skip to main content
research-article

An Experimental Analysis of Security Vulnerabilities in Industrial IoT Devices

Authors Info & Claims
Published:18 May 2020Publication History
Skip Abstract Section

Abstract

The revolutionary development of the Internet of Things has triggered a huge demand for Internet of Things devices. They are extensively applied to various fields of social activities, and concerning manufacturing, they are a key enabling concept for the Industry 4.0 ecosystem. Industrial Internet of Things (IIoT) devices share common vulnerabilities with standard IoT devices, which are increasingly exposed to the attackers. As such, connected industrial devices may become sources of cyber, as well as physical, threats for people and assets in industrial environments.

In this work, we examine the attack surfaces of a networked embedded system, composed of devices representative of those typically used in the IIoT field. We carry on an analysis of the current state of the security of IIoT technologies. The analysis guides the identification of a set of attack vectors for the examined networked embedded system. We set up the corresponding concrete attack scenarios to gain control of the system actuators and perform some hazardous operations. In particular, we propose a couple of variations of Mirai attack specifically tailored for attacking industrial environments. Finally, we discuss some possible

References

  1. Jinesh Ahamed and Amala V. Rajan. 2016. Internet of Things (IoT): Application systems and security vulnerabilities. In Proceedings of the 5th International Conference on Electronic Devices, Systems, and Applications (ICEDSA’16). IEEE, Los Alamitos, CA, 1--5.Google ScholarGoogle Scholar
  2. Haneen Al-Alami, Ali Hadi, and Hussein Al-Bahadili. 2017. Vulnerability scanning of IoT devices in Jordan using Shodan. In Proceedings of the 2nd International Conference on the Applications of Information Technology in Developing Renewable Energy Processes and Systems (IT-DREPS’17). IEEE, Los Alamitos, CA, 1--6. DOI:https://doi.org/10.1109/IT-DREPS.2017.8277814Google ScholarGoogle ScholarCross RefCross Ref
  3. Cristina Alcaraz, Rodrigo Roman, Pablo Najera, and Javier Lopez. 2013. Security of industrial sensor network-based remote substations in the context of the Internet of Things. Ad Hoc Networks 11, 3 (2013), 1091--1104.Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Oxana Andreeva, Sergey Gordeychik, Gleb Gritsai, Olga Kochetova, Evgeniya Potseluevskaya, Sergey I. Sidorov, and Alexander A. Timorin. 2016. Industrial Control Systems Vulnerabilities Statistics. Technical Report. Kaspersky.Google ScholarGoogle Scholar
  5. Manos Antonakakis, Tim April, Michael Bailey, Matt Bernhard, Elie Bursztein, Jaime Cochran, Zakir Durumeric, et al. 2017. Understanding the Mirai botnet. In Proceedings of the USENIX Security Symposium. 1092--1110.Google ScholarGoogle Scholar
  6. Roland Bodenheim, Jonathan Butts, Stephen Dunlap, and Barry Mullins. 2014. Evaluation of the ability of the Shodan search engine to identify Internet-facing industrial control devices. International Journal of Critical Infrastructure Protection 7, 2 (2014), 114--123.Google ScholarGoogle ScholarCross RefCross Ref
  7. Sujit Rokka Chhetri, Nafiul Rashid, Sina Faezi, and Mohammad Abdullah Al Faruque. 2017. Security trends and advances in manufacturing systems in the era of Industry 4.0. In Proceedings of the IEEE/ACM International Conference on Computer-Aided Design (ICCAD’17).Google ScholarGoogle ScholarCross RefCross Ref
