Multi Tree View of Complex Attack – Stuxnet

  • Shivani Mishra
  • Krishna Kant
  • R. S. Yadav
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 176)


Stuxnet attack on critical infrastructures is considered as paradigm shift in malware attack approach. The complexity and sophistication involved in this attack make it unique. Attacking approach of the malware, on control infrastructures, is a motivation for academic research. This paper describes the application of the Attack Tree methodology to analyze Stuxnet attack on SCADA system. Root node of the Attack Tree represents the major goal of an attacker and branches represent sub goals. The authors have identified six major goals to penetrate SCADA system, and then have built Attack Trees which demonstrate step by step activity to achieve these goals and sub goals. For each such sub goal, we have found several common categories of attacks which make Stuxnet attack successful and are used to analyze those components of control infrastructure which are susceptible to attacks.


Malware Stuxnet SCADA Control infrastructures Attack Trees Attack Goal Attack Sub Goal 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Langner, R.: Stuxnet: Dissecting a Cyber warfare Weapon. IEEE Security & Privacy 9(3), 49–51 (2011)CrossRefGoogle Scholar
  2. 2.
  3. 3.
  4. 4.
  5. 5.
    Stuxnet: The first weaponized software?,
  6. 6.
    Cárdenas, A.A., Amin, S., Lin, Z.-S., Huang, Y.-L., Huang, C.-Y., Sastry, S.: Attacks against process control systems: risk assessment, detection and response. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2011), pp. 355–366. ACM, New York (2011)Google Scholar
  7. 7.
    Schneier, B.: Attack Trees. Dr. Dobb’s Journal 24(12), 21–29 (1999)Google Scholar
  8. 8.
    Khand, P.A.: System level security modeling using Attack Trees. In: 2nd International Conference on Computer, Control and Communication, IC4 2009, pp. 1–6 (February 2009)Google Scholar
  9. 9.
    Thesis, Efficient Semantics of Parallel and Serial Models of Attack Trees,
  10. 10.
    Supervisory Control and Data Acquisition (SCADA) Systems,
  11. 11.
    Chen, T.M., Abu-Nimeh, S.: Lessons from Stuxnet. Computer 44(4), 91–93 (2011)CrossRefGoogle Scholar
  12. 12.
    Paulson, L.D.: Worm Targets Industrial-Plant Operations. Computer 43(11), 15–18 (2010)CrossRefGoogle Scholar
  13. 13.
    Ten, C.-W., Manimaran, G., Liu, C.-C.: Cybersecurity for Critical Infrastructures: Attack and Defense Modeling. IEEE Transactions on Systems, Man and Cybernetics, Part A: Systems and Humans 40(4), 853–865 (2010)CrossRefGoogle Scholar
  14. 14.
    Greengard, S.: The new face of war. Commun. ACM 53(12), 20–22 (2010)CrossRefGoogle Scholar
  15. 15.
    Chen, T.M.: Stuxnet, the real start of cyber warfare? [Editor’s Note]. IEEE Network 24(6), 2–3 (2010)CrossRefGoogle Scholar
  16. 16.
    Stuxnet: rumors increase, infections spread. Network Security (10), 1–2 (October 2010)Google Scholar
  17. 17.
    Jeong, O.-R., Kim, C., Kim, W., So, J.: Botnets: threats and responses. International Journal of Web Information Systems 7(1), 6–17 (2011)CrossRefGoogle Scholar
  18. 18.
    Morais, A., Martins, E., Cavalli, A., Jimenez, W.: Security Protocol Testing Using Attack Trees. In: International Conference on Computational Science and Engineering, CSE 2009, August 29-31, vol. 2, pp. 690–697 (2009)Google Scholar
  19. 19.
    Saini, V., Duan, Q., Paruchuri, V.: Threat modeling using Attack Trees. J. Comput. Sci. Coll. 23(4), 124–131 (2008)Google Scholar
  20. 20.
    Camtepe, S.A., Yener, B.: Modeling and detection of complex attacks. In: Third International Conference on Security and Privacy in Communications Networks and the Workshops, SecureComm 2007, September 17-21, pp. 234–243 (2007), doi:10.1109/SECCOM.2007.4550338Google Scholar
  21. 21.
    Sungmo Jung,S. K., Song, J.-G.: Design on SCADA Test-bed and Security Device. International Journal of Multimedia and Ubiquitous Engineering 3(4) (October 2008)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  1. 1.CSEDMotilal Nehru National Institute of TechnologyAllahabadIndia
  2. 2.Computer Engineering and Applications DepartmentGLA UniversityMathuraIndia

Personalised recommendations