Abstract
SCADA (supervisory control and data acquisition) systems are used to monitor and control the processes of industrial facilities remotely. The use of standard technologies and interconnections between the systems lead to variety of security attacks. SCADA systems are being the part of many critical applications of the society. Any minute deviation in the normal operation of the system results in serious consequences. Hence, securing the industrial control systems is a high priority issue. One can provide security and safety to the system by identifying possible sources of threats and objectives of attackers and continuous monitoring of the operations of the system. In this paper, attack incidents occurred on command and control systems are presented (from the year 1982 to 2017), the general attacker goals on SCADA systems are discussed, SCADA communication protocols and its normal/abnormal behaviors are analyzed using the Wireshark tool.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Spellman, F.R.: Energy Infrastructure Protection and Homeland Security. Bernan Press, Lanham (2016)
McMillen, D.: Attacks targeting industrial control systems (ics) up 110 percent. https://securityintelligence.com/attacks-targeting-industrial-control-systems-ics-up-110-percent/. Accessed July 2017
Sastry, S., Cardenas, A.A., Roosta, T.: Rethinking security properties, threat models, and the design space in sensor networks: a case study in scada systems. Ad Hoc Netw. 7, 1434–1447 (2009)
Dacey, R.F.: Critical infrastructure protection: challenges and efforts to secure control systems: gao-04-628t. GAO Reports 1, 29–30 (2004)
Google dorks. http://www.exploit-db.com/google-dorks/. Accessed 1 Feb 2017
Shodan. https://www.shodan.io/. Accessed 1 Feb 2017
Wilhoit, K.: Who is really attacking your ics equipment. Trend Micro Incorporated (2013)
Sunitha, N.R. et al.: Kmi for scada and wirelesshart in iacs. In: 2015 IEEE 20th Conference on Emerging Technologies and Factory Automation (ETFA), pp. 1–4. IEEE, New York (2015)
Daniela, T.: Communication security in scada pipeline monitoring systems. In: Roedunet International Conference (RoEduNet), 2011 10th, pp.1–5. IEEE, New York (2011)
Denning, D.E.: Cyberterrorism: the logic bomb versus the truck bomb. Glob. Dialogue 2(4), 29 (2000)
Turk, R.J., et al.: Cyber Incidents Involving Control Systems. Idaho National Engineering and Environmental Laboratory, Idaho Falls (2005)
Miller, B., Rowe, D.: A survey scada of and critical infrastructure incidents. In: Proceedings of the 1st Annual Conference on Research in Information Technology, pp. 51–56. ACM, New York (2012)
Tsang, R.: Cyberthreats, vulnerabilities and attacks on scada networks. University of California, Berkeley, Working Paper (2010). http://gspp.berkeley.edu/iths/Tsang_SCADA%20Attacks.pdf (as of 28 Dec 2011)
Mustard, S.: Security of distributed control systems: the concern increases. Comput. Control Eng. J. 16(6), 19–25 (2005)
Stamp, J., Dillinger, J., Young, W., DePoy, J.: Common vulnerabilities in critical infrastructure control systems. SAND2003-1772C. Sandia National Laboratories (2003)
Nicholson, A., Webber, S., Dyer, S., Patel, T., Janicke, H.: Scada security in the light of cyber-warfare. Comput. Secur. 31(4), 418–436 (2012)
Canavan J.: The evolution of malicious irc bots. In: Virus Bulletin Conference, pp. 104–114 (2005)
Cardenas, A., Amin, S., Sinopoli, B., Giani, A., Perrig, A., Sastry S.: Challenges for securing cyber physical systems. In: Workshop on Future Directions in Cyber-Physical Systems Security, p. 5 (2009)
