Proceedings 2017 Network and Distributed System Security Symposium 2017
DOI: 10.14722/ndss.2017.23149
|View full text |Cite
|
Sign up to set email alerts
|

Internet-scale Probing of CPS: Inference, Characterization and Orchestration Analysis

Abstract: Although the security of Cyber-Physical Systems (CPS) has been recently receiving significant attention from the research community, undoubtedly, there still exists a substantial lack of a comprehensive and a holistic understanding of attackers' malicious strategies, aims and intentions. To this end, this paper uniquely exploits passive monitoring and analysis of a newly deployed network telescope IP address space in a first attempt ever to build broad notions of real CPS maliciousness. Specifically, we approa… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
4
1

Citation Types

0
24
0

Year Published

2017
2017
2020
2020

Publication Types

Select...
4
3
2

Relationship

2
7

Authors

Journals

citations
Cited by 64 publications
(24 citation statements)
references
References 61 publications
0
24
0
Order By: Relevance
“…Devices using these legacy and insecure industrial protocols are often subject to scanning activities [4,17,35]. While standard scanning tools, e.g., zmap [16], not necessarily influence normal operations of industrial devices [8], malicious activities can compromise such unprotected devices.…”
Section: Related Workmentioning
confidence: 99%
“…Devices using these legacy and insecure industrial protocols are often subject to scanning activities [4,17,35]. While standard scanning tools, e.g., zmap [16], not necessarily influence normal operations of industrial devices [8], malicious activities can compromise such unprotected devices.…”
Section: Related Workmentioning
confidence: 99%
“…More in general, projects such as Shodan's ICS radar 3 provide insights on the non-trivial amount of industrial control systems and PLCs directly exposed to the Internet. As shown by [15], a significant amount of probing activities targeted at cyberphysical systems is happening in the wild, both for research and for nefarious purposes.…”
Section: The Network Attack Surfacementioning
confidence: 99%
“…For instance, in Rossow, the author evaluated UDP‐based network protocols if they are vulnerable to amplification attacks and proposed a method based on darknet monitoring to detect them. In Fachkha et al, the authors proposed a formal probabilistic model that aims at analyzing activities targeting Cyber‐Physical System (CPS) protocols. In Bou‐Harb et al, the authors passively monitored close to 16.5 million darknet IP addresses from a /8 and a /13 network telescopes.…”
Section: Background and Related Workmentioning
confidence: 99%