Skip to main content

Exploiting Vulnerabilities in the SCADA Modbus Protocol: An ICT-Reliant Perspective

  • 323 Accesses

Part of the Communications in Computer and Information Science book series (CCIS,volume 1534)

Abstract

Industrial plants like power, gas, water, and transport are controlled remotely and managed by a protocol like Modbus-TCP which has a significant contribution towards Industrial Control systems (ICS) and Supervisory control and data acquisition (SCADA) systems. In the previous years, occurrences of cyber-attacks influenced the SCADA structures and their associated protocols though few in numbers but lethal. The attack may affect the confidentiality and integrity of the Modbus/TCP module and unauthorized control of coils and registers has the potential for appalling conditions in some unacceptable situations. The proposed work investigates the security of an industrial framework utilizing the Modbus transmission convention in an ICS to build up a particular security test framework for the discovery attack, Man in the middle (MIMT) attack, Denial of Service (DoS), and Metasploit attack. This work focuses to execute the attack results and show the interaction in the virtual climate of Conpot and Rapid SCADA and presents an analysis using CVSS 3.1 score to compare the Metasploit, DOS, MITM in terms of vulnerabilities and threat levels. Finally, the severity of ease of happening for different attacks is mentioned as a conclusion of this study.

Keywords

  • SCADA
  • Modbus-TCP
  • Attack detection
  • CVSS score
  • SCADA vulnerability

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-96040-7_8
  • Chapter length: 15 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   109.00
Price excludes VAT (USA)
  • ISBN: 978-3-030-96040-7
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   149.99
Price excludes VAT (USA)
Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.
Fig. 5.
Fig. 6.

References

  1. Upadhyay, D., Sampalli, S.: SCADA (supervisory control and data acquisition) systems: vulnerability assessment and security recommendations. Comput. Secur. 89, 101666 (2020)

    CrossRef  Google Scholar 

  2. Stranahan, J., Soni, T., Heydari, V.: Supervisory control and data acquisition testbed vulnerabilities and attacks. In: SoutheastCon 2019, pp. 1–5 (2019). https://doi.org/10.1109/SoutheastCon42311.2019.9020436

  3. Xuan, L., Yongzhong, L.: Research and implementation of Modbus TCP security enhancement protocol. J. Phys: Conf. Ser. 1213, 052058 (2019). https://doi.org/10.1088/1742-6596/1213/5/052058

  4. Radoglou-Grammatikis, P., Siniosoglou, I., Liatifis, T., Kourouniadis, A., Rompolos, K., Sarigiannidis, P.: Implementation and detection of modbus cyberattacks. In: 2020 9th International Conference on Modern Circuits and Systems Technologies (MOCAST), pp. 1–4 (2020). https://doi.org/10.1109/MOCAST49295.2020.9200287

  5. Wilson, P.L.: ModSec: A secure Modbus protocol. SMARTech Home (2018). https://smartech.gatech.edu/handle/1853/62615

  6. Parian, C., Guldimann, T., Bhatia, S.: Fooling the master: exploiting weaknesses in the Modbus protocol. Procedia Comput. Sci. 171, 2453–2458 (2020)

    CrossRef  Google Scholar 

  7. Chou, C.-H., et al.: Modbus packet analysis and attack mode for SCADA system. J. ICT Des. Eng. Technol. Sci. 2, 30–35 (2018). https://doi.org/10.33150/JITDETS-2.2.1

  8. Parcharidis, M.: Simulation of cyber attacks against SCADA systems - Thesis presentation (2018)

    Google Scholar 

  9. Gamess, E., Smith, B., Iii, G.: Performance evaluation of Modbus TCP in normal operation and under a distributed denial of service attack. Int. J. Comput. Netw. Commun. 12, 1–21 (2020). https://doi.org/10.5121/ijcnc.2020.12201

    CrossRef  Google Scholar 

  10. Nyasore, O.N., Zavarsky, P., Swar, B., Naiyeju, R., Dabra, S.: Deep packet inspection in industrial automation control system to mitigate attacks exploiting modbus/TCP vulnerabilities, pp. 241–245 (2020). https://doi.org/10.1109/BigDataSecurity-HPSC-IDS49724.2020.00051

  11. Siddavatam, I.A., Parekh, S., Shah, T., Kazi, F.: Testing and validation of Modbus/TCP protocol for secure SCADA communication in CPS using formal methods. Scalable Comput. Pract. Exp. 18(4), 313–330 (2017). https://doi.org/10.12694/scpe.v18i4.1331

  12. Fachkha, C.: Cyber threat investigation of SCADA Modbus activities. In: 2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS), pp. 1–7 (2019). https://doi.org/10.1109/NTMS.2019.8763817

