Visible to the public Deep Security Scanner for Industrial Control Systems

TitleDeep Security Scanner for Industrial Control Systems
Publication TypeConference Paper
Year of Publication2021
AuthorsMahendra, Lagineni, Kumar, R.K. Senthil, Hareesh, Reddi, Bindhumadhava, B.S., Kalluri, Rajesh
Conference NameTENCON 2021 - 2021 IEEE Region 10 Conference (TENCON)
Keywordsdeep packet inspection, Deep Packet Inspection (DPI), industrial control, integrated circuits, Modbus-TCP communication protocol, Oils, passive monitoring, Pervasive Computing Security, Power systems, Protocols, pubcrawl, resilience, Resiliency, Safety, SCADA, SCADA systems, Scalability, security monitoring, white-listing
Abstract

with the continuous growing threat of cyber terrorism, the vulnerability of the industrial control systems (ICS) is the most common subject for security researchers now. Attacks on ICS systems keep increasing and their impact leads to human safety issues, equipment damage, system down, unusual output, loss of visibility and control, and various other catastrophic failures. Many of the industrial control systems are relatively insecure with chronic and pervasive vulnerabilities. Modbus-Tcpis one of the widely used communication protocols in the ICS/ Supervisory control and data acquisition (SCADA) system to transmit signals from instrumentation and control devices to the main controller of the control center. Modbus is a plain text protocol without any built-in security mechanisms, and Modbus is a standard communication protocol, widely used in critical infrastructure applications such as power systems, water, oil & gas, etc.. This paper proposes a passive security solution called Deep-security-scanner (DSS) tailored to Modbus-Tcpcommunication based Industrial control system (ICS). DSS solution detects attacks on Modbus-TcpIcs networks in a passive manner without disturbing the availability requirements of the system.

DOI10.1109/TENCON54134.2021.9707347
Citation Keymahendra_deep_2021