Title :
Internal security attacks on SCADA systems
Author :
Sayegh, N. ; Chehab, Ali ; Elhajj, I.H. ; Kayssi, Ayman
Author_Institution :
Dept. of Electr. & Comput. Eng., American Univ. of Beirut, Beirut, Lebanon
Abstract :
Supervisory Control and Data Acquisition (SCADA) systems have become essential to many industries around the world. Nowadays, SCADA systems are controlling many critical infrastructures such as power grids, mega factories, water treatment systems, and even nuclear power plants. As a result, SCADA systems have become very attractive targets for malicious attacks. In this paper, we show a test-bed that we have developed to detect vulnerabilities within SCADA protocols against internal attacks in order to find out how easy it is to bypass security measures in such protocols. Furthermore, we have tested SCADA components to assess their vulnerabilities against the following attacks: Denial of Service (DoS) attacks, replay attacks, cryptographic attacks, and fragmentation attacks. Our results indicate that SCADA protocols and components are very vulnerable, and hence it is of paramount importance to find immediate solutions to these vulnerabilities.
Keywords :
SCADA systems; protocols; security of data; Denial of Service; DoS attacks; SCADA protocols; SCADA systems; Supervisory Control and Data Acquisition; cryptographic attacks; fragmentation attacks; internal attacks; malicious attacks; replay attacks; security measures; Computer crime; Cryptography; Floods; IP networks; Protocols; SCADA systems; SCADA; industrial security; test-beds;
Conference_Titel :
Communications and Information Technology (ICCIT), 2013 Third International Conference on
Conference_Location :
Beirut
Print_ISBN :
978-1-4673-5306-9
DOI :
10.1109/ICCITechnology.2013.6579516
