Network Anomaly Detection for M-Connected SCADA Networks

Kim, Si-Jung; Kim, Bong-Han; Yeo, Sang-Soo; Cho, Do-Eun

doi:10.1109/bwcca.2013.61

Cited by 5 publications

(11 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A number of researches have been made to secure SCADA systems and their communications, and most of them are based on end-to-end security mechanisms, dependent on open security protocols such as, SSL/TLS, IPSec, and SSH, through the installation of security software such as firewalls, DMZs, intrusion detection and prevention mechanism and others [ 11 , 31 , 39 , 40 , 41 , 42 , 43 , 44 , 45 , 46 , 47 , 48 , 49 ]. A limited amount of literature has also described the trends in SCADA cellular communication security, but most of mentioned as proposed works, or developments in the initial stages [ 13 , 39 , 50 ].…”

Section: Related Workmentioning

confidence: 99%

A New Cellular Architecture for Information Retrieval from Sensor Networks through Embedded Service and Security Protocols

Shahzad

Landry

Lee

et al. 2016

Sensors

View full text Add to dashboard Cite

Substantial changes have occurred in the Information Technology (IT) sectors and with these changes, the demand for remote access to field sensor information has increased. This allows visualization, monitoring, and control through various electronic devices, such as laptops, tablets, i-Pads, PCs, and cellular phones. The smart phone is considered as a more reliable, faster and efficient device to access and monitor industrial systems and their corresponding information interfaces anywhere and anytime. This study describes the deployment of a protocol whereby industrial system information can be securely accessed by cellular phones via a Supervisory Control And Data Acquisition (SCADA) server. To achieve the study goals, proprietary protocol interconnectivity with non-proprietary protocols and the usage of interconnectivity services are considered in detail. They support the visualization of the SCADA system information, and the related operations through smart phones. The intelligent sensors are configured and designated to process real information via cellular phones by employing information exchange services between the proprietary protocol and non-proprietary protocols. SCADA cellular access raises the issue of security flaws. For these challenges, a cryptography-based security method is considered and deployed, and it could be considered as a part of a proprietary protocol. Subsequently, transmission flows from the smart phones through a cellular network.

show abstract

Section: Related Workmentioning

confidence: 99%

A New Cellular Architecture for Information Retrieval from Sensor Networks through Embedded Service and Security Protocols

Shahzad

Landry

Lee

et al. 2016

Sensors

View full text Add to dashboard Cite

show abstract

“…In addition, security vulnerabilities appear after general-purpose hardware and software begin to be used. An m-connected SCADA network that operates within both open platforms and closed platforms shows serious weak points [3].…”

Section: Security Of M-connected Scada Networkmentioning

confidence: 99%

“…Recently, APT attacks, using very intelligent, viable, and malicious codes such as Duqu, Flame, and Gauss, which are variants of Stuxnet, occurred on SCADA networks. In addition, the appearance of the malicious code Flamer (W32.Flamer), which targets national infrastructures and can leak information after an attack, has increased concerns regarding information security [1][2][3]. Similarly, new attack methods, such as the polymorphism attack that occurs, namely, through the server from where other attackers automatically generate mutagenic malicious code that was obtained from the attacker's website, have appeared and constantly take place, along with high-skilled targeted attacks, including APT attacks.…”

Section: Scada Network Security Invasionsmentioning

confidence: 99%

“…m-Connected SCADA Network. As we explained above, even a closed SCADA network can be momentary online status which is defined as "m-connected" status, and such temporary pseudoconnections are made by portable mediums such as external flash memory, floppy disks, and CD-ROMs which are used to perform maintenance tasks including patching, upgrades, and migration [3]. So "m-connected SCADA network" is a closed, isolated, and private SCADA network which has, however, similar levels of vulnerabilities to open online SCADA networks in a long-term observation.…”

Section: Scada Network Security Invasionsmentioning

confidence: 99%

“…The SCADA system which was then allowed to operate in a closed private network disconnected from the Internet for not being a victim to cyber danger now strongly requires various types of external connections along with remote maintenance and usage of mobile storage mediums such as USB flash memory. Such an environmental change means that the securities of the SCADA system, which are rooted in the characteristics of closed networks, can no longer be maintained [3]. Our proposed m-connected SCADA network is defined in this paper in order to analyze the weak points that can take place while closed SCADA jobs are performed and to present a security model against advanced persistent threat (APT) attacks.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Secure Model against APT in m-Connected SCADA Network

Kim

Cho

Yeo

2014

International Journal of Distributed Sensor Networks

Self Cite

View full text Add to dashboard Cite

Supervisory control and data acquisition (SCADA) networks for the remote control and operation of various industrial infrastructures are currently being used as main metropolitan infrastructures, especially smart grid and power plants. Most of the existing SCADA networks have fortified securities because of their powerful access control based on closed and private networks. However, recent SCADA networks are frequently connected to various IT-based systems and also to other conventional networks, in order to achieve the operational convenience of SCADA systems, as well as the execution requirements of various applications. Therefore, SCADA systems have acute needs for secure countermeasures against the ordinary network vulnerabilities and for tangible preparations against ever-changing intrusion attacks such as advanced persistent threat (APT). This paper introduces the concept of m-connected SCADA networks, analyzes various security vulnerabilities on such networks, and finally proposes an integrated secure model having an APT managing module and a rule-based intrusion detection system (IDS) for internal and external network access.

show abstract

A Survey of Security in SCADA Networks: Current Issues and Future Challenges

2019

View full text Add to dashboard Cite

Supervisory Control and Data Acquisition (SCADA) systems are used for monitoring industrial devices. However, their security faces the threat of being compromised due to the increasing use of open access networks. The primary objective of this survey paper is to provide a comparative study of the on-going security research in SCADA systems. The paper provides a classification of attacks based on security requirements and network protocol layers. To secure the communication between nodes of SCADA networks, various security standards have been developed by different organizations. We conduct a study of the security standards developed for SCADA networks along with their vulnerabilities. Researchers have proposed various security schemes to overcome the weaknesses of SCADA standards. The paper organizes security schemes based on current standards, detection, and prevention of attacks. It also addresses the future challenges that SCADA networks may face, in particular, from quantum attacks. Furthermore, it outlines directions for further research in the field.INDEX TERMS Asymmetric cryptography, intrusion detection system, key management protocol, n-ary tree, symmetric cryptography, SCADA networks.A communication link is shared between the MSU and Remote Station Units. Various types of communication links may be used, such as wired ethernet, WiFi or satellite link.SCADA system architectures have four typical architectural styles [13]:

show abstract

Network Anomaly Detection for M-Connected SCADA Networks

Cited by 5 publications

References 6 publications

A New Cellular Architecture for Information Retrieval from Sensor Networks through Embedded Service and Security Protocols

A New Cellular Architecture for Information Retrieval from Sensor Networks through Embedded Service and Security Protocols

Secure Model against APT in m-Connected SCADA Network

A Survey of Security in SCADA Networks: Current Issues and Future Challenges

Contact Info

Product

Resources

About