Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Critical Information Infrastructures Security

CRITIS 2008: Critical Information Infrastructure Security pp 200–210Cite as

Analysis of Malicious Traffic in Modbus/TCP Communications

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5508))

Abstract

This paper presents the results of our analysis about the influence of Information Technology (IT) malicious traffic on an IP-based automation environment. We utilized a traffic generator, called MACE (Malicious trAffic Composition Environment), to inject malicious traffic in a Modbus/TCP communication system and a sniffer to capture and analyze network traffic. The realized tests show that malicious traffic represents a serious risk to critical information infrastructures. We show that this kind of traffic can increase latency of Modbus/TCP communication and that, in some cases, can put Modbus/TCP devices out of communication.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Pires, P.S.M., Oliveira, L.A.H.G.: Security Aspects of SCADA and Corporate Network Interconnection: An Overview. In: Dependability of Computer Systems, DepCoS-RELCOMEX 2006, May 2006, pp. 127–134 (2006)

    Google Scholar 

  2. Igure, V.M., Laughter, S.A., Williams, R.D., Brown, C.L.: Security Issues in SCADA Networks. Computer & Security 25(7), 498–506 (2006)

    Article  Google Scholar 

  3. Ralston, P.A.S., Graham, J.H., Hieb, J.L.: Cyber Security Risk Assessment for SCADA and DCS Networks. ISA Transactions 46(4), 583–594 (2007)

    Article  Google Scholar 

  4. 21 Steps to Improve Cyber Security of SCADA Networks. President’s Critical Infrastructure Protection Board and Department of Energy Report (2002), http://www.oe.netl.doe.gov/docs/prepare/21stepsbooklet.pdf

  5. Fernandez, J.D., Fernandez, A.E.: SCADA Systems: Vulnerabilities and Remediation. Journal of Computing Sciences in Colleges 20(4), 160–168 (2005)

    Google Scholar 

  6. Naedele, M.: Addressing IT Security for Critical Control Systems. System Sciences. In: 40th Annual Hawaii International Conference, HICSS 2007, January 2007, p. 115 (2007)

    Google Scholar 

  7. Pollet, J.: Developing a Solid SCADA Security Strategy. In: 2nd ISA/IEEE Sensors for Industry Conference, November 2002, pp. 148–156 (2002)

    Google Scholar 

  8. Mirkovic, J., Reiher, P., Fahmy, S., Thomas, R., Hussain, A., Schwab, S., Ko, C.: Measuring Denial of Service. Conference on Computer and Communications Security. In: Proceedings of the 2nd ACM Workshop on Quality of Protection, pp. 53–58 (2006)

    Google Scholar 

  9. Lan, K., Hussain, A., Dutta, D.: The Effect of Malicious Traffic on the Network. In: Proc. PAM 2003 (April 2003)

    Google Scholar 

  10. Sommers, J., Yegneswaran, V., Barford, P.: A Framework for Malicious Workload Generation. In: Proceedings of the 4th ACM SIGCOMM Conference on Internet Measurement, October 2004, pp. 82–87 (2004)

    Google Scholar 

  11. Aikat, J., Kaur, J., Smith, F.D., Jeffay, K.: Variability in TCP Round-Trip Times. In: Proceedings of the 3rd ACM SIGCOMM Conference on Internet Measurement Conference, pp. 279–284 (2003)

    Google Scholar 

  12. Stevens, W.R.: TCP/IP Illustrated. The Protocols, vol. 1. Addison-Wesley, Reading (1999)

    MATH  Google Scholar 

  13. Kobayashi, T.H., Batista Jr., A.B., Brito Jr., A.M., Motta Pires, P.S.: Using a Packet Manipulation Tool for Security Analysis of Industrial Network Protocols. In: IEEE Conference on Emerging Technology and Factory Automation, ETFA 2007, Patras, Greece, September 25-28, pp. 744–747 (2007)

    Google Scholar 

  14. Wireshark: Go Deep, http://www.wireshark.org/

  15. CVE-2003-0352. Common Vulnerabilities and Exposures, http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0352

  16. CVE-1999-0357. Common Vulnerabilities and Exposures, http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0357

Download references

Author information

Authors and Affiliations

  1. LabSIN - Security Information Laboratory Department of Computer Engineering and Automation - DCA, Federal University of Rio Grande do Norte - UFRN, Natal, 59.078-970, RN, Brazil

    Tiago H. Kobayashi, Aguinaldo B. Batista Jr., João Paulo S. Medeiros, José Macedo F. Filho, Agostinho M. Brito Jr. & Paulo S. Motta Pires

Authors
  1. Tiago H. Kobayashi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Aguinaldo B. Batista Jr.
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. João Paulo S. Medeiros
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. José Macedo F. Filho
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Agostinho M. Brito Jr.
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Paulo S. Motta Pires
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Complex Systems & Security Lab, University CAMPUS Bio-Medico of Roma, Italy

    Roberto Setola

  2. IABG mbH Germany, InfoCom, Safety and Security, Dept. for Critical Infrastructures, Einsteinstr. 20, 855211, Ottobrunn, Germany

    Stefan Geretshuber

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kobayashi, T.H., Batista, A.B., Medeiros, J.P.S., Filho, J.M.F., Brito, A.M., Pires, P.S.M. (2009). Analysis of Malicious Traffic in Modbus/TCP Communications. In: Setola, R., Geretshuber, S. (eds) Critical Information Infrastructure Security. CRITIS 2008. Lecture Notes in Computer Science, vol 5508. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-03552-4_18

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-03552-4_18

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-03551-7

  • Online ISBN: 978-3-642-03552-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation