Visible to the public Host-Oriented Approach to Cyber Security for the SCADA Systems

TitleHost-Oriented Approach to Cyber Security for the SCADA Systems
Publication TypeConference Paper
Year of Publication2020
AuthorsLee, Jae-Myeong, Hong, Sugwon
Conference Name2020 6th IEEE Congress on Information Science and Technology (CiSt)
KeywordsCode injection, compositionality, Computer crime, Computers, cyber security, DLL injection, fileless malware, Human Behavior, human factors, machine learning, Malware, process control, pubcrawl, resilience, Resiliency, SCADA, SCADA System Security, SCADA systems, SCADA Systems Security, SCADA/ICS, System software
AbstractRecent cyberattacks targeting Supervisory Control and Data Acquisition (SCADA)/Industrial Control System(ICS) exploit weaknesses of host system software environment and take over the control of host processes in the host of the station network. We analyze the attack path of these attacks, which features how the attack hijacks the host in the network and compromises the operations of field device controllers. The paper proposes a host-based protection method, which can prevent malware penetration into the process memory by code injection attacks. The method consists of two protection schemes. One is to prevent file-based code injection such as DLL injection. The other is to prevent fileless code injection. The method traces changes in memory regions and determine whether the newly allocated memory is written with malicious codes. For this method, we show how a machine learning method can be adopted.
DOI10.1109/CiSt49399.2021.9357299
Citation Keylee_host-oriented_2020