An experimental investigation of malware attacks on SCADA systems

International Journal of Critical Infrastructure Protection

Volumn 2, Issue 4, 2009, Pages 139-145

  Nai Fovino, Igor ^a   Carcano, Andrea ^a   Masera, Marcelo ^a   Trombetta, Alberto ^b  

^a JOINT RESEARCH CENTRE   (Italy)

^b UNIVERSITY OF INSUBRIA   (Italy)

Author keywords

Attacks; Critical Infrastructures; Malware; SCADA Systems

Indexed keywords

ARCHITECTURAL WEAKNESS; COMMUNICATION PROTOCOLS; COMPUTER MALWARE; CRITICAL INFRASTRUCTURE; CRITICAL INFRASTRUCTURES; DAMAGING EFFECTS; EXPERIMENTAL INVESTIGATIONS; INDUSTRIAL PROCESSS; INFORMATION AND COMMUNICATIONS TECHNOLOGY; MALWARE ATTACKS; MALWARES; SUPERVISORY CONTROL AND DATA ACQUISITION SYSTEMS;

COMMUNICATION; COMPUTER CRIME; INFORMATION TECHNOLOGY; PUBLIC WORKS;

SCADA SYSTEMS;

EID: 71649109185     PISSN: 18745482     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.ijcip.2009.10.001     Document Type: Article

References (35)

1. Dondossola G., Szanto J., Masera M., and Nai Fovino I. Effects of intentional threats to power substation control systems. International Journal of Critical Infrastructures 4 1/2 (2008) 129-143
2. Huitsing P., Chandia R., Papa M., and Shenoi S. Attack taxonomies for the Modbus protocols. International Journal of Critical Infrastructure Protection 1 (2008) 37-44
3. Masera M., Nai Fovino I., and Leszczyna R. Security assessment of a turbo-gas power plant. In: Papa M., and Shenoi S. (Eds). Critical Infrastructure Protection II (2008), Springer, Boston, Massachusetts 31-40
4. Igure V., Laughter S., and Williams R. Security issues in SCADA networks. Computers and Security 25 7 (2006) 498-506
5. Creery A., and Byres E. Industrial cybersecurity for a power system and SCADA networks-Be secure. IEEE Industry Applications 13 4 (2007) 49-55
6. Chandia R., Gonzalez J., Kilpatrick T., Papa M., and Shenoi S. Security strategies for SCADA networks. In: Goetz E., and Shenoi S. (Eds). Critical Infrastructure Protection (2007), Springer, Boston, Massachusetts 117-131
7. M. Majdalawieh, F. Parisi-Presicce, D. Wijesekera, DNPSec, Distributed Network Protocol Version 3 security framework, in: Twenty-First Annual Computer Security Applications Conference, Technology Blitz Session, 2005
8. J. Heo, C. Hong, S. Ju, Y. Lim, B. Lee, D. Hyun, A security mechanism for automation control in PLC-based networks, in: Proceedings of the IEEE International Symposium on Power Line Communications and its Applications, 2007, pp. 466-470
9. T. Mander, F. Nabhani, L. Wang, R. Cheung, Data object based security for DNP3 over TCP/IP for increased utility of commercial aspects of security, in: Proceedings of the IEEE Power Engineering Society General Meeting, 2007, pp. 1-8
10. Gordon S. Are good virus simulators still a bad idea?. Network Security 9 (1996) 7-13
11. Hirst J. Virus Simulation Suite (1990), British Computer Virus Research Centre, Brighton, United Kingdom
12. T. Faistenhammer, M. Klock, K. Klotz, T. Kruger, P. Reinisch, J. Wagner, Virlab 2.1, Geltendorf, Germany kklotz.de/html/virlab.html
13. Rosenthal Engineering, Rosenthal Virus Simulator, San Luis Obispo, California, 1997
14. D. Ellis, Worm anatomy and model, in: Proceedings of the ACM workshop on Rapid Malcode, 2003, pp. 42-50
15. M. Sharif, G. Riley, W. Lee, Comparative study between analytical models and packet-level worm simulations, in: Proceedings of the Nineteenth Workshop on Principles of Advanced and Distributed Simulation, 2005, pp. 88-98
16. Symantec. Symantec Worm Simulator (2005), Cuppertino, California
17. C. Zou, W. Gong, D. Towsley, Worm propagation modeling and analysis under dynamic quarantine defense, in: Proceedings of the ACM Workshop on Rapid Malcode, 2003, pp. 51-60
18. M. Liljenstam, D. Nicol, V. Berk, R. Gray, Simulating realistic network worm traffic for worm warning system design and testing, in: Proceedings of the ACM Workshop on Rapid Malcode, 2003, pp. 24-33
19. M. Liljenstam, Y. Yuan, B. Premore, D. Nicol, A mixed abstraction level simulation model of large-scale Internet worm infestations, in: Proceedings of the Tenth IEEE International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunications Systems, 2002, p. 109
20. A. Wagner, T. Dubendorfer, B. Plattner, R. Hiestand, Experiences with worm propagation simulations, in: Proceedings of the ACM Workshop on Rapid Malcode, 2003, pp. 34-41
21. D. Moore, C. Shannon, G. Voelker, S. Savage, Internet quarantine: Requirements for containing self-propagating code, in: Proceedings of the Twenty-Second Annual Joint Conference of the IEEE Computer and Communications Societies, vol. 3, 2003, pp. 1901-1910
22. K. Perumalla, S. Sundaragopalan, High-fidelity modeling of computer network worms, in: Proceedings of the Twentieth Annual Computer Security Applications Conference, 2004, pp. 126-135
23. S. Wei, J. Mirkovic, A realistic simulation of Internet-scale events, in: Proceedings of the First International Conference on Performance Evaluation Methodolgies and Tools, article no. 28, 2006
24. S. Wei, J. Mirkovic, M. Swany, Distributed worm simulation with a realistic Internet model, in: Proceedings of the Nineteenth Workshop on Principles of Advanced and Distributed Simulation, 2005, pp. 71-79
25. Willems C., Holz T., and Freiling F. Toward automated dynamic malware analysis using CWSandbox. IEEE Security and Privacy 5 2 (2007) 32-39
26. Norman, Norman SandBox, Lysaker, Norway www.norman.com/technology/norman_sandbox
27. U. Bayer, C. Kruegel, E. Kirda, TTAnalyze: A tool for analyzing malware, in: Proceedings of the Fifteenth Conference of the European Institute for Antivirus Research, 2006, pp. 180-192
28. F. Bellard, QEMU: A fast and portable dynamic translator, in: Proceedings of the USENIX Annual Technical Conference, 2005, pp. 41-46
29. R. Leszczyna, I. Nai Fovino, M. Masera, MAlSim: Mobile agent malware simulator, in: Proceedings of the First International Conference on Simulation Tools and Techniques for Communications, Networks and Systems, 2008
30. Leszczyna R., Nai Fovino I., and Masera M. Simulating malware with MAlSim. Computer Virology, EICAR 2008 Extended Version (2008)
31. Modbus IDA, Modbus Application Protocol Specification v1.1a, North Grafton, Massachusetts www.modbus.org/specs.php, 2004
32. Modbus IDA, MODBUS Messaging on TCP/IP Implementation Guide v1.0a, North Grafton, Massachusetts www.modbus.org/specs.php, 2004
33. Chess D., Grosof B., Harrison C., Levine D., Parris C., and Tsudik G. Itinerant agents for mobile computing. IEEE Personal Communications 2 5 (1995) 34-49
34. Telecom Italia, Java Agent Development (JADE) Framework, Rome, Italy jade.tilab.com
35. Foundation for Intelligent Physical Agents, FIPA Specifications fipa.org/specifications/index.html