  13. Peng, T., Leckie, C., Ramamohanarao, K.: Protection from distributed denial of service attacks using history-based IP filtering. In: IEEE International Conference on Communications, ICC 2003, vol. 1. IEEE (2003)

    Google Scholar 

  14. Zaballos, A., Vallejo, A., Selga, J.M.: Heterogeneous communication architecture for the smart grid. IEEE Network 25(5), 30–37 (2011)

    CrossRef  Google Scholar 

  15. Gawande, A.R.: DDoS detection and mitigation using machine learning. Dissertations, Rutgers University-Camden Graduate School (2018)

    Google Scholar 

  16. Ullah, I., Mahmoud, Q.H.: An intrusion detection framework for the smart grid. In: 2017 IEEE 30th Canadian Conference on Electrical and Computer Engineering (CCECE). IEEE (2017)

    Google Scholar 

  17. Wei, L., et al.: Review of cyber-physical attacks and counter defense mechanisms for advanced metering infrastructure in smart grid. In: 2018 IEEE/PES Transmission and Distribution Conference and Exposition (TD). IEEE (2018)

    Google Scholar 

  18. Zafar, R., et al.: Applications of ZigBee in smart grid environment: a review. In: Proceedings of the 2nd International Conference on Engineering and Emerging Technologies (ICEET). Superior University, Lahore (2015)

    Google Scholar 

  19. Chen, T.M., Sanchez-Aarnoutse, J.C., Buford, J.: Petri net modeling of cyber-physical attacks on smart grid. IEEE Trans. Smart Grid 2(4), 741–749 (2011)

    CrossRef  Google Scholar 

  20. Kundur, D., et al.: Towards modelling the impact of cyber attacks on a smart grid. Int. J. Secur. Netw. 6(1), 2–13 (2011)

    CrossRef  Google Scholar 

  21. Emmanuel, M., Seah, W.K., Rayudu, R.: Communication architecture for smart grid applications. In: 2018 IEEE Symposium on Computers and Communications (ISCC). IEEE (2018)

    Google Scholar 

  22. GitHub. https://github.com/zhanglongqi/qModMaster. GitHub - zhanglongqi/qModMaster: The maintainer’s repo. https://github.com/ed-chemnitz/qmodbus/. Accessed 27 Aug 2021

  23. ModbusPal. ModbusPal - Java MODBUS simulator. http://modbuspal.sourceforge.net/. Accessed 27 Aug 2021

  24. Huitsing, P., Chandia, R., Papa, M., Shenoi, S.: Attack taxonomies for the Modbus protocols. Int. J. Crit. Infrastruct. Prot. 1, 37–44 (2008)

    CrossRef  Google Scholar 

  25. Gamess, E., Smith, B., Francia, G.: Performance evaluation of Modbus TCP in normal operation and under a distributed denial of service attack. Int. J. Comput. Netw. Commun. (IJCNC) 12(2), 1–21 (2020)

    CrossRef  Google Scholar 

  26. Sinha, A., et al.: Cyber physical defense framework for distributed smart grid applications. Front. Energy Res. 8, 407 (2021)

    Google Scholar 

  27. Sinha, A., et al.: Critical infrastructure security: cyber-physical attack prevention, detection, and countermeasures. In: Quantum Cryptography and the Future of Cyber Security, pp. 134–162. IGI Global (2020)

    Google Scholar 

  28. Singh, J., et al.: Insider attack mitigation in a smart metering infrastructure using reputation score and blockchain technology. Int. J. Inf. Secur. 1–20 (2021)

    Google Scholar 

Download references

Acknowledgement

The work is funded by Department of Science and Technology(DST), India for the Cyber Physical Security in Energy Infrastructure for Smart Cities (CPSEC) project under Smart Environments theme of Indo-Norwegian Call.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Ayush Sinha .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2022 Springer Nature Switzerland AG

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Sinha, A., Patel, S.S., Kumar, A., Vyas, O.P. (2022). Exploiting Vulnerabilities in the SCADA Modbus Protocol: An ICT-Reliant Perspective. In: Woungang, I., Dhurandher, S.K., Pattanaik, K.K., Verma, A., Verma, P. (eds) Advanced Network Technologies and Intelligent Computing. ANTIC 2021. Communications in Computer and Information Science, vol 1534. Springer, Cham. https://doi.org/10.1007/978-3-030-96040-7_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-96040-7_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-96039-1

  • Online ISBN: 978-3-030-96040-7

  • eBook Packages: Computer ScienceComputer Science (R0)