Poisoned GOOSE : exploiting the GOOSE protocol
Kush, Nishchal, Branagan, Mark, Foo, Ernest, & Ahmed, Ejaz (2014) Poisoned GOOSE : exploiting the GOOSE protocol. In Parampali, Udaya & Welch, Ian (Eds.) Proceedings of the Twelfth Australasian Information Security Conference (AISC 2014) [Conferences in Research and Practice in Information Technology, Volume 149], Australian Computer Society, Inc., Auckland University of Technology, Auckland, pp. 17-22.
This paper presents a vulnerability within the generic object oriented substation event (GOOSE) communication protocol. It describes an exploit of the vulnerability and proposes a number of attack variants. The attacks sends GOOSE frames containing higher status numbers to the receiving intelligent electronic device (IED). This prevents legitimate GOOSE frames from being processed and effectively causes a hijacking of the communication channel, which can be used to implement a denial–of–service (DoS) or manipulate the subscriber (unless a status number roll-over occurs). The authors refer to this attack as a poisoning of the subscriber. A number of GOOSE poisoning attacks are evaluated experimentally on a test bed and demonstrated to be successful.
Impact and interest:
Citation counts are sourced monthly from and citation databases.
Citations counts from theindexing service can be viewed at the linked Google Scholar™ search.
|Item Type:||Conference Paper|
|Keywords:||substations, GOOSE protocol, critical infrastructure security|
|Subjects:||Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000) > OTHER INFORMATION AND COMPUTING SCIENCES (089900) > Information and Computing Sciences not elsewhere classified (089999)|
|Divisions:||Current > Schools > School of Electrical Engineering & Computer Science
Current > Institutes > Institute for Future Environments
Current > QUT Faculties and Divisions > Science & Engineering Faculty
|Copyright Owner:||Copyright 2014, Australian Computer Society, Inc.|
|Copyright Statement:||This paper appeared at the Australasian Information Security Conference (ACSW-AISC 2014), Auckland, New Zealand, January 2014. Conferences in Research and Practice in Information Technology (CRPIT), Vol. 149, Udaya Parampalli and Ian Welch, Ed. Reproduction for academic, not-for-profit purposes permitted provided this text is included.|
|Deposited On:||16 Jan 2014 22:20|
|Last Modified:||03 Apr 2014 17:59|
Repository Staff Only: item control page