원문정보
초록
영어
SCADA system is a computer system that monitors and controls the national infrastructure or industrial process including transportation facilities, water treatment and distribution, electrical power transmission and distribution, and gas pipelines. If a SCADA system is infected by a malicious worm, such as the Stuxnet, disaster is inevitable. Since the appearance of Stuxnet, researchers focused on detecting this intrusion in SCADA networks. As a result, various methods have been presented by researchers. One of them is to monitor traffic and detect anomalous patterns. However, it is not able to detecting a spoofed packet. This study present three cases of system anomaly by example of pattern based on real data of PROFINET/DCP protocol. And propose protection method using the authentication.
목차
1. Introduction
2. PROFINET/DCP
3. Three Cases of Attack Scenario
3.1. Packet Flooding
3.2. Packet Sniffing
3.3. Packet Xid Spoofing
4. Pattern of PROFINET/DCP Packets
5. DNPSec
6. Advanced Protocol Structure
7. Conclusion
Acknowledgements
References