IDEAS home Printed from https://ideas.repec.org/a/wly/intnem/v32y2022i1ne2158.html
   My bibliography  Save this article

Industrial control protocols in the Internet core: Dismantling operational practices

Author

Listed:
  • Marcin Nawrocki
  • Thomas C. Schmidt
  • Matthias Wählisch

Abstract

Industrial control systems (ICS) are managed remotely with the help of dedicated protocols that were originally designed to work in walled gardens. Many of these protocols have been adapted to Internet transport and support wide‐area communication. ICS now exchange insecure traffic on an inter‐domain level, putting at risk not only common critical infrastructure but also the Internet ecosystem (e.g., by DRDoS attacks). In this paper, we measure and analyze inter‐domain ICS traffic at two central Internet vantage points, an IXP and an ISP. These traffic observations are correlated with data from honeypots and Internet‐wide scans to separate industrial from non‐industrial ICS traffic. We uncover mainly unprotected inter‐domain ICS traffic and provide an in‐depth view on Internet‐wide ICS communication. Our results can be used (i) to create precise filters for potentially harmful non‐industrial ICS traffic and (ii) to detect ICS sending unprotected inter‐domain ICS traffic, being vulnerable to eavesdropping and traffic manipulation attacks. Additionally, we survey recent security extensions of ICS protocols, of which we find very little deployment. We estimate an upper bound of the deployment status for ICS security protocols in the Internet core.

Suggested Citation

  • Marcin Nawrocki & Thomas C. Schmidt & Matthias Wählisch, 2022. "Industrial control protocols in the Internet core: Dismantling operational practices," International Journal of Network Management, John Wiley & Sons, vol. 32(1), January.
    • Handle: RePEc:wly:intnem:v:32:y:2022:i:1:n:e2158
    DOI: 10.1002/nem.2158
    as

    Download full text from publisher

    File URL: https://doi.org/10.1002/nem.2158
    Download Restriction: no
    File URL: https://libkey.io/10.1002/nem.2158?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Baxley, Stuart M. & Bastin, Nicholas & Gurkan, Deniz & Conklin, William Arthur, 2022. "Feasibility of critical infrastructure protection using network functions for programmable and decoupled ICS policy enforcement over WAN," International Journal of Critical Infrastructure Protection, Elsevier, vol. 39(C).

    More about this item

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:wly:intnem:v:32:y:2022:i:1:n:e2158. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Wiley Content Delivery (email available below). General contact details of provider: https://doi.org/10.1002/(ISSN)1099-1190 .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.