Hernández Jiménez, J., Chen, Q., Nichols, J., Calhoun, C., Sykes, S.: Towards a cyber defense framework for scada systems based on power consumption monitoring. In: Proceedings of the 50th Hawaii International Conference on System Sciences (2017)
Night dragon. http://www.pcworld.com/article/219251/article.html. Accessed 17 Jan 2017
Misra, S., Maheswaran, M., Hashmi, S.: Case studies of selected iot deployments. In: Security Challenges and Approaches in Internet of Things, pp. 77–94. Springer, Berlin (2017)
Cyberwars. https://www.rt.com/news/flame-stuxnet-kaspersky-iran-607/. Accessed 17 December 2017
Maker of smart-grid control software hacked. https://www.wired.com/2012/09/scada-vendor-telvent-hacked/. Accessed 17 January 2017
Meshram, A., Haas, C.: Anomaly detection in industrial networks using machine learning: a roadmap. In: Machine Learning for Cyber Physical Systems, pp. 65–72. Springer, Berlin (2017)
Meara, K.O., Shick, D., Spring, J., Stoner, E.: Malware capability development patterns respond to defenses: two case studies (2016)
Green, B., Prince, D., Busby, J., Hutchison, D.: The impact of social engineering on industrial control system security. In: Proceedings of the First ACM Workshop on Cyber-Physical Systems-Security and/or PrivaCy, pp. 23–29. ACM, New York (2015)
Flowers, A.S., Smith, S.C., Oltramari, A.: Security taxonomies of industrial control systems. In: Cyber-security of SCADA and Other Industrial Control Systems, pp. 111–132. Springer, Berlin (2016)
Khan, R., Maynard, P., McLaughlin, K., Laverty, D., Sezer, S.: Threat analysis of blackenergy malware for synchrophasor based real-time control and monitoring in smart grid. In: 4th Int’l Symposium ICS & SCADA Cyber Security Research. BCS, pp. 53–63 (2016)
https://thehackernews.com/2016/06/irongate-stuxnet-malware.html/. Accessed 17 January 2017
Leyden, J.: Scada malware caught infecting european energy company. https://www.theregister.co.uk/2016/07/12/scada-malware/. Accessed July 2017
Ransomware attack on san francisco public transit gives everyone a free ride. https://www.theguardian.com/technology/2016/nov/28/passengers-free-ride-san-francisco-muni-ransomeware. Accessed July 2017
Hackers take over a hotels computer system, lock guests in rooms and hold hotel to ransom. goo.gl/9JRsOA. Accessed July 2017
Rsa 2017: Researchers create ransomware for industrial control systems. goo.gl/eYPxxY. Accessed July 2017
Goldenberg, N., Wool, A.: Accurate modeling of modbus/tcp for intrusion detection in scada systems. Int. J. Crit. Infrastruct. Prot. 6(2), 63–75 (2013)
Amoah, R., Camtepe, S., Foo, E. Formal modelling and analysis of dnp3 secure authentication. J. Netw. Comput. Appl. 59, 345–360 (2016)
Ramos, R., Barbosa, R.: Anomaly detection in SCADA systems-a network based approach. PhD thesis, Centre for Telematics and Information Technology, University of Twente (2014)
Huitsing, P., Chandia, R., Papa, M., Shenoi, S.: Attack taxonomies for the modbus protocols. Int. J. Crit. Infrastruct. Prot. 1, 37–44 (2008)
East, S., Butts, J., Papa, M., Shenoi, S.: A taxonomy of attacks on the dnp3 protocol. In: International Conference on Critical Infrastructure Protection, pp. 67–81. Springer, Berlin (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Pramod, T.C., Sunitha, N.R. (2018). SCADA: Analysis of Attacks on Communication Protocols. In: Rao, N., Brooks, R., Wu, C. (eds) Proceedings of International Symposium on Sensor Networks, Systems and Security. ISSNSS 2017. Springer, Cham. https://doi.org/10.1007/978-3-319-75683-7_17
Download citation
DOI: https://doi.org/10.1007/978-3-319-75683-7_17
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-75682-0
Online ISBN: 978-3-319-75683-7
eBook Packages: EngineeringEngineering (R0)