Advanced protocol to prevent man-in-the-middle attack in SCADA system

Sangkyo Oh, Hyunji Chung, Sangjin Lee, Kyung Ho Lee

Research output: Contribution to journalArticle

4 Citations (Scopus)

Abstract

SCADA system is a computer system that monitors and controls the national infrastructure or industrial process including transportation facilities, water treatment and distribution, electrical power transmission and distribution, and gas pipelines. If a SCADA system is infected by a malicious worm, such as the Stuxnet, disaster is inevitable. Since the appearance of Stuxnet, researchers focused on detecting this intrusion in SCADA networks. As a result, various methods have been presented by researchers. One of them is to monitor traffic and detect anomalous patterns. However, it is not able to detecting a spoofed packet. This study present three cases of system anomaly by example of pattern based on real data of PROFINET/DCP protocol. And propose protection method using the authentication.

Original languageEnglish
Pages (from-to)1-8
Number of pages8
JournalInternational Journal of Security and its Applications
Volume8
Issue number2
DOIs
Publication statusPublished - 2014 Jan 1

Fingerprint

SCADA systems
Gas pipelines
Power transmission
Water treatment
Disasters
Authentication
Computer systems

Keywords

  • Authentication
  • PROFINET DCP
  • SCADA system

ASJC Scopus subject areas

  • Computer Science(all)

Cite this

Advanced protocol to prevent man-in-the-middle attack in SCADA system. / Oh, Sangkyo; Chung, Hyunji; Lee, Sangjin; Lee, Kyung Ho.

In: International Journal of Security and its Applications, Vol. 8, No. 2, 01.01.2014, p. 1-8.

Research output: Contribution to journalArticle

@article{f015e470d806498db56f7bca45e50861,
title = "Advanced protocol to prevent man-in-the-middle attack in SCADA system",
abstract = "SCADA system is a computer system that monitors and controls the national infrastructure or industrial process including transportation facilities, water treatment and distribution, electrical power transmission and distribution, and gas pipelines. If a SCADA system is infected by a malicious worm, such as the Stuxnet, disaster is inevitable. Since the appearance of Stuxnet, researchers focused on detecting this intrusion in SCADA networks. As a result, various methods have been presented by researchers. One of them is to monitor traffic and detect anomalous patterns. However, it is not able to detecting a spoofed packet. This study present three cases of system anomaly by example of pattern based on real data of PROFINET/DCP protocol. And propose protection method using the authentication.",
keywords = "Authentication, PROFINET DCP, SCADA system",
author = "Sangkyo Oh and Hyunji Chung and Sangjin Lee and Lee, {Kyung Ho}",
year = "2014",
month = "1",
day = "1",
doi = "10.14257/ijsia.2014.8.2.01",
language = "English",
volume = "8",
pages = "1--8",
journal = "International Journal of Security and its Applications",
issn = "1738-9976",
publisher = "Science and Engineering Research Support Society",
number = "2",

}

TY - JOUR

T1 - Advanced protocol to prevent man-in-the-middle attack in SCADA system

AU - Oh, Sangkyo

AU - Chung, Hyunji

AU - Lee, Sangjin

AU - Lee, Kyung Ho

PY - 2014/1/1

Y1 - 2014/1/1

N2 - SCADA system is a computer system that monitors and controls the national infrastructure or industrial process including transportation facilities, water treatment and distribution, electrical power transmission and distribution, and gas pipelines. If a SCADA system is infected by a malicious worm, such as the Stuxnet, disaster is inevitable. Since the appearance of Stuxnet, researchers focused on detecting this intrusion in SCADA networks. As a result, various methods have been presented by researchers. One of them is to monitor traffic and detect anomalous patterns. However, it is not able to detecting a spoofed packet. This study present three cases of system anomaly by example of pattern based on real data of PROFINET/DCP protocol. And propose protection method using the authentication.

AB - SCADA system is a computer system that monitors and controls the national infrastructure or industrial process including transportation facilities, water treatment and distribution, electrical power transmission and distribution, and gas pipelines. If a SCADA system is infected by a malicious worm, such as the Stuxnet, disaster is inevitable. Since the appearance of Stuxnet, researchers focused on detecting this intrusion in SCADA networks. As a result, various methods have been presented by researchers. One of them is to monitor traffic and detect anomalous patterns. However, it is not able to detecting a spoofed packet. This study present three cases of system anomaly by example of pattern based on real data of PROFINET/DCP protocol. And propose protection method using the authentication.

KW - Authentication

KW - PROFINET DCP

KW - SCADA system

UR - http://www.scopus.com/inward/record.url?scp=84897471385&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84897471385&partnerID=8YFLogxK

U2 - 10.14257/ijsia.2014.8.2.01

DO - 10.14257/ijsia.2014.8.2.01

M3 - Article

AN - SCOPUS:84897471385

VL - 8

SP - 1

EP - 8

JO - International Journal of Security and its Applications

JF - International Journal of Security and its Applications

SN - 1738-9976

IS - 2

ER -