Real-time and interactive attacks on DNP3 critical infrastructure using Scapy
Contribuinte(s) |
Welch, Ian Yi, Xun |
---|---|
Data(s) |
27/01/2015
|
Resumo |
The Distributed Network Protocol v3.0 (DNP3) is one of the most widely used protocols, to control national infrastructure. Widely used interactive packet manipulation tools, such as Scapy, have not yet been augmented to parse and create DNP3 frames (Biondi 2014). In this paper we extend Scapy to include DNP3, thus allowing us to perform attacks on DNP3 in real-time. Our contribution builds on East et al. (2009), who proposed a range of possible attacks on DNP3. We implement several of these attacks to validate our DNP3 extension to Scapy, then executed the attacks on real world equipment. We present our results, showing that many of these theoretical attacks would be unsuccessful in an Ethernet-based network. |
Formato |
application/pdf |
Identificador | |
Relação |
http://eprints.qut.edu.au/81587/1/Vol161_AISC2015_paper09.pdf http://staff.scm.uws.edu.au/~lapark/download/acsw2015/Vol161_AISC2015_paper09.pdf Rodofile, Nicholas, Radke, Kenneth, & Foo, Ernest (2015) Real-time and interactive attacks on DNP3 critical infrastructure using Scapy. In Welch, Ian & Yi, Xun (Eds.) Australasian Information Security Conference (ACSW-AISC), 27-30 January 2015, Sydney, NSW. http://purl.org/au-research/grants/ARC/LP120200246 |
Direitos |
Copyright 2015 Commonwealth of Australia This paper appeared at the 13th Australasian Information Security Conference (AISC 2015), Sydney, Australia. Conferences in Research and Practice in Information Technology (CRPIT), Vol. 161, Ian Welch and Xun Yi, Ed. Reproduction for academic, not-for-profit purposes permitted provided this text is included. |
Fonte |
School of Electrical Engineering & Computer Science; Institute for Future Environments; Science & Engineering Faculty |
Palavras-Chave | #Substations #Distributed Network Protocol 3.0, #DNP3, #Critical Infrastructure Security #Scapy |
Tipo |
Conference Paper |