IDEAS home Printed from https://ideas.repec.org/a/eee/ijocip/v47y2024ics1874548224000581.html
   My bibliography  Save this article

Obfuscation strategies for industrial control systems

Author

Listed:
  • Cozza, Vittoria
  • Dalla Preda, Mila
  • Lanotte, Ruggero
  • Lucchese, Marco
  • Merro, Massimo
  • Zannone, Nicola

Abstract

Recently released scan data on Shodan reveals that thousands of Industrial Control Systems (ICSs) worldwide are directly accessible via the Internet and, thus, exposed to cyber-attacks aiming at financial gain, espionage, or disruption and/or sabotage. Executing sophisticated cyber–physical attacks aiming to manipulate industrial functionalities requires a deep understanding of the underlying physical process at the core of the target ICS, for instance, through unauthorized access to memory registers of Programmable Logic Controllers (PLCs). However, to date, countermeasures aiming at hindering the comprehension of physical processes remain largely unexplored.

Suggested Citation

  • Cozza, Vittoria & Dalla Preda, Mila & Lanotte, Ruggero & Lucchese, Marco & Merro, Massimo & Zannone, Nicola, 2024. "Obfuscation strategies for industrial control systems," International Journal of Critical Infrastructure Protection, Elsevier, vol. 47(C).
    • Handle: RePEc:eee:ijocip:v:47:y:2024:i:c:s1874548224000581
    DOI: 10.1016/j.ijcip.2024.100717
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S1874548224000581
    Download Restriction: Full text for ScienceDirect subscribers only
    File URL: https://libkey.io/10.1016/j.ijcip.2024.100717?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Ye Yuan & Xiuchuan Tang & Wei Zhou & Wei Pan & Xiuting Li & Hai-Tao Zhang & Han Ding & Jorge Goncalves, 2019. "Data driven discovery of cyber physical systems," Nature Communications, Nature, vol. 10(1), pages 1-9, December.
    2. Huang, Yu-Lun & Cárdenas, Alvaro A. & Amin, Saurabh & Lin, Zong-Syun & Tsai, Hsin-Yi & Sastry, Shankar, 2009. "Understanding the physical and economic consequences of attacks on control systems," International Journal of Critical Infrastructure Protection, Elsevier, vol. 2(3), pages 73-83.
    3. Miller, Thomas & Staves, Alexander & Maesschalck, Sam & Sturdee, Miriam & Green, Benjamin, 2021. "Looking back to look forward: Lessons learnt from cyber-attacks on Industrial Control Systems," International Journal of Critical Infrastructure Protection, Elsevier, vol. 35(C).
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Wang, Wei & Cammi, Antonio & Di Maio, Francesco & Lorenzi, Stefano & Zio, Enrico, 2018. "A Monte Carlo-based exploration framework for identifying components vulnerable to cyber threats in nuclear power plants," Reliability Engineering and System Safety, Elsevier, vol. 175(C), pages 24-37.
    2. Singh, Abhishek Narain & Gupta, M.P. & Ojha, Amitabh, 2014. "Identifying critical infrastructure sectors and their dependencies: An Indian scenario," International Journal of Critical Infrastructure Protection, Elsevier, vol. 7(2), pages 71-85.
    3. Davide Berardi & Franco Callegati & Andrea Giovine & Andrea Melis & Marco Prandini & Lorenzo Rinieri, 2023. "When Operation Technology Meets Information Technology: Challenges and Opportunities," Future Internet, MDPI, vol. 15(3), pages 1-16, February.
    4. Rahman, Ayesha & Mustafa, Ghulam & Khan, Abdul Qayyum & Abid, Muhammad & Durad, Muhammad Hanif, 2022. "Launch of denial of service attacks on the modbus/TCP protocol and development of its protection mechanisms," International Journal of Critical Infrastructure Protection, Elsevier, vol. 39(C).
