Identifying S7comm Protocol Data Injection Attacks in Cyber-Physical Systems

scite shows how a scientific paper has been cited by providing the context of the citation, a classification describing whether it supports, mentions, or contrasts the cited claim, and a label indicating in which section the citation was made.

Header Abstract Content Author and article information REFERENCES Comments

Record: found
Abstract: found
Conference Proceedings: found

Is Open Access

Identifying S7comm Protocol Data Injection Attacks in Cyber-Physical Systems

Published

proceedings-article

Author(s): Oliver Eigner ¹ , Philipp Kreimel ¹ , Paul Tavolato ¹

Publication date (Print): August 2018

Conference name: 5th International Symposium for ICS & SCADA Cyber Security Research 2018 (ICS-CSR 2018)

Conference theme: ICS & SCADA Cyber Security Research

Conference date: 29 - 30 August 2018

Keywords: Cyber-Physical System, Anomaly Detection, S7 Communication Protocol

Bookmark

Abstract

Content

Author and article information

Contributors

Oliver Eigner: URI : www.fhstp.ac.at

Philipp Kreimel: URI : www.fhstp.ac.at

Paul Tavolato: URI : www.fhstp.ac.at

Conference

Publication date: August 2018

Publication date (Print): August 2018

Pages: 51-56

Affiliations

[1 ]University of Applied Sciences, St. Pölten, Institute of IT Security Research, St. Pölten, Austria

Article

DOI: 10.14236/ewic/ICS2018.6

SO-VID: 6e584c4f-762e-4d6b-a4ac-9fac9938c62a

License:

This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

Conference name: 5th International Symposium for ICS & SCADA Cyber Security Research 2018

Conference acronym: ICS-CSR 2018

Conference number: 5

Conference location: University of Hamburg, Germany

Conference date: 29 - 30 August 2018

Conference sponsor: Electronic Workshops in Computing (eWiC)

Conference theme: ICS & SCADA Cyber Security Research

History

Product

1477-9358 BCS Learning & Development

Self URI (article page): https://www.scienceopen.com/hosted-document?doi=10.14236/ewic/ICS2018.6

Self URI (journal page): https://ewic.bcs.org/

REFERENCES

K. D. BettenhausenS. Kowalewski “Cyberphysical systems: Chancen und Nutzen aus Sicht der Automation” VDI/VDE-Gesellschaft Mess-und Automatisierungstechnik 2013
N. FalliereL. O. MurchuE. Chien “W32. stuxnet dossier” White paper, Symantec Corp., Security Response 5 2011
D. U. Case “Analysis of the cyber attack on the ukrainian power grid” Electricity Information Sharing and Analysis Center (E-ISAC) 2016
D. FormbyS. DurbhaR. Beyah “Out of control: Ransomware for industrial control systems” 2017
Electrical Engineering Blog “The top most used plc systems around the world.” http://engineering.electricalequipment.org/electrical-distribution/the-topmost-used-plc-systems-around-the-world.html May 2013
D. Beresford “Exploiting siemens simatic s7 plcs” Black Hat USA 16 2 723 733 2011
A. KleinmannA. Wool “Accurate modeling of the Siemens S7 scada protocol for intrusion detection and digital forensics” Journal of Digital Forensics, Security and Law 9 2 4 2014
R. R. R. BarbosaR. SadreA. Pras “A first look into scada network traffic” 2012 IEEE Network Operations and Management Symposium 518 521 April 2012
T. M. Chen “Stuxnet, the real start of cyber warfare?. [editor’s note]” IEEE Network 24 2 3 November 2010
J. ZhangS. GanX. LiuP. Zhu “Intrusion detection in scada systems by traffic periodicity and telemetry analysis” 2016 IEEE Symposium on Computers and Communication (ISCC) 318 325 IEEE June 2016
R. Al-DalkyO. AbduljaleelK. SalahH. OtrokM. Al-Qutayri “A modbus traffic generator for evaluating the security of scada systems” 2014 9th International Symposium on Communication Systems, Networks Digital Sign (CSNDSP) 809 814 July 2014
A. AlmalawiZ. TariA. FahadI. Khalil “A framework for improving the accuracy of unsupervised intrusion detection for scada systems” 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications 292 301 July 2013
I. GaritanoR. UribeetxeberriaU. Zurutuza “A review of scada anomaly detection systems” Soft Computing Models in Industrial and Environmental Applications, 6th International Conference SOCO 2011 357 366 Springer 2011
M. MantereM. SailioS. Noponen “Network traffic features for anomaly detection in specific industrial control system network” Future Internet 5 4 460 473 2013
Y. PengC. XiangH. GaoD. ChenW. Ren Industrial Control System Fingerprinting and Anomaly Detection 73 85 Cham Springer International Publishing 2015
S. CheungB. DutertreM. FongU. LindqvistK. SkinnerA. Valdes “Using modelbased intrusion detection for scada networks” Proceedings of the SCADA Security Scientific Symposium Miami Beach, Florida Jan. 2007
S. JeonJ.-H. YunS. ChoiW.-N. Kim “Passive Fingerprinting of SCADA in Critical Infrastructure Network without Deep Packet Inspection” ArXiv e-prints Aug. 2016
O. EignerP. KreimelP. Tavolato “Detection of man-in-the-middle attacks on industrial control networks” 2016 International Conference on Software Security and Assurance (ICSSA) 64 69 Aug 2016
P. KreimelO. EignerP. Tavolato “Anomaly-based detection and classification of attacks in cyber-physical systems” Proceedings of the 12th International Conference on Availability, Reliability and Security, ARES ’17 New York, NY, USA 40:1 40:6 ACM 2017

