Ghost in the PLC vs GhostBuster: on the feasibility of detecting pin control attack in Programmable Logic Controllers

A. Abbasi, Andrea Genuise

Research output: Chapter in Book/Report/Conference proceedingForeword/postscriptAcademic

171 Downloads (Pure)

Abstract

Programmable Logic Controllers (PLCs) are a family of embedded devices used for physical process control. Similar to other embedded devices, PLCs are vulnerable to cyber attacks. Because they are used to control the physical processes of critical infrastructures, compromised PLCs constitute a significant security and safety risk. Previously we introduced specific attack against PLCs which can stealthily manipulate the physical process it controls by tampering with the device I/O at a low level. We implemented different variants of the attack in the form of a rootkit and a user-space malicious code over a candidate PLC. We then move forward with a tailored defense which specifically detect modification of PLCs I/O to detect our attack.
Original languageEnglish
Title of host publicationGhost in the PLC vs GhostBuster
Subtitle of host publicationOn the Feasibility of Detecting Pin Control Attack in Programmable Logic Controllers
Number of pages72
Publication statusUnpublished - 1 May 2017

Keywords

  • PLC
  • PCA
  • detection
  • ICS
  • SCADA

Fingerprint Dive into the research topics of 'Ghost in the PLC vs GhostBuster: on the feasibility of detecting pin control attack in Programmable Logic Controllers'. Together they form a unique fingerprint.

  • Press / Media

    Vanishing Point: New PLC Malware Leverages Processor Problems to Go Dark

    Ali Abbasi

    3/12/16

    1 item of Media coverage

    Press/Media: Expert Comment

    Cite this

    Abbasi, A., & Genuise, A. (2017). Ghost in the PLC vs GhostBuster: on the feasibility of detecting pin control attack in Programmable Logic Controllers. Unpublished. In Ghost in the PLC vs GhostBuster: On the Feasibility of Detecting Pin Control Attack in Programmable Logic Controllers