I came, i saw, i hacked: Automated Generation of Process-independent Attacks for Industrial Control Systems

Esha Sarkar, Hadjer Benkraouda, Michail Maniatakos

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Malicious manipulations on Industrial Control Systems (ICSs) endanger critical infrastructures, causing unprecedented losses. State-of-the-art research in the discovery and exploitation of vulnerability typically assumes full visibility and control of the industrial process, which in real-world scenarios is unrealistic. In this work, we investigate the possibility of an automated end-to-end attack for an unknown control process in the constrained scenario of infecting just one industrial computer. We create databases of human-machine interface images, and Programmable Logic Controller (PLC) binaries using publicly available resources to train machine-learning models for modular and granular fingerprinting of the ICS sectors and the processes, respectively. We then explore control-theoretic attacks on the process leveraging common/ubiquitous control algorithm modules like Proportional Integral Derivative blocks using a PLC binary reverse-engineering tool, causing stable or oscillatory deviations within the operational limits of the plant. We package the automated attack and evaluate it against a benchmark chemical process, demonstrating the feasibility of advanced attacks even in constrained scenarios.

Original languageEnglish (US)
Title of host publicationProceedings of the 15th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2020
PublisherAssociation for Computing Machinery, Inc
Pages744-758
Number of pages15
ISBN (Electronic)9781450367509
DOIs
StatePublished - Oct 5 2020
Event15th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2020 - Virtual, Online, Taiwan, Province of China
Duration: Oct 5 2020Oct 9 2020

Publication series

NameProceedings of the 15th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2020

Conference

Conference15th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2020
CountryTaiwan, Province of China
CityVirtual, Online
Period10/5/2010/9/20

Keywords

  • fingerprinting
  • industrial control systems security
  • machine learning
  • process-aware attacks

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'I came, i saw, i hacked: Automated Generation of Process-independent Attacks for Industrial Control Systems'. Together they form a unique fingerprint.

Cite this