| Title | Host-Oriented Approach to Cyber Security for the SCADA Systems |
| Publication Type | Conference Paper |
| Year of Publication | 2020 |
| Authors | Lee, Jae-Myeong, Hong, Sugwon |
| Conference Name | 2020 6th IEEE Congress on Information Science and Technology (CiSt) |
| Keywords | Code injection, compositionality, Computer crime, Computers, cyber security, DLL injection, fileless malware, Human Behavior, human factors, machine learning, Malware, process control, pubcrawl, resilience, Resiliency, SCADA, SCADA System Security, SCADA systems, SCADA Systems Security, SCADA/ICS, System software |
| Abstract | Recent cyberattacks targeting Supervisory Control and Data Acquisition (SCADA)/Industrial Control System(ICS) exploit weaknesses of host system software environment and take over the control of host processes in the host of the station network. We analyze the attack path of these attacks, which features how the attack hijacks the host in the network and compromises the operations of field device controllers. The paper proposes a host-based protection method, which can prevent malware penetration into the process memory by code injection attacks. The method consists of two protection schemes. One is to prevent file-based code injection such as DLL injection. The other is to prevent fileless code injection. The method traces changes in memory regions and determine whether the newly allocated memory is written with malicious codes. For this method, we show how a machine learning method can be adopted. |
| DOI | 10.1109/CiSt49399.2021.9357299 |
| Citation Key | lee_host-oriented_2020 |
Host-Oriented Approach to Cyber Security for the SCADA Systems