More Web Proxy on the site http://driver.im/

poster

Misusing Sensory Channel to Attack Industrial Control Systems

Authors:

Farhad Rasapour,

Hoda MehrpouyanAuthors Info & Claims

CODASPY '18: Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy

Pages 158 - 160

https://doi.org/10.1145/3176258.3176947

Published: 13 March 2018 Publication History

Abstract

Industrial control systems (ICS) are used to control and manage critical infrastructures and protecting these complex system and their interfaces, which can be exploited by internal and external attackers, are a vital security task. Sensors, as an interface device, are used by ICS to collect information about the physical environment and should be guarded against cyber attacks. This paper investigates how sensors can be used as a communication channel by hackers to send a malicious command and control into the ICS. Further, we examine how abusing sensory channel would lead to a data pattern, which can be detected by a proper signature-based intrusion detection system (IDS).

References

[1]

Sulabh Bhattarai, Linqiang Ge, and Wei Yu. 2012. A novel architecture against false data injection attacks in smart grid. In Communications (ICC), 2012 IEEE International Conference on. IEEE, 907--911.

[2]

Robert S Boyer and J Strother Moore. 1977. A fast string searching algorithm. Commun. ACM 20, 10 (1977), 762--772.

Digital Library

[3]

Hang Cai and Krishna K Venkatasubramanian. 2016. Detecting Signal Injection Attack-Based Morphological Alterations of ECG Measurements. In Distributed Computing in Sensor Systems (DCOSS), 2016 International Conference on. IEEE, 127--135.

[4]

dangerous prototype. {n. d.}. USB Infrared Toy. ({n. d.}).

[5]

Hamza Fawzi, Paulo Tabuada, and Suhas Diggavi. 2012. Security for control systems under sensor and actuator attacks. In Decision and Control (CDC), 2012 IEEE 51st Annual Conference on. IEEE, 3412--3417.

[6]

Minsu Jo, Junkil Park, Youngmi Baek, Radoslav Ivanov, JamesWeimer, Sang Hyuk Son, and Insup Lee. 2016. Adaptive Transient Fault Model for Sensor Attack Detection. In Cyber-Physical Systems, Networks, and Applications (CPSNA), 2016 IEEE 4th International Conference on. IEEE, 59--65.

[7]

Marina Krotofil, Alvaro A Cárdenas, Bradley Manning, and Jason Larsen. 2014. CPS: driving cyber-physical systems to unsafe operating conditions by timing DoS attacks on sensor signals. In Proceedings of the 30th Annual Computer Security Applications Conference. ACM, 146--155.

Digital Library

[8]

Denis Foo Kune, John Backes, Shane S Clark, Daniel Kramer, Matthew Reynolds, Kevin Fu, Yongdae Kim, and Wenyuan Xu. 2013. Ghost talk: Mitigating EMI signal injection attacks against analog sensors. In Security and Privacy (SP), 2013 IEEE Symposium on. IEEE, 145--159.

Digital Library

[9]

Tsern-Huei Lee. 2007. Generalized aho-corasick algorithm for signature based anti-virus applications. In Computer Communications and Networks, 2007. ICCCN 2007. Proceedings of 16th International Conference on. IEEE, 792--797.

[10]

Fei Miao, Quanyan Zhu, Miroslav Pajic, and George J Pappas. 2014. Coding sensor outputs for injection attacks detection. In Decision and Control (CDC), 2014 IEEE 53rd Annual Conference on. IEEE, 5776--5781.

[11]

Junkil Park, Radoslav Ivanov, James Weimer, Miroslav Pajic, and Insup Lee. 2015. Sensor attack detection in the presence of transient faults. In Proceedings of the ACM/IEEE Sixth International Conference on Cyber-Physical Systems. ACM, 1--10.

Digital Library

[12]

YUJIN ROBOT. {n. d.}. about. ({n. d.}).

[13]

Ivan Ruchkin, Ashwini Rao, Dionisio De Niz, Sagar Chaki, and David Garlan. 2015. Eliminating inter-domain vulnerabilities in cyber-physical systems: An analysis contracts approach. In Proceedings of the First ACM Workshop on Cyber-Physical Systems-Security and/or PrivaCy. ACM, 11--22.

Digital Library

[14]

Michael Shalyt. 2017. How Vulnerable are Our Industrial Control Systems? What We Learned From ICS Attacks of 2016. (2017). http://www.icscybersecurityconference.com/ust-vulnerable-industrial-control-systems-learned-ics-attacks-2016/

[15]

Industrial Control System Cyber Emergency Response Team. 2017. ICSCERT Monitor. (2017). https://ics-cert.us-cert.gov/sites/default/files/Monitors/ ICS-CERT_Monitor_Nov-Dec2016_S508C.pdf

[16]

A Selcuk Uluagac, Venkatachalam Subramanian, and Raheem Beyah. 2014. Sensory channel threats to cyber physical systems: A wake-up call. In Communications and Network Security (CNS), 2014 IEEE Conference on. IEEE, 301--309.

