IDEAS home Printed from https://ideas.repec.org/a/eee/ijocip/v39y2022ics187454822200052x.html
   My bibliography  Save this article

Launch of denial of service attacks on the modbus/TCP protocol and development of its protection mechanisms

Author

Listed:
  • Rahman, Ayesha
  • Mustafa, Ghulam
  • Khan, Abdul Qayyum
  • Abid, Muhammad
  • Durad, Muhammad Hanif

Abstract

Modbus is considered the defacto standard of industrial control systems as obvious from the fact that most vendors in the automation industry support Modbus protocol. Despite its wide popularity, Modbus is not secure because the time period in which it was introduced security was not considered to be a concern for closed isolated Industrial Control Systems (ICS) systems, therefore, in today’s era of internet, Modbus protocol cannot withstand malicious cyber attacks that the normal IT network is exposed to. Among the various attacks launched on ICS, the Denial of Service (DoS) attack is of prime importance as it has a fatal impact on the control systems’ stability and operation specially where hard real-time communication is essential. In this paper, we perform an extensive research on the documented and reported vulnerabilities in the Modbus protocol, and also review various efforts on how to exploit those vulnerabilities. After the thorough and exhaustive research, we have designed a virtual testbed that simulates the real world industrial control systems to conduct research on exploitation of the found vulnerabilities. The testbed is employed to successfully conduct two Denial of service attack scenarios on the software simulation of a programmable logic controller. The results of the launched attacks are evaluated in an attempt to perform attack-impact analysis and their findings are discussed in this paper. Lastly, a few prevention techniques are discussed that enlist how to avoid and protect systems against these attacks.

Suggested Citation

  • Rahman, Ayesha & Mustafa, Ghulam & Khan, Abdul Qayyum & Abid, Muhammad & Durad, Muhammad Hanif, 2022. "Launch of denial of service attacks on the modbus/TCP protocol and development of its protection mechanisms," International Journal of Critical Infrastructure Protection, Elsevier, vol. 39(C).
    • Handle: RePEc:eee:ijocip:v:39:y:2022:i:c:s187454822200052x
    DOI: 10.1016/j.ijcip.2022.100568
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S187454822200052X
    Download Restriction: Full text for ScienceDirect subscribers only
    File URL: https://libkey.io/10.1016/j.ijcip.2022.100568?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Miller, Thomas & Staves, Alexander & Maesschalck, Sam & Sturdee, Miriam & Green, Benjamin, 2021. "Looking back to look forward: Lessons learnt from cyber-attacks on Industrial Control Systems," International Journal of Critical Infrastructure Protection, Elsevier, vol. 35(C).
    2. Huitsing, Peter & Chandia, Rodrigo & Papa, Mauricio & Shenoi, Sujeet, 2008. "Attack taxonomies for the Modbus protocols," International Journal of Critical Infrastructure Protection, Elsevier, vol. 1(C), pages 37-44.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Monzer, Mohamad-Houssein & Beydoun, Kamal & Ghaith, Alaa & Flaus, Jean-Marie, 2022. "Model-based IDS design for ICSs," Reliability Engineering and System Safety, Elsevier, vol. 225(C).
    2. Ghaleb, Asem & Zhioua, Sami & Almulhem, Ahmad, 2018. "On PLC network security," International Journal of Critical Infrastructure Protection, Elsevier, vol. 22(C), pages 62-69.
    3. Rodofile, Nicholas R. & Radke, Kenneth & Foo, Ernest, 2019. "Extending the cyber-attack landscape for SCADA-based critical infrastructure," International Journal of Critical Infrastructure Protection, Elsevier, vol. 25(C), pages 14-35.
    4. Nai Fovino, Igor & Masera, Marcelo & De Cian, Alessio, 2009. "Integrating cyber attacks within fault trees," Reliability Engineering and System Safety, Elsevier, vol. 94(9), pages 1394-1402.
    5. Davide Berardi & Franco Callegati & Andrea Giovine & Andrea Melis & Marco Prandini & Lorenzo Rinieri, 2023. "When Operation Technology Meets Information Technology: Challenges and Opportunities," Future Internet, MDPI, vol. 15(3), pages 1-16, February.
    6. Cheng-Hui Chou & Chi-Che Wu & Kuan-Chu Lu & I-Hsien Liu & Tien-Hsiang Chang & Chu-Fen Li & Jung-Shian Li, 2018. "Modbus Packet Analysis and Attack Mode for SCADA System," Journal of ICT, Design, Engineering and Technological Science, Juhriyansyah Dalle, vol. 2(2), pages 30-35.
    7. Alvaro Llaria & Jessye Dos Santos & Guillaume Terrasson & Zina Boussaada & Christophe Merlo & Octavian Curea, 2021. "Intelligent Buildings in Smart Grids: A Survey on Security and Privacy Issues Related to Energy Management," Energies, MDPI, vol. 14(9), pages 1-37, May.
    8. Yampolskiy, Mark & Skjellum, Anthony & Kretzschmar, Michael & Overfelt, Ruel A. & Sloan, Kenneth R. & Yasinsac, Alec, 2016. "Using 3D printers as weapons," International Journal of Critical Infrastructure Protection, Elsevier, vol. 14(C), pages 58-71.
    9. Nai Fovino, Igor & Carcano, Andrea & Masera, Marcelo & Trombetta, Alberto, 2009. "An experimental investigation of malware attacks on SCADA systems," International Journal of Critical Infrastructure Protection, Elsevier, vol. 2(4), pages 139-145.
    10. CHERIFI, Tarek & HAMAMI, Lamia, 2018. "A practical implementation of unconditional security for the IEC 60780-5-101 SCADA protocol," International Journal of Critical Infrastructure Protection, Elsevier, vol. 20(C), pages 68-84.
    11. Berghout, Tarek & Benbouzid, Mohamed, 2022. "EL-NAHL: Exploring labels autoencoding in augmented hidden layers of feedforward neural networks for cybersecurity in smart grids," Reliability Engineering and System Safety, Elsevier, vol. 226(C).
    12. Staggs, Jason & Ferlemann, David & Shenoi, Sujeet, 2017. "Wind farm security: attack surface, targets, scenarios and mitigation," International Journal of Critical Infrastructure Protection, Elsevier, vol. 17(C), pages 3-14.
    13. Etxezarreta, Xabier & Garitano, Iñaki & Iturbe, Mikel & Zurutuza, Urko, 2023. "Software-Defined Networking approaches for intrusion response in Industrial Control Systems: A survey," International Journal of Critical Infrastructure Protection, Elsevier, vol. 42(C).
    14. Despoina Chochtoula & Aristidis Ilias & Yannis C. Stamatiou & Christos Makris, 2022. "Integrating Elliptic Curve Cryptography with the Modbus TCP SCADA Communication Protocol," Future Internet, MDPI, vol. 14(8), pages 1-18, July.
    15. Smitha Joyce Pinto & Pierluigi Siano & Mimmo Parente, 2023. "Review of Cybersecurity Analysis in Smart Distribution Systems and Future Directions for Using Unsupervised Learning Methods for Cyber Detection," Energies, MDPI, vol. 16(4), pages 1-24, February.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:ijocip:v:39:y:2022:i:c:s187454822200052x. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: https://www.journals.elsevier.com/international-journal-of-critical-infrastructure-protection .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.