Exploiting SCADA vulnerabilities using a Human Interface Device
Journal Title: International Journal of Advanced Computer Science & Applications - Year 2015, Vol 6, Issue 7
Abstract
SCADA (Supervisory Control and Data Acquisition) systems are used to control and monitor critical national infras-tructure functions like electricity, gas, water and railways. Field devices such as PLC’s (Programmable Logic Controllers) are one of the most critical components of a control system. Cyber-attacks usually target valuable infrastructures assets, taking advantage of architectural/technical vulnerabilities or even weaknesses in the defense systems. Even though novel intrusion detection systems are being implemented and used for defending cyber-attacks, certain vulnerabilities of SCADA systems can still be exploited. In this article we present an attack scenario based on a Human Interface Device (HID) device which is used as a means of communication/exploitation tool to compromise SCADA systems. The attack, which is a normal series of commands that are sent from the HID to the PLC cannot be detected through current intrusion detection mechanisms. Finaly we provide possible counter measures and defense mechanisms against this kind of cyber attacks.
Authors and Affiliations
Grigoris Tzokatziou, Helge Janicke, Leandros Maglaras, Ying He
Keywords
Related Articles
- EP ID EP148344
- DOI 10.14569/IJACSA.2015.060731
- Views 99
- Downloads 0
Analysis of Medical Domain Using CMARM: Confabulation Mapreduce Association Rule Mining Algorithm for Frequent and Rare Itemsets
In Human Life span, disease is a major cause of illness and death in the modern society. There are various factors that are responsible for diseases like work environment, living and working conditions, agriculture and f...
Feature Based Correspondence: A Comparative Study on Image Matching Algorithms
Image matching and recognition are the crux of computer vision and have a major part to play in everyday lives. From industrial robots to surveillance cameras, from autonomous vehicles to medical imaging and from missile...
Introducing a Cybersecurity Mindset into Software Engineering Undergraduate Courses
Cybersecurity is a growing problem globally. Software helps to drive and optimize businesses in every aspect of modern life. Software systems have been under continued attacks by malicious entities, and in some cases, th...
Linking Context to Data Warehouse Design
Data warehouses are now widely used for analysis and decision support purposes. The availability of software solutions, which are more and more user-friendly and easy to manipulate has made it possible to extend their us...
Line of Sight Estimation Accuracy Improvement using Depth Image and Ellipsoidal Model of Cornea Curvature
Line of sight estimation accuracy improvement is attempted using depth image (distance between user and display) and ellipsoidal model (shape of user’s eye) of cornea curvature. It is strongly required to improve line of...