Real-time and interactive attacks on DNP3 critical infrastructure using Scapy
Rodofile, Nicholas, Radke, Kenneth, & Foo, Ernest (2015) Real-time and interactive attacks on DNP3 critical infrastructure using Scapy. In Welch, Ian & Yi, Xun (Eds.) Australasian Information Security Conference (ACSW-AISC), 27-30 January 2015, Sydney, NSW.
The Distributed Network Protocol v3.0 (DNP3) is one of the most widely used protocols, to control national infrastructure. Widely used interactive packet manipulation tools, such as Scapy, have not yet been augmented to parse and create DNP3 frames (Biondi 2014). In this paper we extend Scapy to include DNP3, thus allowing us to perform attacks on DNP3 in real-time. Our contribution builds on East et al. (2009), who proposed a range of possible attacks on DNP3. We implement several of these attacks to validate our DNP3 extension to Scapy, then executed the attacks on real world equipment. We present our results, showing that many of these theoretical attacks would be unsuccessful in an Ethernet-based network.
Impact and interest:
Citation counts are sourced monthly from and citation databases.
These databases contain citations from different subsets of available publications and different time periods and thus the citation count from each is usually different. Some works are not in either database and no count is displayed. Scopus includes citations from articles published in 1996 onwards, and Web of Science® generally from 1980 onwards.
Citations counts from theindexing service can be viewed at the linked Google Scholar™ search.
Full-text downloads displays the total number of times this work’s files (e.g., a PDF) have been downloaded from QUT ePrints as well as the number of downloads in the previous 365 days. The count includes downloads for all files if a work has more than one.
|Item Type:||Conference Paper|
|Keywords:||Substations, Distributed Network Protocol 3.0,, DNP3,, Critical Infrastructure Security, Scapy|
|Divisions:||Current > Schools > School of Electrical Engineering & Computer Science
Current > Institutes > Institute for Future Environments
Current > QUT Faculties and Divisions > Science & Engineering Faculty
|Copyright Owner:||Copyright 2015 Commonwealth of Australia|
|Copyright Statement:||This paper
appeared at the 13th Australasian Information Security Conference
(AISC 2015), Sydney, Australia. Conferences in Research
and Practice in Information Technology (CRPIT), Vol.
161, Ian Welch and Xun Yi, Ed. Reproduction for academic,
not-for-profit purposes permitted provided this text is included.
|Deposited On:||04 Feb 2015 23:33|
|Last Modified:||06 Feb 2015 00:49|
Repository Staff Only: item control page