Identifying SCADA Systems and Their Vulnerabilities on the Internet of Things: A Text-Mining Approach

Samtani, Sagar; Shuo, Yu; Zhu, Hongyi; Patton, Mark; Matherly, John; Chen, Hsinchun

doi:10.1109/mis.2018.111145022

Cited by 46 publications

(22 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Cuando se precisa analizar el concepto de ciberseguridad, específicamente el que se incluye en el ámbito de la seguridad industrial, se entiende que la información, los sistemas o las instalaciones deben ser protegidos de peligros externos tales como ataques o amenazas que se originen desde medios tecnológicos. De esta manera, el diseño de los programas que estén destinados a mejorar la seguridad deben proveer una confidencialidad adecuada, además del uso de protocolos específicos [9]- [12].…”

Section: Resultsunclassified

“…Después de ello se debe realizar un análisis de la identificación de las amenazas y vulnerabilidades a través de diferentes técnicas y herramientas que han sido expuestas por Shodan, Kali Linux, Network Security Toolkit (NST), Bugtraq y Nessus. Aquí se descubren las diferentes amenazas y vulnerabilidades que se asocian con los activos y con las agrupaciones de los mismos [12], [19]. Es importante solo usar herramientas que no sean intrusivas en el entorno operativo.…”

Section: Testeo Y Auditoríasunclassified

“…Gracias a la base de datos de Shodan es posible acceder a más de 500000 dispositivos de los principales fabricantes de SCADA y evaluar sus vulnerabilidades mediante minería de texto y minería de datos. Se evidencia que miles de estos dispositivos tienen credenciales de fabrica o software desactualizado [12] y a partir de la investigación referida se ha podido concretar que el sistema es bastante endeble. Así mismo, en la investigación realizada por Sevillano y Beltrán [13], se menciona a MAASERISv2.1 (Metodología para el Análisis, Auditoría de seguridad y Evaluación de Riesgo operativo de redes Industriales y sistemas SCADA), que ya se encuentra en su versión 3.0, pero de la cual existe poca información pública debido a que es propiedad de Logitek.…”

Section: Introductionunclassified

See 2 more Smart Citations

Propuesta metodológica para la auditoría de ciberseguridad aplicada a un sistema SCADA

Valero

2020

Ing.USBMed

View full text Add to dashboard Cite

La información que posee una empresa se considera en la actualidad uno de los factores más importantes, corresponde a la columna dorsal de su competitividad por lo que el uso de sistemas de automatización que permitan la Supervisión, Control y Adquisición de Datos (SCADA, del inglés Supervisory Control And Data Acquisition) son necesarios. Las organizaciones emplean este tipo de sistemas para mejorar no solo la eficiencia y eficacia en los procesos, sino que adicionalmente para cuidar su seguridad industrial, denotando que con la competitividad acrecentada también se presentan de manera consecuente riesgos que ponen en peligro el actuar de la organización. Dada esta situación, el presente documento pretende de manera generalizada exponer una metodología para guiar el proceso de inspección, con el objetivo de mitigar el riesgo en el área operativa de la organización, reconociendo que su área administrativa cuenta en la actualidad con un significativo número de programas y metodologías que la han establecido como segura, en ese contexto el avance investigativo condujo a proponer una metodología de carácter cuantitativo y cualitativo, a partir de técnicas de revisión bibliográfica, evocando principalmente la ocupación de ecuaciones de búsqueda.

show abstract

Section: Resultsunclassified

Section: Testeo Y Auditoríasunclassified

Section: Introductionunclassified

See 1 more Smart Citation

Propuesta metodológica para la auditoría de ciberseguridad aplicada a un sistema SCADA

Valero

2020

Ing.USBMed

View full text Add to dashboard Cite

show abstract

“…Despite the significant benefits, this connectivity increases the possibility of security being compromised via malware, buffer overflow, and denial-of-service (DoS) attacks. [5][6][7] The latest reported attacks, such as the Ukraine's power grid attack by the Industroyer malware, which caused 1 h collapse of systems responsible for serving Kiev with electricity; 8 Dyn cyberattack, 9 involving distributed denial-of-service (DDoS) attacks targeting systems operated by the domain name system (DNS) provider Dyn; the Jeep Cherokee Hack, 10 where hackers were able to remotely control the brakes and steering of the vehicle; and Triton malware used to shut down an industrial process by exploiting weaknesses in industrial control system (ICS) are proof that the IIoT devices need a robust security to avoid any security issue. Nonauthorized access into IIoT networks can lead to a loss in brand loyalty, reputation, revenue, or market share, and more depending on the nature and severity of the attack.…”

Section: Introductionmentioning

confidence: 99%

Security standard compliance and continuous verification for Industrial Internet of Things

Bicaku

Tauber

Delsing

2020

International Journal of Distributed Sensor Networks

View full text Add to dashboard Cite

Due to globalization and digitalization of industrial systems, standard compliance is gaining more attention. In order to stay competitive and remain in business, different sectors within industry are required to comply with multiple regulations. Compliance aims to fulfill regulations by including all measures imposed by laws and standards. Every device, application, or service implements several technologies at many levels, and standards support interoperability across them. They help to create global markets for industries and enable networked development in order to be successful and sustainable. This work highlights the importance of standard compliance and continuous verification in industrial Internet of Things and implements an automatic monitoring and standard compliance verification framework. In this work, we focus on security, safety, and organizational aspects of industrial Internet of Things. We identify a number of standards and best practice guidelines, which are used to extract security, safety, and organizational measurable indicator points. In addition, a metric model is provided that forms the basis for the necessary information needed for compliance verification, including requirements, standards, and metrics. Also, we present the prototype of the monitoring and standard compliance verification framework used to show the security compliance of an industrial Internet of Things use case.

show abstract

“…From an embedded architecture point-of-view, a major reason for this is the need for varying levels of security, cannot be defined generically due to being highly dependent on the deployment scenario which could be based on consumer, transport, medical and industrial control applications. As a consequence, devices have been found vulnerable, with the same flaws affecting different use cases, leading to attacks affecting privacy, device integrity, and risking loss of sensitive information [4], [5].…”

Section: Introductionmentioning

confidence: 99%

Policy-Based Security Modelling and Enforcement Approach for Emerging Embedded Architectures

Hagan

Siddiqui

Sezer

2018

2018 31st IEEE International System-on-Chip Conference (SOCC)

View full text Add to dashboard Cite

Complex embedded systems often contain hard to find vulnerabilities which, when exploited, have potential to cause severe damage to the operating environment and the user. Given that threats and vulnerabilities can exist within any layer of the complex ecosystem , OEMs face a major challenge to ensure security throughout the device life-cycle To lower the potential risk and damage that vulnerabilities may cause, OEMs typically perform application threat analysis and security modelling. This process typically provides a high level guideline to solving security problems which can then be implemented during design and development. However, this concept presents issues where new threats or unknown vulnerability has been discovered. To address this issue, we propose a policy-based security modelling approach, which utilises a configurable policy engine to apply new policies that counter serious threats. By utilising this approach, the traditional security modelling approaches can be enhanced and the consequences of a new threat greatly reduced. We present a realistic use case of connected car, applying several attack scenarios. By utilising STRIDE threat modelling and DREAD risk assessment model, adequate policies are derived to protect the car assets. This approach poses advantages over the standard approach, allowing a policy update to counter a new threat, which may have otherwise required a product redesign to alleviate the issue under the traditional approach.

show abstract

Identifying SCADA Systems and Their Vulnerabilities on the Internet of Things: A Text-Mining Approach

Cited by 46 publications

References 8 publications

Propuesta metodológica para la auditoría de ciberseguridad aplicada a un sistema SCADA

Propuesta metodológica para la auditoría de ciberseguridad aplicada a un sistema SCADA

Security standard compliance and continuous verification for Industrial Internet of Things

Policy-Based Security Modelling and Enforcement Approach for Emerging Embedded Architectures

Contact Info

Product

Resources

About