Comments

Comment on this article

[1] K. D. BettenhausenS. Kowalewski “Cyberphysical systems: Chancen und Nutzen aus Sicht der Automation” VDI/VDE-Gesellschaft Mess-und Automatisierungstechnik 2013

[2] N. FalliereL. O. MurchuE. Chien “W32. stuxnet dossier” White paper, Symantec Corp., Security Response 5 2011

[3] D. U. Case “Analysis of the cyber attack on the ukrainian power grid” Electricity Information Sharing and Analysis Center (E-ISAC) 2016

[4] D. FormbyS. DurbhaR. Beyah “Out of control: Ransomware for industrial control systems” 2017

[5] Electrical Engineering Blog “The top most used plc systems around the world.” http://engineering.electricalequipment.org/electrical-distribution/the-topmost-used-plc-systems-around-the-world.html May 2013

[6] D. Beresford “Exploiting siemens simatic s7 plcs” Black Hat USA 16 2 723 733 2011

[7] A. KleinmannA. Wool “Accurate modeling of the Siemens S7 scada protocol for intrusion detection and digital forensics” Journal of Digital Forensics, Security and Law 9 2 4 2014

[8] R. R. R. BarbosaR. SadreA. Pras “A first look into scada network traffic” 2012 IEEE Network Operations and Management Symposium 518 521 April 2012

[9] T. M. Chen “Stuxnet, the real start of cyber warfare?. [editor’s note]” IEEE Network 24 2 3 November 2010

[10] J. ZhangS. GanX. LiuP. Zhu “Intrusion detection in scada systems by traffic periodicity and telemetry analysis” 2016 IEEE Symposium on Computers and Communication (ISCC) 318 325 IEEE June 2016

[11] R. Al-DalkyO. AbduljaleelK. SalahH. OtrokM. Al-Qutayri “A modbus traffic generator for evaluating the security of scada systems” 2014 9th International Symposium on Communication Systems, Networks Digital Sign (CSNDSP) 809 814 July 2014

[12] A. AlmalawiZ. TariA. FahadI. Khalil “A framework for improving the accuracy of unsupervised intrusion detection for scada systems” 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications 292 301 July 2013

[13] I. GaritanoR. UribeetxeberriaU. Zurutuza “A review of scada anomaly detection systems” Soft Computing Models in Industrial and Environmental Applications, 6th International Conference SOCO 2011 357 366 Springer 2011

[14] M. MantereM. SailioS. Noponen “Network traffic features for anomaly detection in specific industrial control system network” Future Internet 5 4 460 473 2013

[15] Y. PengC. XiangH. GaoD. ChenW. Ren Industrial Control System Fingerprinting and Anomaly Detection 73 85 Cham Springer International Publishing 2015

[16] S. CheungB. DutertreM. FongU. LindqvistK. SkinnerA. Valdes “Using modelbased intrusion detection for scada networks” Proceedings of the SCADA Security Scientific Symposium Miami Beach, Florida Jan. 2007

[17] S. JeonJ.-H. YunS. ChoiW.-N. Kim “Passive Fingerprinting of SCADA in Critical Infrastructure Network without Deep Packet Inspection” ArXiv e-prints Aug. 2016

[18] O. EignerP. KreimelP. Tavolato “Detection of man-in-the-middle attacks on industrial control networks” 2016 International Conference on Software Security and Assurance (ICSSA) 64 69 Aug 2016

[19] P. KreimelO. EignerP. Tavolato “Anomaly-based detection and classification of attacks in cyber-physical systems” Proceedings of the 12th International Conference on Availability, Reliability and Security, ARES ’17 New York, NY, USA 40:1 40:6 ACM 2017

UK Computing Summit 2025: Navigating change (surviving and beyond) - 29-30 April @ Sheffield Hallam University - Register here.

Identifying S7comm Protocol Data Injection Attacks in Cyber-Physical Systems

Contributors

Conference

Affiliations

Article

History

Product

Categories

Comment on this article