Implementing attacks for modbus/TCP protocol in a real-time cyber physical system test bed

Chen, Bo; Pattanaik, Nishant; Goulart, Ana; Butler‐Purry, Karen L.; Kundur, Deepa

doi:10.1109/cqr.2015.7129084

Cited by 81 publications

(39 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Figure 15 depicts the total number of failed requests per second during the same experiments. We varied the response timeout (20,25,30,35,40,45,50,55, and 60 ms) and the number of child processes (1, 2, 3, 5, 7, and 9 child processes). For these experiments, we set the delay between requests in 0 ms to get the maximum possible numbers of requests successfully processed per second.…”

Section: Results For the Esp8266mentioning

confidence: 99%

“…The communication between devices was done through WiFi, with the same wireless router of the previous experiment (NETGEAR N300 model WNR2020v2). Figure 16 shows the obtained results, with three attackers, a delay between requests of 0 s for both the legal querier and attackers, a flooding period of 20 s for the attackers, a response timeout of 500 ms for the attackers, and different values of the response timeout for the legal querier (20,40, and 60 ms, as the gray, orange, and blue curves, respectively). The attackers were activated at 4, 8, and 12 s. Since the flooding period of the attackers was 20 s, they ended their attack at times 24, 28, and 32 s, respectively.…”

Section: Results For the Esp8266mentioning

confidence: 99%

“…In the area of security for Modbus TCP, the authors of [19] used Snort [36], a well-known network intrusion detection and prevention system, to detect a flooding attack. Chen, Pattanaik, Goulart, Butler-Purry, and Kundur [20] studied a Man-in-the-Middle (MITM) attack and a DoS attack over the Modbus TCP protocol. To do so, they developed a testbed with a real-time power system simulator and a communication system simulator.…”

mentioning

confidence: 99%

See 2 more Smart Citations

Performance Evaluation of Modbus TCP in Normal Operation and Under A Distributed Denial of Service Attack

Gamess¹,

Smith²,

Francia³

2020

IJCNC

View full text Add to dashboard Cite

Modbus is the de facto standard communication protocol for the industrial world. It was initially designed to be used in serial communications (Modbus RTU/ASCII). However, not long ago, it was adapted to TCP due to the increasing popularity of the TCP/IP stack. Since it was originally designed for controlled serial lines, Modbus does not have any security features. In this paper, we wrote several benchmarks to evaluate the performance of networking devices that run Modbus TCP. Parameters reported by our benchmarks include: (1) response time for Modbus requests, (2) maximum number of requests successfully handled by Modbus devices in a specific amount of time, and (3) monitoring of Modbus devices when suffering a Distributed Denial of Service attack. Due to the growing adoption of IoT technologies, we also selected two widely known and inexpensive development boards (ESP8266 and Raspberry Pi 3 B+/OpenPLC) to realize a performance evaluation of Modbus TCP.

show abstract

Section: Results For the Esp8266mentioning

confidence: 99%

Section: Results For the Esp8266mentioning

confidence: 99%

mentioning

confidence: 99%

See 1 more Smart Citation

Performance Evaluation of Modbus TCP in Normal Operation and Under A Distributed Denial of Service Attack

Gamess¹,

Smith²,

Francia³

2020

IJCNC

View full text Add to dashboard Cite

show abstract

“…When the three attackers were active (from 12 to 24 s), Figure 16 shows that the DDoS attack had a devastating effect over the legal traffic, especially for a response timeout of 20 ms (gray curve), since the legal querier was almost not able to poll the EMS8266. Figure 17 shows the obtained results, with four attackers, a delay between requests of 0 s for both the legal querier and attackers, a flooding period of 24 s for the attackers, a response timeout of 500 ms for the attackers, and different values of the response timeout for the legal querier (20,40, and 60 ms, as the gray, orange, and blue curves, respectively). The attackers were activated at 4, 8, 12, and 16 s.…”

Section: Results For the Esp8266mentioning

confidence: 99%

Untitled

2020

IJCNC

View full text Add to dashboard Cite

show abstract

“…Even when the asset communicates via an on-premise gateway, provided by the aggregator and which is tightly locked down, communications between the asset and gateway are typically performed over simple, unencrypted protocols. It is trivial to inject false Modbus TCP messages [1], or use an off-the-shelf emulator to simulate a malicious asset entirely, complete with a full audit trail of plausible data. This error is unlikely to be caught unless significant discrepancies exist between the site's metered electricity usage and the logs submitted as evidence of FR participation.…”

Section: :00mentioning

confidence: 99%

Adversarial Machine Learning in Smart Energy Systems

Bor

Marnerides

Molineux³

et al. 2019

Proceedings of the Tenth ACM International Conference on Future Energy Systems

View full text Add to dashboard Cite

Smart Energy Systems represent a radical shift in the approach to energy generation and demand, driven by decentralisation of the energy system to large numbers of low-capacity devices. Managing this flexibility is often driven by machine learning, and requires real-time control and aggregation of these devices, involving a diverse set of companies and devices and creating a longer chain of trust. This poses a security risk, as it is sensitive to adversarial machine learning, whereby models are fooled through malicious input, either for financial gain or to cause system disruption. We show the feasibility of such an attack by analysing empirical data of a real system, and propose directions for future research related to detection and defence mechanisms for these kind of attacks.

show abstract

Implementing attacks for modbus/TCP protocol in a real-time cyber physical system test bed

Cited by 81 publications

References 18 publications

Performance Evaluation of Modbus TCP in Normal Operation and Under A Distributed Denial of Service Attack

Performance Evaluation of Modbus TCP in Normal Operation and Under A Distributed Denial of Service Attack

Untitled

Adversarial Machine Learning in Smart Energy Systems

Contact Info

Product

Resources

About