Data di Pubblicazione:
2008
Citazione:
Combating memory corruption attacks on SCADA devices / C. Bellettini, J. Rrushi (IFIP INTERNATIONAL FEDERATION FOR INFORMATION PROCESSING). - In: Critical Infrastructure Protection II / [a cura di] M. Papa, S. Shenoi. - [s.l] : Springer, 2008. - ISBN 9780387885223. - pp. 141-156 (( convegno International Conference on Critical Infrastructure Protection tenutosi a Arlington nel 2008 [10.1007/978-0-387-88523-0_11].
Abstract:
Memory corruption attacks on SCADA devices can cause significant dis- ruptions to control systems and the industrial processes they operate. However, despite the presence of numerous memory corruption vulner- abilities, few, if any, techniques have been proposed for addressing the vulnerabilities or for combating memory corruption attacks. This paper describes a technique for defending against memory corruption attacks by enforcing logical boundaries between potentially hostile data and safe data in protected processes. The technique encrypts all input data using random keys; the encrypted data is stored in main memory and is decrypted according to the principle of least privilege just before it is processed by the CPU. The defensive technique affects the precision with which attackers can corrupt control data and pure data, protecting against code injection and arc injection attacks, and alleviating prob- lems posed by the incomparability of mitigation techniques. An experi- mental evaluation involving the popular Modbus protocol demonstrates the feasibility and efficiency of the defensive technique.
Tipologia IRIS:
03 - Contributo in volume
Keywords:
SCADA systems; memory corruption attacks; Modbus protocol
Elenco autori:
C. Bellettini, J. Rrushi
Link alla scheda completa:
Titolo del libro:
Critical Infrastructure Protection II