Abstract
Industrial Control Systems (ICS) play a very important role in national critical infrastructures. However, the growing interaction between the modern ICS and the Internet has made ICS more vulnerable to cyber attacks. In order to protect ICS from malicious attacks, intrusion detection technology emerges. By analyzing the network meta data or the industrial process data, Intrusion Detection Systems (IDS) can identify attacks that violate communication protocols or system specifications. However, the existing intrusion detection technology is not omnipotent, which opens up a back door for some more advanced attacks. In this work, we design an enhanced multi-stage semantic attack against ICS, which is undetectable by existing IDS. By hijacking the communication channels between the Human Machine Interface (HMI) and the remote Programmable Logic Controllers (PLCs), the attacker can manipulate the measurement data and control instructions simultaneously. The fake measurement data deceives the human operator into making wrong decisions. Furthermore, the attacker can strategically manipulate the semantic meaning of control instructions according to system state transition rules. In the meanwhile, a fake view of measurement data is presented to the HMI to conceal the on-going malicious attack. This attack is totally stealthy since the message sizes and timing, the command sequences, and the system state values are all legitimate. Consequently, this attack can secretly bring the system into critical states. Experimental results have verified the strong attack ability of the proposed attack.
Highlights
Nowadays, Industrial control systems (ICS) [1] play a quite important role in a variety of industrial processes, such as manufacturing, public facilities, power generation and distribution [2]–[4], chemical processing [5], water treatment [6], oil and gas transportation [7], or large-scale communication [8]
We design an enhanced and strategic multi-stage semantic attack against ICS, which relies on the system state transition rules to precisely decide which control instructions to reverse
ATTACK STRATEGY With the definition of system states and state transition rules, we describe the strategy of the enhanced multi-stage semantic attack against ICS
Summary
Industrial control systems (ICS) [1] play a quite important role in a variety of industrial processes, such as manufacturing, public facilities (e.g., buildings and airports), power generation and distribution [2]–[4], chemical processing [5], water treatment [6], oil and gas transportation [7], or large-scale communication [8]. Kleinmann et al [17] have proposed a multi-stage semantic attack against ICS. This attacker can drive the target system to a critical state by reversing the semantic meaning of control instructions and presenting a fake view of measurement data to the system operator at the same time. We design an enhanced and strategic multi-stage semantic attack against ICS, which relies on the system state transition rules to precisely decide which control instructions to reverse. We design an enhanced multi-stage semantic attack against ICS.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
