Advertisement

Modbus Protocol Based on the Characteristics of the Transmission of Industrial Data Packet Forgery Tampering and Industrial Security Products Testing

  • Qiang Ma
  • Wenting WangEmail author
  • Ti Guan
  • Yong Liu
  • Lin Lin
Conference paper
Part of the Smart Innovation, Systems and Technologies book series (SIST, volume 156)

Abstract

Since the power plant has few network security protections and more industrial network safety problems reveal, we present a solution to verify the weakness and reinforce the safety protection. First, external operator scans the industrial network of the power plant to find alive master computer based on communication protocol. By matching the protocol, we get to find the IP address and type of the device, then use the corresponding master simulator or protocol writing tool to establish connection with the device and change the value of specific register. Obviously, the industrial network has authentication risk without verifying the IP address of the connection initiator. Here, we try to deploy general industrial firewall to fiter unknown IP address and the problem above gets fixed. Then, with arp spoofing, we succeed to hijack and modify the packet between the master computer and the device, firewall deployed before gets bypassed and industrial device can be controlled. Now we can see the industrial network lacks adequate internal auditing and monitoring and the general firewall has its limitation and weakness, therefore, we suggest we develop one customized and suitable security defense product for power industry.

Keywords

PLC ICS ARP Modbus 

Notes

Acknowledgements

This work was supported by “Research on Lightweight Active Immune Technology for Electric Power Supervisory Control System”, a science and technology project of State Grid Co., Ltd in 2019.

References

  1. 1.
    Meng, X.F., Ci, X.: Big data management: concepts, techniques and challenges. J. Comput. Res. Dev. 50(1), 146–169 (2013)Google Scholar
  2. 2.
    Guo, Q.L., Xin, S.J., Wang, J.H.: Comprehensive security assessment for a cyber physical energy system: a lesson from Ukraine’s Blackout. Autom. Electr. Power Syst. 40(5), 145–147 (2016)Google Scholar
  3. 3.
    Zhu, X.Y., Fang, Q.: Study on mechanism and strategy of cybersecurity in U.S. electric power industry. Electr. Power 48(5), 81–88 (2015)Google Scholar
  4. 4.
    Sun, H.F., Gong, L.D., Zhang, H.T.: Research on big data analysis platform for smart grid and its application evolution. Mod. Electr. Power 33(6), 64–73 (2016)Google Scholar
  5. 5.
    Peng, X.S., Deng, D.Y., Cheng, S.J.: Key technologies of electric power big data and its application prospects in smart grid. Proc. CSEE 35(3), 503–511 (2015)Google Scholar
  6. 6.
    Zhang, B., Zhuang, C.J., Hu, J.: Ensemble clustering algorithm combined with dimension reduction techniques for power load profiles. Proc. CSEE 35(15), 3741–3749 (2015)Google Scholar
  7. 7.
    Qi, J., Qu, Z.Y., Lou, J.L.: A kind of attribute entity recognition algorithm based on Hadoop for power big data. Power Syst. Prot. Control. 44(24), 52–57 (2016)Google Scholar
  8. 8.
    Fang, X., Misra, S., Xue, G.: Smart grid—the new and improved power grid: a survey. IEEE Commun. Surv. Tutor. 14(4), 944–980 (2012)CrossRefGoogle Scholar
  9. 9.
    Wang, W., Lu, Z.: Cyber security in the smart grid: survey and challenges. Comput. Netw. 57(5), 1344–1371 (2013)CrossRefGoogle Scholar
  10. 10.
    Tan, S., De, D., Song, W.Z.: Survey of security advances in smart grid: a data driven approach. IEEE Commun. Surv. Tutor. (2016)Google Scholar
  11. 11.
    Shvachko, K., Kuang, H., Radia, S.: The hadoop distributed file system. In: IEEE 26th Symposium on Mass Storage Systems and Technologies (MSST), pp. 1–10. IEEE (2010)Google Scholar
  12. 12.
    Zaharia, M., Chowdhury, M., Das, T.: Resilient distributed datasets: a fault-tolerant abstraction for in-memory cluster computing. In: Proceedings of the 9th USENIX Conference on Networked Systems Design and Implementation, p. 2. USENIX Association (2012)Google Scholar
  13. 13.
    Team, D.J.D.: Deeplearning4j: Open-source distributed deep learning for the JVM. Apache Softw. Found. Licens. 2Google Scholar
  14. 14.
    Fiore, U., Palmieri, F., Castiglione, A.: Network anomaly detection with the restricted Boltzmann machine. Neurocomputing 122(5), 13–23 (2013)CrossRefGoogle Scholar
  15. 15.
    Sutskever, I., Vinyals, O., Le, Q.V.: Sequence to sequence learning with neural networks. In: Advances in Neural Information Processing Systems, pp. 3104–3112 (2014)Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2020

Authors and Affiliations

  • Qiang Ma
    • 1
  • Wenting Wang
    • 2
    Email author
  • Ti Guan
    • 1
  • Yong Liu
    • 1
  • Lin Lin
    • 1
  1. 1.State Grid Shandong Electric Power CompanyJinanChina
  2. 2.State Grid Shandong Electric Power Research InstituteJinanChina

Personalised recommendations