Combating Memory Corruption Attacks On Scada Devices
نویسندگان
چکیده
Memory corruption attacks on SCADA devices can cause significant disruptions to control systems and the industrial processes they operate. However, despite the presence of numerous memory corruption vulnerabilities, few, if any, techniques have been proposed for addressing the vulnerabilities or for combating memory corruption attacks. This paper describes a technique for defending against memory corruption attacks by enforcing logical boundaries between potentially hostile data and safe data in protected processes. The technique encrypts all input data using random keys; the encrypted data is stored in main memory and is decrypted according to the principle of least privilege just before it is processed by the CPU. The defensive technique affects the precision with which attackers can corrupt control data and pure data, protecting against code injection and arc injection attacks, and alleviating problems posed by the incomparability of mitigation techniques. An experimental evaluation involving the popular Modbus protocol demonstrates the feasibility and efficiency of the defensive technique.
منابع مشابه
Umbra: Embedded Web Security Through Application-Layer Firewalls
Embedded devices with web interfaces are prevalent, but, due to memory and processing constraints, implementations typically make use of Common Gateway Interface (CGI) binaries written in low-level, memory-unsafe languages. This creates the possibility of memory corruption attacks as well as traditional web attacks. We present Umbra, an application-layer firewall specifically designed for prote...
متن کاملCFI CaRE: Hardware-Supported Call and Return Enforcement for Commercial Microcontrollers
With the increasing scale of deployment of Internet of Things (IoT), concerns about IoT security have become more urgent. In particular, memory corruption attacks play a predominant role as they allow remote compromise of IoT devices. Control-flow integrity (CFI) is a promising and generic defense technique against these attacks. However, given the nature of IoT deployments, existing protection...
متن کاملPrevention of Corruption in Public Purchases
The results of dissertation research "Preventing and combating corruption in public procurement" are presented in this publication. The study was conducted 2011 till 2013 in a Member State of the European Union– in the Republic of Latvia. Goal of the thesis is to explore corruption prevention and combating issues in public procurement sphere, to identify the prevalence rates, determinants and c...
متن کاملDetection and Prevention of Memory Corruption Attacks
Vulnerabilities in software programs made possible the widespread and frequent occurrence of malware outbreaks. Extensive research has been devoted to detection and prevention of control hijacking attacks due to their prevalence. The non-control data attacks are not yet so prevalent, but, as more and more avenues are closed for the malicious software authors they will gain
متن کاملExploiting SCADA vulnerabilities using a Human Interface Device
SCADA (Supervisory Control and Data Acquisition) systems are used to control and monitor critical national infrastructure functions like electricity, gas, water and railways. Field devices such as PLC’s (Programmable Logic Controllers) are one of the most critical components of a control system. Cyber-attacks usually target valuable infrastructures assets, taking advantage of architectural/tech...
متن کامل