Abstract
Industrial plants like power, gas, water, and transport are controlled remotely and managed by a protocol like Modbus-TCP which has a significant contribution towards Industrial Control systems (ICS) and Supervisory control and data acquisition (SCADA) systems. In the previous years, occurrences of cyber-attacks influenced the SCADA structures and their associated protocols though few in numbers but lethal. The attack may affect the confidentiality and integrity of the Modbus/TCP module and unauthorized control of coils and registers has the potential for appalling conditions in some unacceptable situations. The proposed work investigates the security of an industrial framework utilizing the Modbus transmission convention in an ICS to build up a particular security test framework for the discovery attack, Man in the middle (MIMT) attack, Denial of Service (DoS), and Metasploit attack. This work focuses to execute the attack results and show the interaction in the virtual climate of Conpot and Rapid SCADA and presents an analysis using CVSS 3.1 score to compare the Metasploit, DOS, MITM in terms of vulnerabilities and threat levels. Finally, the severity of ease of happening for different attacks is mentioned as a conclusion of this study.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Upadhyay, D., Sampalli, S.: SCADA (supervisory control and data acquisition) systems: vulnerability assessment and security recommendations. Comput. Secur. 89, 101666 (2020)
Stranahan, J., Soni, T., Heydari, V.: Supervisory control and data acquisition testbed vulnerabilities and attacks. In: SoutheastCon 2019, pp. 1–5 (2019). https://doi.org/10.1109/SoutheastCon42311.2019.9020436
Xuan, L., Yongzhong, L.: Research and implementation of Modbus TCP security enhancement protocol. J. Phys: Conf. Ser. 1213, 052058 (2019). https://doi.org/10.1088/1742-6596/1213/5/052058
Radoglou-Grammatikis, P., Siniosoglou, I., Liatifis, T., Kourouniadis, A., Rompolos, K., Sarigiannidis, P.: Implementation and detection of modbus cyberattacks. In: 2020 9th International Conference on Modern Circuits and Systems Technologies (MOCAST), pp. 1–4 (2020). https://doi.org/10.1109/MOCAST49295.2020.9200287
Wilson, P.L.: ModSec: A secure Modbus protocol. SMARTech Home (2018). https://smartech.gatech.edu/handle/1853/62615
Parian, C., Guldimann, T., Bhatia, S.: Fooling the master: exploiting weaknesses in the Modbus protocol. Procedia Comput. Sci. 171, 2453–2458 (2020)
Chou, C.-H., et al.: Modbus packet analysis and attack mode for SCADA system. J. ICT Des. Eng. Technol. Sci. 2, 30–35 (2018). https://doi.org/10.33150/JITDETS-2.2.1
Parcharidis, M.: Simulation of cyber attacks against SCADA systems - Thesis presentation (2018)
Gamess, E., Smith, B., Iii, G.: Performance evaluation of Modbus TCP in normal operation and under a distributed denial of service attack. Int. J. Comput. Netw. Commun. 12, 1–21 (2020). https://doi.org/10.5121/ijcnc.2020.12201
Nyasore, O.N., Zavarsky, P., Swar, B., Naiyeju, R., Dabra, S.: Deep packet inspection in industrial automation control system to mitigate attacks exploiting modbus/TCP vulnerabilities, pp. 241–245 (2020). https://doi.org/10.1109/BigDataSecurity-HPSC-IDS49724.2020.00051
Siddavatam, I.A., Parekh, S., Shah, T., Kazi, F.: Testing and validation of Modbus/TCP protocol for secure SCADA communication in CPS using formal methods. Scalable Comput. Pract. Exp. 18(4), 313–330 (2017). https://doi.org/10.12694/scpe.v18i4.1331
Fachkha, C.: Cyber threat investigation of SCADA Modbus activities. In: 2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS), pp. 1–7 (2019). https://doi.org/10.1109/NTMS.2019.8763817