  8. John Demme, Matthew Maycock, Jared Schmitz, Adrian Tang, Adam Waksman, Simha Sethumadhavan, and Salvatore Stolfo. 2013. On the feasibility of online malware detection with performance counters. ACM SIGARCH Computer Architecture News 41 (2013), 559--570.Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Rainer Drath and Alexander Horch. 2014. Industrie 4.0: Hit or hype? IEEE Industrial Electronics Magazine 8, 2 (2014), 56--58.Google ScholarGoogle ScholarCross RefCross Ref
  10. Arvind Easwaran, Anupam Chattopadhyay, and Shivam Bhasin. 2017. A systematic security analysis of real-time cyber-physical systems. In Proceedings of the 22nd Asia and South Pacific Design Automation Conference (ASP-DAC’17). IEEE, Los Alamitos, CA, 206--213.Google ScholarGoogle ScholarCross RefCross Ref
  11. Alasdair Gilchrist. 2016. Industry 4.0: The Industrial Internet of Things. Springer.Google ScholarGoogle Scholar
  12. Joffrey Guilbon. 2018. Introduction to Trusted Execution Environment: ARM’s TrustZone. Retrieved October 8, 2019 from https://blog.quarkslab.com/introduction-to-trusted-execution-environment-arms-trustzone.html.Google ScholarGoogle Scholar
  13. Rachana Ashok Gupta and Mo-Yuen Chow. 2009. Networked control system: Overview and research trends. IEEE Transactions on Industrial Electronics 57, 7 (2009), 2527--2535.Google ScholarGoogle ScholarCross RefCross Ref
  14. Scott Hilton. 2016. Dyn Analysis Summary of Friday October 21 Attack. Retrieved November 6, 2018 from https://dyn.com/blog/dyn-analysis-summary-of-friday-october-21-attack/.Google ScholarGoogle Scholar
  15. Isatou Hydara, Abu Bakar Md Sultan, Hazura Zulzalil, and Novia Admodisastro. 2015. Current state of research on cross-site scripting (XSS)—A systematic literature review. Information and Software Technology 58 (2015), 170--186.Google ScholarGoogle ScholarCross RefCross Ref
  16. Xuxian Jiang, Xinyuan Wang, and Dongyan Xu. 2007. Stealthy malware detection through VMM-based out-of-the-box semantic view reconstruction. In Proceedings of the 14th ACM Conference on Computer and Communications Security. ACM, New York, NY, 128--138.Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Arun Kanuparthi, Jeyavijayan Rajendran, and Ramesh Karri. 2016. Controlling your control flow graph. In Proceedings of the IEEE International Symposium on Hardware Oriented Security and Trust (HOST’16). IEEE, Los Alamitos, CA, 43--48.Google ScholarGoogle ScholarCross RefCross Ref
  18. Kaspersky Lab. 2019. Security Research: ThingsPro Suite—IIoT gateway and device manager by Moxa | Kaspersky Lab ICS CERT. Retrieved March 22, 2020 from https://ics-cert.kaspersky.com/reports/2019/01/22/security-research-thingspro-suite-iiot-gateway-and-device-manager-by-moxa/.Google ScholarGoogle Scholar
  19. Khaled N. Khasawneh, Meltem Ozsoy, Caleb Donovick, Nael Abu-Ghazaleh, and Dmitry Ponomarev. 2015. Ensemble learning for low-level hardware-supported malware detection. In Proceedings of the International Workshop on Recent Advances in Intrusion Detection. 3--25.Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Kirill Shipulin. 2017. Practical ways to misuse a router. Positive Technologies. Retrieved November 8, 2018 from http://blog.ptsecurity.com/2017/06/practical-ways-to-misuse-router.html.Google ScholarGoogle Scholar
  21. Clemens Kolbitsch, Paolo Milani Comparetti, Christopher Kruegel, Engin Kirda, Xiao-Yong Zhou, and XiaoFeng Wang. 2009. Effective and efficient malware detection at the end host. In Proceedings of the USENIX Security Symposium, Vol. 4. 351--366.Google ScholarGoogle Scholar
