This article discusses a comprehensive methodology for designing an Advanced Persistent Threat (APT), which is a stealthy and continuous type of cyberattack with a high level of sophistication suitable for the complex environment of Industrial Control Systems (ICS). The article also explains defensive strategies that can assist in thwarting cyberattacks. The APT design process begins with Reconnaissance, which is continuously undertaken throughout the lifetime of a cyberattack campaign. With regard to securing the network infrastructure of an ICS, best practices for network security should be enforced. These could include the use of firewalls, Intrusion Detection or Prevention Systems (IDS/IPS), and network separation between corporate and field networks. A new field of research for securing ICS relates to process-aware defense mechanisms. These mechanisms analyze information directly from the field and try to detect anomalies specific to the physical characteristics of an ICS process.

Issue Section:
Select Articles
Topics:
Design, Industrial controls, Security, Computer software, Hardware

References

1.
L.
Sha
,
S.
Gopalakrishnan
,
X.
Liu
,
Q.
Wang
, “Cyber-Physical Systems: A New Frontier,” IEEE International Conference on Sensor Networks, Ubiquitous and Trustworthy Computing,
2008
.
2.
K.
Stouffer
,
V.
Pillitteri
,
S.
Lightman
,
M.
Abrams
,
A.
Hahn
, “Guide to Industrial Control Systems (ICS) Security,” NIST Special Publication 800-82 Revision 2,
2015
.
3.
“Industrial hacking - the untold story,” Computer-Weekly.com, August 10,
2015
.
4.
N.
Falliere
,
L. O.
Murchu
,
E.
Chien
, “W32. Stuxnet Dossier v1.4,” White paper, Symantec Corp.,
2011
.
5.
T.
de Maizière
, “The State of IT Security in Germany 2014,” German Federal Office for Information Security Report,
2014
.
6.
“Inside the cunning, unprecedented hack of Ukraine's power grid,” WIRED, March 3,
2016
.
7.
G.
Locke
,
P. D.
Gallagher
, “Managing Information Security Risk: Organization, Mission, and Information System View,” NIST Special Publication 800-39,
2011
.
8.
A.
Basta
,
N.
Basta
,
M.
Brown
, “Computer security and penetration testing,” Cengage Learning,
2013
.
9.
L.
Gordon
, “Nmap network scanning: The official Nmap project guide to network discovery and security scanning,” Insecure,
2009
.
10.
R.
Bodenheim
,
J.
Butts
,
S.
Dunlap
,
B.
Mullins
,
“Evaluation of the ability of the Shodan search engine to identify Internet-facing industrial control devices,”
International Journal of Critical Infrastructure Protection
7
, pp.
114
123
,
2014
.
Google Scholar
Crossref
Search ADS
 
11.
A.
Keliris
,
M.
Maniatakos
, “Remote field device fingerprinting using device-specific Modbus information”, IEEE International Midwest Symposium on Circuits and Systems,
2016
12.
“Vulnerability Scanning Tools”, Open Web Application Security Project, June 15,
2016
13.
“The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT),” Department of Homeland Security,
2016
.
14.
A.
Keliris
,
C.
Konstantinou
,
N.
Tsoutsos
,
R.
Baiad
,
M.
Maniatakos
, “Enabling Multi-Layer Cyber-Security Assessment of Industrial Control Systems through Hardware-in-the-Loop Testbeds,” 21st Asia and South Pacific Design Automation Conference,
2016
.
15.
M.
Krotofil
,
J.
Larsen
, “Rocking the pocket book: Hacking chemical plants”, DEF CON,
2015
.
16.
A.
Keliris
,
H.
Salehghaffari
,
B.
Cairl
,
P.
Krishnamurthy
,
M.
Maniatakos
,
F.
Khorrami
, “Machine Learning-based Defense Against Process-Aware Attacks on Industrial Control Systems”, IEEE International Test Conference,
2016
.
17.
S.
McLaughlin
,
P.
McDaniel
, “SABOT: Specificationbased payload generation for Programmable Logic Controllers.” Proceedings of the 2012 ACM conference on Computer and communications security,
2012
.
18.
“Exploit frameworks”, Digital Bond, http://www.digitalbond.com/scadapedia/exploit-frameworks/ Accessed: Nov.
2016
.
Copyright © 2017 by ASME
You do not currently have access to this content.