论文信息 - Advanced Protocol to Prevent Man-in-the-middle Attack in SCADA System

Advanced Protocol to Prevent Man-in-the-middle Attack in SCADA System

SCADA system is a computer system that monitors and controls the national infrastructure or industrial process including transportation facilities, water treatment and distribution, electrical power transmission and distribution, and gas pipelines. If a SCADA system is infected by a malicious worm, such as the Stuxnet, disaster is inevitable. Since the appearance of Stuxnet, researchers focused on detecting this intrusion in SCADA networks. As a result, various methods have been presented by researchers. One of them is to monitor traffic and detect anomalous patterns. However, it is not able to detecting a spoofed packet. This study present three cases of system anomaly by example of pattern based on real data of PROFINET/DCP protocol. And propose protection method using the authentication.

Sangjin Lee | Hyunji Chung | Kyungho Lee | Sangkyo Oh

[1] Khaled Elleithy,et al. Advances in Computer, Information, and Systems Sciences, and Engineering: Proceedings of IETA 2005, TeNe 2005 and EIAE 2005 , 2006 .

[2] Ragnar Schierholz,et al. Leveraging determinism in industrial control systems for advanced anomaly detection and reliable security configuration , 2009, 2009 IEEE Conference on Emerging Technologies & Factory Automation.

[3] Ulf Lindqvist,et al. Using Model-based Intrusion Detection for SCADA Networks , 2006 .

[4] Hyukmin Kwon,et al. Intrusion Detection Methodology for SCADA system environment based on traffic self-similarity property , 2012 .

[5] Francesco Parisi-Presicce,et al. DNPSec: Distributed Network Protocol Version 3 (DNP3) Security Framework , 2007 .

[6] Huy-Kang Kim,et al. Risk Analysis and Monitoring Model of Urban SCADA Network Infrastructure , 2011 .