  22. Constantinos Kolias, Georgios Kambourakis, Angelos Stavrou, and Jeffrey Voas. 2017. DDoS in the IoT: Mirai and other botnets. Computer 50, 7 (2017), 80--84.Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Michael J. Lee, Robert M. Assante, and Tim Conway. 2016. Analysis of the Cyber Attack on the Ukrainian Power Grid. Electricity Information Sharing and Analysis Center.Google ScholarGoogle Scholar
  24. Jon R. Lindsay. 2013. Stuxnet and the limits of cyber warfare. Security Studies 22, 3 (2013), 365--404.Google ScholarGoogle Scholar
  25. Bernard Ngabonziza, Daniel Martin, Anna Bailey, Haehyun Cho, and Sarah Martin. 2016. Trustzone explained: Architectural features and use cases. In Proceedings of the IEEE 2nd International Conference on Collaboration and Internet Computing (CIC’16). IEEE, Los Alamitos, CA, 445--451.Google ScholarGoogle ScholarCross RefCross Ref
  26. NJCCIC. 2017. BlackEnergy. Retrieved October 3, 2019 from https://www.cyber.nj.gov/threat-profiles/ics-malware-variants/blackenergy.Google ScholarGoogle Scholar
  27. NJCCIC. 2017. CRASHOVERRIDE. Retrieved October 3, 2019 from https://www.cyber.nj.gov/threat-profiles/ics-malware-variants/crashoverride.Google ScholarGoogle Scholar
  28. NJCCIC. 2017. Havex. Retrieved October 3, 2019 from https://www.cyber.nj.gov/threat-profiles/ics-malware-variants/havex.Google ScholarGoogle Scholar
  29. NJCCIC. 2017. Stuxnet. Retrieved October 2, 2019 from https://www.cyber.nj.gov/threat-profiles/ics-malware-variants/stuxnet.Google ScholarGoogle Scholar
  30. NJCCIC. 2017. TRISIS/TRITON. Retrieved May 1, 2020 from https://njccic.squarespace.com/threat-profiles/ics-malware-variants/triton..Google ScholarGoogle Scholar
  31. OWASP. 2018. Top 10 IoT Vulnerabilities. Retrieved September 30, 2019 from https://www.owasp.org/index.php/OWASP_Internet_of_Things_Project.Google ScholarGoogle Scholar
  32. Meltem Ozsoy, Caleb Donovick, Iakov Gorelik, Nael Abu-Ghazaleh, and Dmitry Ponomarev. 2015. Malware-aware processors: A framework for efficient online malware detection. In Proceedings of the IEEE 21st International Symposium on High Performance Computer Architecture (HPCA’15). IEEE, Los Alamitos, CA, 651--661.Google ScholarGoogle ScholarCross RefCross Ref
  33. Nisarg Patel, Avesta Sasan, and Houman Homayoun. 2017. Analyzing hardware based malware detectors. In Proceedings of the 54th IEEE/ACM Design Automation Conference (DAC’17). ACM, New York, NY, 25.Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Diego Perez-Botero, Jakub Szefer, and Ruby B. Lee. 2013. Characterizing hypervisor vulnerabilities in cloud computing servers. In Proceedings of the 2013 International Workshop on Security in Cloud Computing. ACM, New York, NY, 3--10.Google ScholarGoogle Scholar
  35. Erik Puik, Daniel Telgen, Leo van Moergestel, and Darek Ceglarek. 2017. Assessment of reconfiguration schemes for reconfigurable manufacturing systems based on resources and lead time. Robotics and Computer-Integrated Manufacturing 43 (2017), 30--38.Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. Davide Quarta, Marcello Pogliani, Mario Polino, Federico Maggi, Andrea Maria Zanchettin, and Stefano Zanero. 2017. An experimental security analysis of an industrial robot controller. In Proceedings of the 2017 IEEE Symposium on Security and Privacy (SP’17). IEEE, Los Alamitos, CA, 268--286.Google ScholarGoogle ScholarCross RefCross Ref
