基于功能码的DNP3漏洞分析

2016 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS) Pub Date : 2016-11-01 DOI:10.1109/ANTS.2016.7947865

Chetna Singh, Ashwin Nivangune, M. Patwardhan

{"title":"基于功能码的DNP3漏洞分析","authors":"Chetna Singh, Ashwin Nivangune, M. Patwardhan","doi":"10.1109/ANTS.2016.7947865","DOIUrl":null,"url":null,"abstract":"Distributed Network Protocol (DNP 3.0) is a reliable and an efficient open standard SCADA communication protocol predominantly used in the Energy Sector in USA. Due to its exhaustive specification and complex implementation it becomes essential to perform vulnerability analysis. The paper highlights attack surface specific to function codes present in Data Link and Application layer of the protocol stack. In order to realize the attack scenarios we have extended Scapy tool to add on DNP3 protocol stack. We have presented attack scenarios based on packet fabrication and packet modification threat categories. The subsequent findings and analysis of our work will help in developing DNP3/TCP based Protocol Validation tool to check the vendor implementation of the protocol. Further, it can also serve as Vulnerability Assessment and Penetrating Testing (VAPT) tool.","PeriodicalId":248902,"journal":{"name":"2016 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS)","volume":"38 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"13","resultStr":"{\"title\":\"Function code based vulnerability analysis of DNP3\",\"authors\":\"Chetna Singh, Ashwin Nivangune, M. Patwardhan\",\"doi\":\"10.1109/ANTS.2016.7947865\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Distributed Network Protocol (DNP 3.0) is a reliable and an efficient open standard SCADA communication protocol predominantly used in the Energy Sector in USA. Due to its exhaustive specification and complex implementation it becomes essential to perform vulnerability analysis. The paper highlights attack surface specific to function codes present in Data Link and Application layer of the protocol stack. In order to realize the attack scenarios we have extended Scapy tool to add on DNP3 protocol stack. We have presented attack scenarios based on packet fabrication and packet modification threat categories. The subsequent findings and analysis of our work will help in developing DNP3/TCP based Protocol Validation tool to check the vendor implementation of the protocol. Further, it can also serve as Vulnerability Assessment and Penetrating Testing (VAPT) tool.\",\"PeriodicalId\":248902,\"journal\":{\"name\":\"2016 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS)\",\"volume\":\"38 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"13\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ANTS.2016.7947865\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ANTS.2016.7947865","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 13

摘要

分布式网络协议(DNP 3.0)是一种可靠、高效的开放标准SCADA通信协议，主要应用于美国能源行业。由于其详尽的规范和复杂的实现，执行漏洞分析变得至关重要。重点研究了协议栈中数据链路和应用层功能码的攻击面。为了实现这些攻击场景，我们对Scapy工具进行了扩展，增加了DNP3协议栈。我们提出了基于报文制造和报文修改威胁类别的攻击场景。后续的研究结果和分析将有助于开发基于DNP3/TCP的协议验证工具，以检查供应商对协议的实现。此外，它还可以作为漏洞评估和渗透测试(VAPT)工具。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Function code based vulnerability analysis of DNP3

Distributed Network Protocol (DNP 3.0) is a reliable and an efficient open standard SCADA communication protocol predominantly used in the Energy Sector in USA. Due to its exhaustive specification and complex implementation it becomes essential to perform vulnerability analysis. The paper highlights attack surface specific to function codes present in Data Link and Application layer of the protocol stack. In order to realize the attack scenarios we have extended Scapy tool to add on DNP3 protocol stack. We have presented attack scenarios based on packet fabrication and packet modification threat categories. The subsequent findings and analysis of our work will help in developing DNP3/TCP based Protocol Validation tool to check the vendor implementation of the protocol. Further, it can also serve as Vulnerability Assessment and Penetrating Testing (VAPT) tool.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2016 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS)

自引率

0.00%

发文量