network. Specific protocols and frameworks were being developed for these use cases. One such framework is OPC UA, which allows signed and encrypted communication and therefore addresses already important security requirements. However, an attacker may also be able to encrypt malicious packets so that it may bypass security systems and/or empower the attack, as encrypted packets typically need more hardware consumption to be handled. In this paper the focus is on Denial of Service attacks in OPC UA networks. An analysis of possible Denial of Service attacks is presented and an approach to detect such attacks is implemented in the context of a simulation scenario. Our evaluations show how such attacks may affect server CPU consumption and could be very powerful when a large number of devices is compromised.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
