文章基本信息

标题：Exploiting SCADA vulnerabilities using a Human Interface Device
本地全文：下载
作者：Grigoris Tzokatziou ; Helge Janicke ; Leandros A. Maglaras 等
期刊名称：International Journal of Advanced Computer Science and Applications(IJACSA)
印刷版ISSN：2158-107X
电子版ISSN：2156-5570
出版年度：2015
卷号：6
期号：7
DOI：10.14569/IJACSA.2015.060731
出版社：Science and Information Society (SAI)
摘要：SCADA (Supervisory Control and Data Acquisition) systems are used to control and monitor critical national infras-tructure functions like electricity, gas, water and railways. Field devices such as PLC’s (Programmable Logic Controllers) are one of the most critical components of a control system. Cyber-attacks usually target valuable infrastructures assets, taking advantage of architectural/technical vulnerabilities or even weaknesses in the defense systems. Even though novel intrusion detection systems are being implemented and used for defending cyber-attacks, certain vulnerabilities of SCADA systems can still be exploited. In this article we present an attack scenario based on a Human Interface Device (HID) device which is used as a means of communication/exploitation tool to compromise SCADA systems. The attack, which is a normal series of commands that are sent from the HID to the PLC cannot be detected through current intrusion detection mechanisms. Finaly we provide possible counter measures and defense mechanisms against this kind of cyber attacks.
关键词：thesai; IJACSA; thesai.org; journal; IJACSA papers; SCADA; Cyber Security; HID; PLC