Optimizing Internet Scanning for Assessing Industrial Systems Exposure

Abstract : Industrial systems are composed of multiple components whose security has not been addressed for a while. Even if recent propositions target to improve it, they are still often exposed to vulnerabilities, since their components are hard to update or replace. In parallel, they tend to be more and more exposed in the public Internet for convenience. Although awareness of such a problem has been raised, there is no precise evaluation of such a risk. In this paper, we define a methodology to measure the exposure of industrial systems through Internet. In particular, a carefully designed scanning approach, named WiScan, is proposed with a low footprint due to the high sensitivity and low resources of targeted systems. It has been applied on the entire IPv4 address space, by targeting specific SCADA ports.
Keywords : Scanning Scada CPS ICS
Document type :
Conference papers
Complete list of metadatas

Cited literature [22 references]  Display  Hide  Download

https://hal.inria.fr/hal-01371674
Contributor : Jérôme François <>
Submitted on : Thursday, November 17, 2016 - 9:18:58 AM
Last modification on : Thursday, February 7, 2019 - 2:22:29 PM
Long-term archiving on : Thursday, March 16, 2017 - 3:52:24 PM

File

trac2016CR.pdf
Files produced by the author(s)

Identifiers

Collections

Citation

Jérôme François, Abdelkader Lahmadi, Valentin Giannini, Damien Cupif, Frédéric Beck, et al.. Optimizing Internet Scanning for Assessing Industrial Systems Exposure. 7th International Workshop on TRaffic Analysis and Characterization, Sep 2016, Paphos, Cyprus. ⟨10.1109/IWCMC.2016.7577111⟩. ⟨hal-01371674⟩

Share

Metrics

Record views

511

Files downloads

337