    5. Ping, Zuowei & Li, Xiuting & He, Wei & Yang, Tao & Yuan, Ye, 2020. "Sparse learning of network-reduced models for locating low frequency oscillations in power systems," Applied Energy, Elsevier, vol. 262(C).
    6. Yuan, Shuaiqi & Reniers, Genserik & Yang, Ming, 2024. "Integrated management of safety and security barriers in chemical plants to cope with emerging cyber-physical attack risks under uncertainties," Reliability Engineering and System Safety, Elsevier, vol. 250(C).
    7. Henriques de Gusmão, Ana Paula & Mendonça Silva, Maisa & Poleto, Thiago & Camara e Silva, Lúcio & Cabral Seixas Costa, Ana Paula, 2018. "Cybersecurity risk analysis model using fault tree analysis and fuzzy decision theory," International Journal of Information Management, Elsevier, vol. 43(C), pages 248-260.
    8. CHERIFI, Tarek & HAMAMI, Lamia, 2018. "A practical implementation of unconditional security for the IEC 60780-5-101 SCADA protocol," International Journal of Critical Infrastructure Protection, Elsevier, vol. 20(C), pages 68-84.
    9. Yampolskiy, Mark & Horváth, Péter & Koutsoukos, Xenofon D. & Xue, Yuan & Sztipanovits, Janos, 2015. "A language for describing attacks on cyber-physical systems," International Journal of Critical Infrastructure Protection, Elsevier, vol. 8(C), pages 40-52.
    10. Zhao Chen & Yang Liu & Hao Sun, 2021. "Physics-informed learning of governing equations from scarce data," Nature Communications, Nature, vol. 12(1), pages 1-13, December.
    11. Ding, Jia & Wang, Maolin & Ping, Zuowei & Fu, Dongfei & Vassiliadis, Vassilios S., 2020. "An integrated method based on relevance vector machine for short-term load forecasting," European Journal of Operational Research, Elsevier, vol. 287(2), pages 497-510.
    12. Berghout, Tarek & Benbouzid, Mohamed, 2022. "EL-NAHL: Exploring labels autoencoding in augmented hidden layers of feedforward neural networks for cybersecurity in smart grids," Reliability Engineering and System Safety, Elsevier, vol. 226(C).
    13. Fu, Yangyang & O'Neill, Zheng & Yang, Zhiyao & Adetola, Veronica & Wen, Jin & Ren, Lingyu & Wagner, Tim & Zhu, Qi & Wu, Terresa, 2021. "Modeling and evaluation of cyber-attacks on grid-interactive efficient buildings," Applied Energy, Elsevier, vol. 303(C).
    14. Sugumar, Gayathri & Mathur, Aditya, 2019. "A method for testing distributed anomaly detectors," International Journal of Critical Infrastructure Protection, Elsevier, vol. 27(C).
    15. Etxezarreta, Xabier & Garitano, Iñaki & Iturbe, Mikel & Zurutuza, Urko, 2023. "Software-Defined Networking approaches for intrusion response in Industrial Control Systems: A survey," International Journal of Critical Infrastructure Protection, Elsevier, vol. 42(C).
    16. Lorenzo Lucchini & Laura Alessandretti & Bruno Lepri & Angela Gallo & Andrea Baronchelli, 2020. "From code to market: Network of developers and correlated returns of cryptocurrencies," Papers 2004.07290, arXiv.org, revised Dec 2020.
    17. Vasan, Danish & Alqahtani, Ebtesam Jubran S. & Hammoudeh, Mohammad & Ahmed, Adel F., 2024. "An AutoML-based security defender for industrial control systems," International Journal of Critical Infrastructure Protection, Elsevier, vol. 47(C).
    18. Li, Yutong & Hou, Jian & Yan, Gangfeng, 2024. "Exploration-enhanced multi-agent reinforcement learning for distributed PV-ESS scheduling with incomplete data," Applied Energy, Elsevier, vol. 359(C).

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:ijocip:v:47:y:2024:i:c:s1874548224000581. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: https://www.journals.elsevier.com/international-journal-of-critical-infrastructure-protection .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.