For Publishers
DiscoveryMetadataPeer reviewHostingPublishing
For Researchers
JoinPublishReviewCollect
Register
Blog
About
Search
Advanced search
My ScienceOpen
Search
For Publishers
For Researchers
Blog
About
1,356
views
8
references
 Top references
cited by
0
    
0 reviews
 Review
0
comments
 Comment
0
recommends
+1 Recommend
1 collections
    8
    shares
      174
      similar
       All similar

      Celebrating 65 years of The Computer Journal - free-to-read perspectives - bcs.org/tcj65

      scite_
       
      • Record: found
      • Abstract: found
      • Conference Proceedings: found
      Is Open Access

      Insecure by Design: Using Human Interface Devices to exploit SCADA systems

      Published
      proceedings-article
      Author(s): , ,
      Publication date (Print):
      Conference name: 3rd International Symposium for ICS & SCADA Cyber Security Research 2015 (ICS-CSR 2015) (ICS-CSR)
      Conference theme: Industrial Control System & SCADA Cyber Security Research (ICS-CSR)
      Conference date: 17 - 18 September 2015
      Keywords: SCADA, cyber security, HID
      Bookmark

            Abstract

            Modern Supervisory Control and Data Acquisition (SCADA) systems which are used by the electric utility industry to monitor and control electric power generation, transmission and distribution, are recognized today as critical components of the electric power delivery infrastructure. SCADA systems are large, complex and incorporate increasingly large numbers of widely distributed components. Cyber-attacks usually target valuable infrastructures assets, taking advantage of architectural/technical vulnerabilities or even weaknesses in the defense systems. Even though novel intrusion detection systems are being implemented and used for defending cyber-attacks certain vulnerabilities of SCADA systems can still be exploited. In this article we present an attack scenario based on a Human Interface Device (HID) device which is used as a means of communication/exploitation tool to compromise SCADA systems. The attack, which is a normal series of commands that are sent from the HID to the PLC cannot be detected through current intrusion detection mechanisms.

            Content

            Author and article information

            Contributors
            Grigoris Tzokatziou
            Leandros Maglaras
            Helge Janicke
            Conference
            Publication date: September 2015
            Publication date (Print): September 2015
            Pages: 103-106
            Affiliations
            [0001]School of Computer Science and Informatics

            De Montfort University, Leicester, UK
            Article
            DOI: 10.14236/ewic/ICS2015.13
            SO-VID: 725203ff-8d91-4a27-8e58-394f9e80fc00
            Copyright © © Tzokatziou et al. Published by BCS Learning & Development Ltd. Proceedings of the 3 rd International Symposium for ICS & SCADA Cyber Security Research 2015
            License:

            This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

            Conference name: 3rd International Symposium for ICS & SCADA Cyber Security Research 2015 (ICS-CSR 2015)
            Conference acronym: ICS-CSR
            Conference number: 3
            Conference location: Germany
            Conference date: 17 - 18 September 2015
            Conference sponsor: Electronic Workshops in Computing (eWiC)
            Conference theme: Industrial Control System & SCADA Cyber Security Research (ICS-CSR)
            History
            Product

            1477-9358 BCS Learning & Development

            Self URI (article page): https://www.scienceopen.com/hosted-document?doi=10.14236/ewic/ICS2015.13
            Self URI (journal page): https://ewic.bcs.org/
            Categories
            Series title: Electronic Workshops in Computing

            ScienceOpen disciplines: Applied computer science,Computer science,Security & Cryptology,Graphics & Multimedia design,General computer science,Human-computer-interaction
            Keywords: cyber security,SCADA,HID

            References

            1. 2006 Security issues in SCADA networks Comput. Secur 25 7 498 506

            2. 2015 Cyber warfare: Issues and challenges Comput. Secur 49 70 94

            3. 2008 SCADA malware: A proof of concept Third International Workshop on Critical Information Infrastructure Security Berlin, Germany Springer

            4. 2013 Oct 18 US Researchers find 25 security vulnerabilities in SCADA systems ComputerWeekly.com. Available from http://www.computerweekly.com/news/2240207488/ USresearchers-find-25-security-vulnerabilities-inSCADA-systems

            5. 2014 Integrated OCSVM Mechanism for intrusion detection in SCADA systems Electron. Lett 50 25 1935 1936

            6. 2014 A distributed IDS for industrial control systems Int. J. Cyber Warfare and Terrorism (IJCWT) 4 2 1 22

            7. 2013 RepCIDN: A reputation-based collaborative intrusion detection network to lessen the impact of malicious alarms J. Netw. Syst. 730 Manage, 21 1 128 167

            8. 2011 Plug and prey: Malicious USB devices Available from http://www.irongeek. com/downloads/Malicious%20USB%20Devices.pdf

            9. 2010 Smart-grid security issues IEEE Security & Privacy 8 1 81 85

            Comments

            Comment on this article