[17]

velocio.net. {n. d.}. Ace. ({n. d.}).

[18]

Tuan Phan Vuong, George Loukas, and Diane Gan. 2015. Performance evaluation of cyber-physical intrusion detection on a robotic vehicle. In Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing (CIT/IUCC/DASC/PICOM), 2015 IEEE International Conference on. IEEE, 2106--2113.

[19]

Wenyuan Xu, Ke Ma, Wade Trappe, and Yanyong Zhang. 2006. Jamming sensor networks: attack and defense strategies. IEEE network 20, 3 (2006), 41--47.

Digital Library

Cited By

Chen YZhang YLin YHuang XXing BLong PLi YChen L(2022)Intrusion Detection Algorithm of Industrial Control System Based on Improved Bloom FilterComputer Supported Cooperative Work and Social Computing10.1007/978-981-19-4546-5_13(164-175)Online publication date: 20-Jul-2022
https://doi.org/10.1007/978-981-19-4546-5_13
Phillips TMehrpouyan HGardner JReese S(2019)A Covert System Identification Attack on Constant Setpoint Control Systems2019 Seventh International Symposium on Computing and Networking Workshops (CANDARW)10.1109/CANDARW.2019.00070(367-373)Online publication date: Nov-2019
https://doi.org/10.1109/CANDARW.2019.00070
Rasapour FSerra EMehrpouyan H(2019)Framework for Detecting Control Command Injection Attacks on Industrial Control Systems (ICS)2019 Seventh International Symposium on Computing and Networking (CANDAR)10.1109/CANDAR.2019.00035(211-217)Online publication date: Nov-2019
https://doi.org/10.1109/CANDAR.2019.00035

Index Terms

Misusing Sensory Channel to Attack Industrial Control Systems
1. Hardware
2. Security and privacy

Recommendations

HoneyICS: A High-interaction Physics-aware Honeynet for Industrial Control Systems
ARES '23: Proceedings of the 18th International Conference on Availability, Reliability and Security

Industrial control systems (ICSs) are vulnerable to cyber-physical attacks, i.e., security breaches in cyberspace that adversely affect the underlying physical processes. In this context, honeypots are effective countermeasures both to defend against ...
A Retrofit Network Intrusion Detection System for MODBUS RTU and ASCII Industrial Control Systems
HICSS '12: Proceedings of the 2012 45th Hawaii International Conference on System Sciences

MODBUS RTU/ASCII Snort is software to retrofit serial based industrial control systems to add Snort intrusion detection and intrusion prevention capabilities. This article discusses the need for such a system by describing 4 classes of intrusion ...
A Novel IDS Securing Industrial Control System of Critical Infrastructure Using Deception Technology

The Industrial Control System (ICS) has become the key concept in the modern industrial world, enabling process monitoring and system control for general industrial systems and critical infrastructures. High-skilled hackers can invade an imperfect ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

CODASPY '18: Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy

March 2018

401 pages

ISBN:9781450356329

DOI:10.1145/3176258

General Chairs:
Ziming Zhao
Arizona State University, USA
,
Gail-Joon Ahn
Arizona State University, USA & Samsung Research, Korea
,
Program Chairs:
Ram Krishnan
University of Texas at San Antonio, USA
,
Gabriel Ghinita
University of Massachusetts Boston, USA

Copyright © 2018 Owner/Author.

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 13 March 2018

Check for updates

Author Tags

Qualifiers

Poster

Conference

CODASPY '18

Sponsor:

SIGSAC

CODASPY '18: Eighth ACM Conference on Data and Application Security and Privacy

March 19 - 21, 2018

AZ, Tempe, USA

Acceptance Rates

CODASPY '18 Paper Acceptance Rate 23 of 110 submissions, 21%;

Overall Acceptance Rate 149 of 789 submissions, 19%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
171
Total Downloads

Downloads (Last 12 months)4
Downloads (Last 6 weeks)1

Reflects downloads up to 19 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Chen YZhang YLin YHuang XXing BLong PLi YChen L(2022)Intrusion Detection Algorithm of Industrial Control System Based on Improved Bloom FilterComputer Supported Cooperative Work and Social Computing10.1007/978-981-19-4546-5_13(164-175)Online publication date: 20-Jul-2022
https://doi.org/10.1007/978-981-19-4546-5_13
Phillips TMehrpouyan HGardner JReese S(2019)A Covert System Identification Attack on Constant Setpoint Control Systems2019 Seventh International Symposium on Computing and Networking Workshops (CANDARW)10.1109/CANDARW.2019.00070(367-373)Online publication date: Nov-2019
https://doi.org/10.1109/CANDARW.2019.00070
Rasapour FSerra EMehrpouyan H(2019)Framework for Detecting Control Command Injection Attacks on Industrial Control Systems (ICS)2019 Seventh International Symposium on Computing and Networking (CANDAR)10.1109/CANDAR.2019.00035(211-217)Online publication date: Nov-2019
https://doi.org/10.1109/CANDAR.2019.00035

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents