Abstract | ||
---|---|---|
Cyber attacks have become surprisingly sophisticated over the past fifteen years. While early infections mostly targeted individual machines, recent threats leverage the widespread network connectivity to develop complex and highly coordinated attacks involving several distributed nodes [1]. Attackers are currently targeting very diverse domains, e.g., e-commerce systems, corporate networks, datacenter facilities and industrial systems, to achieve a variety of objectives, which range from credentials compromise to sabotage of physical devices, by means of smarter and smarter worms and rootkits. Stuxnet is a recent worm that well emphasizes the strong technical advances achieved by the attackers' community. It was discovered in July 2010 and firstly affected Iranian nuclear plants [2]. Stuxnet compromises the regular behavior of the supervisory control and data acquisition (SCADA) system by reprogramming the code of programmable logic controllers (PLC). Once compromised, PLCs can progressively destroy a device (e.g., components of a centrifuge, such as the case of the Iranian plant) by sending malicious control signals. Stuxnet combines a relevant number of challenging features: it exploits zero-days vulnerabilities of the Windows OS to affect the nodes connected to the PLC; it propagates either locally (e.g., by means of USB sticks) or remotely (e.g., via shared folders or the print spooler vulnerability); it is able to modify its behavior during the progression of the attack, and communicates with a remote command and control server. More importantly, Stuxnet can remain undetected for many months [3] because it is able to fool the SCADA system by emulating regular monitoring signals. |
Year | DOI | Venue |
---|---|---|
2013 | 10.1109/DSN.2013.6575341 | DSN |
Keywords | Field | DocType |
iranian plant,towards secure monitoring,iranian nuclear plant,control server,recent threat,scada system,control system,industrial system,e-commerce system,supervisory control,recent worm,malicious control signal,programmable controllers,smart grids,programmable logic controllers,security,stuxnet,windows os,cyber attacks,zero day vulnerabilities,sensors | Microsoft Windows,Command and control,Computer security,Computer science,Computer network,Real-time computing,Distributed computing,Control system security,Rootkit,Exploit,SCADA,Programmable logic controller,Stuxnet | Conference |
ISSN | Citations | PageRank |
1530-0889 | 0 | 0.34 |
References | Authors | |
1 | 3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Domenico Cotroneo | 1 | 974 | 79.93 |
Antonio Pecchia | 2 | 143 | 18.60 |
Stefano Russo | 3 | 728 | 78.07 |