Abstract
Since the Modbus RTU wired communication protocol of Siemens variable frequency motors is unstable and lacks a protection mechanism, there is a risk of user information leakage. Aiming at the problems of insufficient flexibility of traditional defense methods and poor defense effects, The present work proposed a new dual detection method based on MODBUS RTU, which combines the dual monitoring mechanism of “Address Resolution Protocol (ARP) request detection” and “ARP response detection”. In order to improve detection efficiency, two real-time updated linear tables are introduced, which can effectively deal with the three ARP spoofing methods of updating the ARP buffer. Based on the analysis of the hidden dangers of the Modbus RTU wired communication protocol, a wired connection between the S7-1200 PLC and the variable frequency motor was established, and a real experimental platform was constructed to demonstrate the attack. The intensity of ARP attacks has gradually increased over time. Through comparative experiments with traditional defense methods, it is proved that the algorithm enhances the protocol mechanism in principle, and is more flexible and reliable than traditional methods.
Highlights
As an important part of the national economy, the application of motor involves every link of modern industrial production and every aspect of daily life
This paper focuses on Address Resolution Protocol (ARP) attack, because this attack will lead to the leakage of communication information of the motor, and the attacker can do malicious damage to stolen data [8] [9]
There are many traditional methods to defend against ARP spoofing, such as setting up an ARP firewall, binding the correct Internet Protocol (IP) and Media Access Contro (MAC) mapping, and automatically identifying ARP scanning and spoofing behaviors existing in the local area network according to the characteristics of network packets, which protects the security of the host to a certain extent and has the advantage of active defense, but it means that the ARP firewall needs to continuously transmit ARP correct data packets to the outside, thereby increasing the burden on the network
Summary
As an important part of the national economy, the application of motor involves every link of modern industrial production and every aspect of daily life. This complex environment usually leads to locked-rotor, voltage instability and lack of equivalence problems in the motor [1]. In order to improve detection efficiency, two real-time updated linear tables are introduced, which can effectively deal with the three ARP spoofing methods of updating the ARP buffer. Experimental results show that the algorithm can resist high-intensity attacks and is more flexible and reliable than traditional defense methods
Sign-in/Register to view highlights & summary 
Published Version (
Free)
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call