Peng, T., Leckie, C., Ramamohanarao, K.: Protection from distributed denial of service attacks using history-based IP filtering. In: IEEE International Conference on Communications, ICC 2003, vol. 1. IEEE (2003)
Zaballos, A., Vallejo, A., Selga, J.M.: Heterogeneous communication architecture for the smart grid. IEEE Network 25(5), 30–37 (2011)
Gawande, A.R.: DDoS detection and mitigation using machine learning. Dissertations, Rutgers University-Camden Graduate School (2018)
Ullah, I., Mahmoud, Q.H.: An intrusion detection framework for the smart grid. In: 2017 IEEE 30th Canadian Conference on Electrical and Computer Engineering (CCECE). IEEE (2017)
Wei, L., et al.: Review of cyber-physical attacks and counter defense mechanisms for advanced metering infrastructure in smart grid. In: 2018 IEEE/PES Transmission and Distribution Conference and Exposition (TD). IEEE (2018)
Zafar, R., et al.: Applications of ZigBee in smart grid environment: a review. In: Proceedings of the 2nd International Conference on Engineering and Emerging Technologies (ICEET). Superior University, Lahore (2015)
Chen, T.M., Sanchez-Aarnoutse, J.C., Buford, J.: Petri net modeling of cyber-physical attacks on smart grid. IEEE Trans. Smart Grid 2(4), 741–749 (2011)
Kundur, D., et al.: Towards modelling the impact of cyber attacks on a smart grid. Int. J. Secur. Netw. 6(1), 2–13 (2011)
Emmanuel, M., Seah, W.K., Rayudu, R.: Communication architecture for smart grid applications. In: 2018 IEEE Symposium on Computers and Communications (ISCC). IEEE (2018)
GitHub. https://github.com/zhanglongqi/qModMaster. GitHub - zhanglongqi/qModMaster: The maintainer’s repo. https://github.com/ed-chemnitz/qmodbus/. Accessed 27 Aug 2021
ModbusPal. ModbusPal - Java MODBUS simulator. http://modbuspal.sourceforge.net/. Accessed 27 Aug 2021
Huitsing, P., Chandia, R., Papa, M., Shenoi, S.: Attack taxonomies for the Modbus protocols. Int. J. Crit. Infrastruct. Prot. 1, 37–44 (2008)
Gamess, E., Smith, B., Francia, G.: Performance evaluation of Modbus TCP in normal operation and under a distributed denial of service attack. Int. J. Comput. Netw. Commun. (IJCNC) 12(2), 1–21 (2020)
Sinha, A., et al.: Cyber physical defense framework for distributed smart grid applications. Front. Energy Res. 8, 407 (2021)
Sinha, A., et al.: Critical infrastructure security: cyber-physical attack prevention, detection, and countermeasures. In: Quantum Cryptography and the Future of Cyber Security, pp. 134–162. IGI Global (2020)
Singh, J., et al.: Insider attack mitigation in a smart metering infrastructure using reputation score and blockchain technology. Int. J. Inf. Secur. 1–20 (2021)
Acknowledgement
The work is funded by Department of Science and Technology(DST), India for the Cyber Physical Security in Energy Infrastructure for Smart Cities (CPSEC) project under Smart Environments theme of Indo-Norwegian Call.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 Springer Nature Switzerland AG
About this paper
Cite this paper
Sinha, A., Patel, S.S., Kumar, A., Vyas, O.P. (2022). Exploiting Vulnerabilities in the SCADA Modbus Protocol: An ICT-Reliant Perspective. In: Woungang, I., Dhurandher, S.K., Pattanaik, K.K., Verma, A., Verma, P. (eds) Advanced Network Technologies and Intelligent Computing. ANTIC 2021. Communications in Computer and Information Science, vol 1534. Springer, Cham. https://doi.org/10.1007/978-3-030-96040-7_8
Download citation
DOI: https://doi.org/10.1007/978-3-030-96040-7_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-96039-1
Online ISBN: 978-3-030-96040-7
eBook Packages: Computer ScienceComputer Science (R0)