Abstract
This paper presents the results of our analysis about the influence of Information Technology (IT) malicious traffic on an IP-based automation environment. We utilized a traffic generator, called MACE (Malicious trAffic Composition Environment), to inject malicious traffic in a Modbus/TCP communication system and a sniffer to capture and analyze network traffic. The realized tests show that malicious traffic represents a serious risk to critical information infrastructures. We show that this kind of traffic can increase latency of Modbus/TCP communication and that, in some cases, can put Modbus/TCP devices out of communication.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Pires, P.S.M., Oliveira, L.A.H.G.: Security Aspects of SCADA and Corporate Network Interconnection: An Overview. In: Dependability of Computer Systems, DepCoS-RELCOMEX 2006, May 2006, pp. 127–134 (2006)
Igure, V.M., Laughter, S.A., Williams, R.D., Brown, C.L.: Security Issues in SCADA Networks. Computer & Security 25(7), 498–506 (2006)
Ralston, P.A.S., Graham, J.H., Hieb, J.L.: Cyber Security Risk Assessment for SCADA and DCS Networks. ISA Transactions 46(4), 583–594 (2007)
21 Steps to Improve Cyber Security of SCADA Networks. President’s Critical Infrastructure Protection Board and Department of Energy Report (2002), http://www.oe.netl.doe.gov/docs/prepare/21stepsbooklet.pdf
Fernandez, J.D., Fernandez, A.E.: SCADA Systems: Vulnerabilities and Remediation. Journal of Computing Sciences in Colleges 20(4), 160–168 (2005)
Naedele, M.: Addressing IT Security for Critical Control Systems. System Sciences. In: 40th Annual Hawaii International Conference, HICSS 2007, January 2007, p. 115 (2007)
Pollet, J.: Developing a Solid SCADA Security Strategy. In: 2nd ISA/IEEE Sensors for Industry Conference, November 2002, pp. 148–156 (2002)
Mirkovic, J., Reiher, P., Fahmy, S., Thomas, R., Hussain, A., Schwab, S., Ko, C.: Measuring Denial of Service. Conference on Computer and Communications Security. In: Proceedings of the 2nd ACM Workshop on Quality of Protection, pp. 53–58 (2006)
Lan, K., Hussain, A., Dutta, D.: The Effect of Malicious Traffic on the Network. In: Proc. PAM 2003 (April 2003)
Sommers, J., Yegneswaran, V., Barford, P.: A Framework for Malicious Workload Generation. In: Proceedings of the 4th ACM SIGCOMM Conference on Internet Measurement, October 2004, pp. 82–87 (2004)
Aikat, J., Kaur, J., Smith, F.D., Jeffay, K.: Variability in TCP Round-Trip Times. In: Proceedings of the 3rd ACM SIGCOMM Conference on Internet Measurement Conference, pp. 279–284 (2003)
Stevens, W.R.: TCP/IP Illustrated. The Protocols, vol. 1. Addison-Wesley, Reading (1999)
Kobayashi, T.H., Batista Jr., A.B., Brito Jr., A.M., Motta Pires, P.S.: Using a Packet Manipulation Tool for Security Analysis of Industrial Network Protocols. In: IEEE Conference on Emerging Technology and Factory Automation, ETFA 2007, Patras, Greece, September 25-28, pp. 744–747 (2007)
Wireshark: Go Deep, http://www.wireshark.org/
CVE-2003-0352. Common Vulnerabilities and Exposures, http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0352
CVE-1999-0357. Common Vulnerabilities and Exposures, http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0357
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kobayashi, T.H., Batista, A.B., Medeiros, J.P.S., Filho, J.M.F., Brito, A.M., Pires, P.S.M. (2009). Analysis of Malicious Traffic in Modbus/TCP Communications. In: Setola, R., Geretshuber, S. (eds) Critical Information Infrastructure Security. CRITIS 2008. Lecture Notes in Computer Science, vol 5508. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-03552-4_18
Download citation
DOI: https://doi.org/10.1007/978-3-642-03552-4_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-03551-7
Online ISBN: 978-3-642-03552-4
eBook Packages: Computer ScienceComputer Science (R0)