Paper Titles

Impedance Control of Dual-Arm Systems Based on the Object with Senseless Force
p.1920

The Design of Servo Loop Bandwidth Based on Fuzzy Control Theory
p.1924

Study on the Formation Control Methods for Multi-Agent Based on Geometric Characteristics
p.1928

UAV Active SLAM Trajectory Programming Based on Optimal Control
p.1932

A Novel Framework for Industrial Control System Malicious Code Analysis
p.1936

Serial Communication Design of Industrial Control System Based on Visual Basic6.0 and MX Software Package
p.1943

Control of the Pulse Width in a Laser-Diode-Pumped Passively Q-Switched ND:YVO₄ Laser
p.1947

Tuning of Ship Heading Controller Based on Minimum Rate of Energy Dissipation and Multi-Attribute Decision Making Method
p.1951

Media Access Control Protocol in Ad Hoc Network Based on Hybrid Antennas
p.1956

HomeAdvanced Materials ResearchAdvanced Materials Research Vols. 765-767A Novel Framework for Industrial Control System...

A Novel Framework for Industrial Control System Malicious Code Analysis

Article Preview

Abstract:

industrial Control System (ICS) performs the tasks of supervisory control and data acquisition of critical infrastructures. With the widely application of computer and network techniques, ICS suffers serious security threats, and malicious codes are one of the most serious security problems. However, there is absent of analysis methods specific for ICS malicious code behaviors in current times. In this paper, a framework for ICS malicious code analysis is presented. Firstly, the ICS attack graph model is established based upon the hierarchical structure of industrial control system and the suffered security threats, which formalizes the attack process of ICS malicious code. Secondly, the runtime information of ICS malicious code is detected and collected for analyzing and assessing the attack behaviors and the resulted impacts. Finally, the ICS simulation environment for malicious code analysis is constructed based upon the framework and the experimental analysis of ICS malicious code is performed which preliminary validates the effectiveness of the proposed framework.

You might also be interested in these eBooks

Advanced Information and Computer Technology in Engineering and Manufacturing, Environmental Engineering

Info:

Periodical:

Advanced Materials Research (Volumes 765-767)

Pages:

1936-1942

DOI:

https://doi.org/10.4028/www.scientific.net/AMR.765-767.1936

Citation:

Cite this paper

Online since:

September 2013

Authors:

Chun Lei Wang, Qing Miao, Lan Fang, Yi Qi Dai

Keywords:

Attack Graph Model, Industrial Control System, Malicious Code Analysis, Simulation Environment

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

© 2013 Trans Tech Publications Ltd. All Rights Reserved

Share:

Citation:

[1] R. Goodwins, Iran confirms Stuxnet attack on nuclear site , ZDNet UK, 26 September (2010).

[2] W. J. Broad, Stuxnet Worm Used Against Iran Was Tested in Israel , New York Times, 15 January (2011).

[3] N. Falliere, LO. Murchu, andE. Chien, W32. StuxnetDossier, http: /www. symantec. com/content/en/us/enterprise/media/security_response/whitepapers/w32_stuxnet_dossier. pdf, November (2010).

[4] C. Kruegel, W. Robertson, and G. Vigna, Detecting Kernel-level rootkits through binary analysis, Annual Computer Security ApplicationConference (ACSAC), (2004).

DOI: 10.1109/csac.2004.19

[5] E. Kirda, C. Kruegel, G. Banks, G. Vigna, and R. Kemmerer, Behavior-based Spyware Detection, Usenix Security Symposium, (2006).

[6] J. Crandall, G. Wassermann, D. Oliveira, Z. Su, F. Wu, and F. Chong, Temporal Search: Detecting Hidden Malware Timebombs with VirtualMachines, Conference on Architectural Support for Programming Languages and OS, (2006).

DOI: 10.1145/1168857.1168862

[7] C. Willems, CWSandbox: Automatic Behaviour Analysis of Malware, http: /www. cwsandbox. org/, (2006).

[8] U. Bayer, C. Kruegel, and E. Kirda, TTAnalyze: A Tool for Analyzing Malware, 15th Annual Conference of the European Institute for Computer Antivirus Research (EICAR), (2006).

[9] A. Vasudevan and R. Yerraballi, Cobra: Fine-grained Malware Analysis using Stealth Localized-Executions, IEEE Symposium on Security and Privacy, (2006).

DOI: 10.1109/sp.2006.9

[10] A. Moser, C. Kruegel, and E. Kirda, Exploring Multiple Execution Paths for Malware Analysis, IEEE Computer Society Press . USA, pp.231-245, (2007).

DOI: 10.1109/sp.2007.17

[11] W. Xiang-gen, S. Duan-feng, F. Deng-guo, and S. Pu-rui, Exploring Multiple Execution Paths for Malware Analysis Based on Coverage of Codes, Chinese Journal of Electronics, vol. Vol . 37 　No. 4, 2009. 4.

[12] US-CERT Control System Security Program (CSSP), http: /www. us-cert. gov/control_ systems.

[13] L. Mora, OPC Server security considerations, Proceedings of SCADA Security Scientific Symposium, January (2007).

[14] M. Franz, ICCP Exposed: Assessing the Attack Surface of the Utility Stack, Proceedings of SCADA Security Scientific Symposium, January (2007).

[15] Object Linking and Embedding（OLE）for Process Control Specifications, http: /www. opcfoundation. org.

[16] C. Bellettini and J. L. Rrushi, Vulnerability Analysis of SCADA Protocol Binaries through Detection of Memory Access Taintedness, Proceedings of the 2007 IEEE Workshop on Information Assurance, June (2007).

DOI: 10.1109/iaw.2007.381952

[17] IDART, http: /idart. sandia. gov.

[18] CS2SAT, http: /www. digitalbond. com/wiki/index. php/CS2SAT.

[19] R.A. Grimes, Malieious Mobile Code, Viurs Protection for Windows, vol. 1st ed, (2001).