poster

How Feasible are Steganographic and Stealth Attacks on TIA Project Metadata of ICS: A Case Study with Real-world Data

Authors:

Laura Hartmann,

Steffen WendzelAuthors Info & Claims

EICC '21: Proceedings of the 2021 European Interdisciplinary Cybersecurity Conference

Pages 83 - 84

https://doi.org/10.1145/3487405.3487661

Published: 22 November 2021 Publication History

Get Access

Abstract

The protection of industrial control systems (ICS) is crucial for a robust provision of essential services for the modern society. Stealthy and steganographic attacks are a considerable threat against the reliability and security of such ICS. Several ICS components are maintained via the popular Totally Integrated Automation (TIA) project software. In this paper, we investigate TIA project metadata of a German car manufacturer, in particular an axis and a soldering tip project. We analyze the devices’ metadata and their changes over time to determine whether modifications would potentially appear as anomalies when being monitored. Our results show that most TIA project attributes do not change or change very rarely, rendering such attributes mostly unsuitable for hiding information as well as for conducting stealthy attacks.

References

[1]

C. Feng, T. Li, Z. Zhu, and D. Chana. 2017. A deep learning-based framework for conducting stealthy attacks in industrial control systems. arXiv preprint arXiv:1709.06397(2017).

Google Scholar

[2]

L. Hartmann and S. Wendzel. 2021, in press. Detection of Anomalous Values within TIA Project Data History for Industrial Control Systems. In Proc. European Interdisciplinary Cybersecurity Conference (EICC), Doctoral Symposium. ACM.

Google Scholar

[3]

S. Wendzel, W. Mazurczyk, and G. Haas. 2017. Steganography for cyber-physical systems. Journal of Cyber Security and Mobility(2017), 105–126.

Google Scholar

Index Terms

How Feasible are Steganographic and Stealth Attacks on TIA Project Metadata of ICS: A Case Study with Real-world Data
1. Security and privacy
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Index terms have been assigned to the content through auto-classification.

Recommendations

Detection of Anomalous Values within TIA Project Data History for Industrial Control Systems
EICC '21: Proceedings of the 2021 European Interdisciplinary Cybersecurity Conference

Attacks on industrial control systems (ICS) have been intensively studied during the last decade. Malicious alternations of ICS can appear in several different ways, e.g. in changed network traffic patterns or in modified data stored on ICS components. ...
Stealth attacks: An extended insight into the obfuscation effects on Android malware

In order to effectively evade anti-malware solutions, Android malware authors are progressively resorting to automatic obfuscation strategies. Recent works have shown, on small-scale experiments, the possibility of evading anti-malware engines by ...
Mimicry attacks on host-based intrusion detection systems
CCS '02: Proceedings of the 9th ACM conference on Computer and communications security

We examine several host-based anomaly detection systems and study their security against evasion attacks. First, we introduce the notion of a mimicry attack, which allows a sophisticated attacker to cloak their intrusion to avoid detection by the IDS. ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

EICC '21: Proceedings of the 2021 European Interdisciplinary Cybersecurity Conference

November 2021

97 pages

ISBN:9781450390491

DOI:10.1145/3487405

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 22 November 2021

Check for updates

Author Tags

Qualifiers

Poster
Research
Refereed limited

Conference

EICC '21

EICC '21: European Interdisciplinary Cybersecurity Conference

November 10 - 11, 2021

Virtual Event, Romania

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

0
Total Citations
35
Total Downloads

Downloads (Last 12 months)8
Downloads (Last 6 weeks)1

Reflects downloads up to 12 Nov 2024

Other Metrics

View Author Metrics

Citations

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

HTML Format

View this article in HTML Format.

HTML Format

Abstract

References

Index Terms

Recommendations

Detection of Anomalous Values within TIA Project Data History for Industrial Control Systems

Stealth attacks: An extended insight into the obfuscation effects on Android malware

Mimicry attacks on host-based intrusion detection systems

Comments

Information

Published In

Publisher

Publication History

Check for updates

Author Tags

Qualifiers

Conference

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Get Access

Login options

Full Access

View options

PDF

eReader

HTML Format

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations