Advanced protocol to prevent man-in-the-middle attack in SCADA system

Sangkyo Oh; Hyunji Chung; Sangjin Lee; Kyungho Lee

doi:10.14257/ijsia.2014.8.2.01

Advanced protocol to prevent man-in-the-middle attack in SCADA system

Sangkyo Oh, Hyunji Chung, Sangjin Lee, Kyungho Lee

School of Cybersecurity

Research output: Contribution to journal › Article › peer-review

4 Citations (Scopus)

Abstract

SCADA system is a computer system that monitors and controls the national infrastructure or industrial process including transportation facilities, water treatment and distribution, electrical power transmission and distribution, and gas pipelines. If a SCADA system is infected by a malicious worm, such as the Stuxnet, disaster is inevitable. Since the appearance of Stuxnet, researchers focused on detecting this intrusion in SCADA networks. As a result, various methods have been presented by researchers. One of them is to monitor traffic and detect anomalous patterns. However, it is not able to detecting a spoofed packet. This study present three cases of system anomaly by example of pattern based on real data of PROFINET/DCP protocol. And propose protection method using the authentication.

Original language	English
Pages (from-to)	1-8
Number of pages	8
Journal	International Journal of Security and its Applications
Volume	8
Issue number	2
DOIs	https://doi.org/10.14257/ijsia.2014.8.2.01
Publication status	Published - 2014

Keywords

Authentication
PROFINET DCP
SCADA system

ASJC Scopus subject areas

Computer Science(all)

Access to Document

10.14257/ijsia.2014.8.2.01

Cite this

@article{f015e470d806498db56f7bca45e50861,

title = "Advanced protocol to prevent man-in-the-middle attack in SCADA system",

abstract = "SCADA system is a computer system that monitors and controls the national infrastructure or industrial process including transportation facilities, water treatment and distribution, electrical power transmission and distribution, and gas pipelines. If a SCADA system is infected by a malicious worm, such as the Stuxnet, disaster is inevitable. Since the appearance of Stuxnet, researchers focused on detecting this intrusion in SCADA networks. As a result, various methods have been presented by researchers. One of them is to monitor traffic and detect anomalous patterns. However, it is not able to detecting a spoofed packet. This study present three cases of system anomaly by example of pattern based on real data of PROFINET/DCP protocol. And propose protection method using the authentication.",

keywords = "Authentication, PROFINET DCP, SCADA system",

author = "Sangkyo Oh and Hyunji Chung and Sangjin Lee and Kyungho Lee",

year = "2014",

doi = "10.14257/ijsia.2014.8.2.01",

language = "English",

volume = "8",

pages = "1--8",

journal = "International Journal of Security and its Applications",

issn = "1738-9976",

publisher = "Science and Engineering Research Support Society",

number = "2",

}

TY - JOUR

T1 - Advanced protocol to prevent man-in-the-middle attack in SCADA system

AU - Oh, Sangkyo

AU - Chung, Hyunji

AU - Lee, Sangjin

AU - Lee, Kyungho

PY - 2014

Y1 - 2014

N2 - SCADA system is a computer system that monitors and controls the national infrastructure or industrial process including transportation facilities, water treatment and distribution, electrical power transmission and distribution, and gas pipelines. If a SCADA system is infected by a malicious worm, such as the Stuxnet, disaster is inevitable. Since the appearance of Stuxnet, researchers focused on detecting this intrusion in SCADA networks. As a result, various methods have been presented by researchers. One of them is to monitor traffic and detect anomalous patterns. However, it is not able to detecting a spoofed packet. This study present three cases of system anomaly by example of pattern based on real data of PROFINET/DCP protocol. And propose protection method using the authentication.

AB - SCADA system is a computer system that monitors and controls the national infrastructure or industrial process including transportation facilities, water treatment and distribution, electrical power transmission and distribution, and gas pipelines. If a SCADA system is infected by a malicious worm, such as the Stuxnet, disaster is inevitable. Since the appearance of Stuxnet, researchers focused on detecting this intrusion in SCADA networks. As a result, various methods have been presented by researchers. One of them is to monitor traffic and detect anomalous patterns. However, it is not able to detecting a spoofed packet. This study present three cases of system anomaly by example of pattern based on real data of PROFINET/DCP protocol. And propose protection method using the authentication.

KW - Authentication

KW - PROFINET DCP

KW - SCADA system

UR - http://www.scopus.com/inward/record.url?scp=84897471385&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84897471385&partnerID=8YFLogxK

U2 - 10.14257/ijsia.2014.8.2.01

DO - 10.14257/ijsia.2014.8.2.01

M3 - Article

AN - SCOPUS:84897471385

SN - 1738-9976

VL - 8

SP - 1

EP - 8

JO - International Journal of Security and its Applications

JF - International Journal of Security and its Applications

IS - 2

ER -

Advanced protocol to prevent man-in-the-middle attack in SCADA system

Abstract

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this