  37. Ahmad-Reza Sadeghi, Christian Wachsmann, and Michael Waidner. 2015. Security and privacy challenges in industrial Internet of Things. In Proceedings of the 52nd IEEE/ACM Design Automation Conference (DAC’15). ACM, New York, NY, 54.Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. Hossein Sayadi, Hosein Mohammadi Makrani, Onkar Randive, Sai Manoj P. D., Setareh Rafatirad, and Houman Homayoun. 2018. Customized machine learning-based hardware-assisted malware detection in embedded devices. In Proceedings of the 17th IEEE International Conference on Trust, Security, and Privacy in Computing and Communications and the 12th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE’18). IEEE, Los Alamitos, CA, 1685--1688.Google ScholarGoogle Scholar
  39. Hossein Sayadi, Nisarg Patel, Sai Manoj P. D., Avesta Sasan, Setareh Rafatirad, and Houman Homayoun. 2018. Ensemble learning for effective run-time hardware-based malware detection: A comprehensive analysis and classification. In Proceedings of the 55th ACM/ESDA/IEEE Design Automation Conference (DAC’18). IEEE, Los Alamitos, CA, 1--6.Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. Hamdija Sinanovic and Sasa Mrdovic. 2017. Analysis of Mirai malicious software. In Proceedings of the International Conference on Software, Telecommunications, and Computer Networks. 1--5.Google ScholarGoogle ScholarCross RefCross Ref
  41. Emiliano Sisinni, Abusayeed Saifullah, Song Han, Ulf Jennehag, and Mikael Gidlund. 2018. Industrial Internet of Things: Challenges, opportunities, and directions. IEEE Transactions on Industrial Informatics 14, 11 (2018), 4724--4734.Google ScholarGoogle ScholarCross RefCross Ref
  42. John A. Stankovic. 2014. Research directions for the Internet of Things. IEEE Internet of Things Journal 1, 1 (2014), 3--9.Google ScholarGoogle Scholar
  43. Andrea Tundis, Wojciech Mazurczyk, and Max Mühlhäuser. 2018. A review of network vulnerabilities scanning tools. In Proceedings of the 13th International Conference on Availability, Reliability, and Security (ARES’18). ACM, Los Alamitos, CA, 1--10. DOI:https://doi.org/10.1145/3230833.3233287Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. Emmanouil Vasilomanolakis, Jörg Daubert, Manisha Luthra, Vangelis Gazis, Alex Wiesmaier, and Panayotis Kikiras. 2015. On the security and privacy of Internet of Things architectures and systems. In Proceedings of the International Workshop on Secure Internet of Things (SIoT’15). IEEE, Los Alamitos, CA, 49--57.Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. Xueyang Wang and Ramesh Karri. 2015. Reusing hardware performance counters to detect and identify kernel control-flow modifying rootkits. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 35, 3 (2015), 485--498.Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. Rolf H. Weber. 2010. Internet of Things—New security and privacy challenges. Computer Law 8 Security Review 26, 1 (2010), 23--30.Google ScholarGoogle Scholar
  47. Jacob Wurm, Khoa Hoang, Orlando Arias, Ahmad-Reza Sadeghi, and Yier Jin. 2016. Security analysis on consumer and Industrial IoT devices. In Proceedings of the 21st Asia and South Pacific Design Automation Conference (ASP-DAC’16). IEEE, Los Alamitos, CA, 519--524.Google ScholarGoogle ScholarDigital LibraryDigital Library
  48. Liwei Zhou and Yiorgos Makris. 2016. Hardware-based workload forensics: Process reconstruction via TLB monitoring. In Proceedings of the IEEE International Symposium on Hardware Oriented Security and Trust (HOST’16). IEEE, Los Alamitos, CA, 167--172.Google ScholarGoogle ScholarCross RefCross Ref
  49. Liwei Zhou and Yiorgos Makris. 2017. Hardware-based on-line intrusion detection via system call routine fingerprinting. In Proceedings of the IEEE/ACM Design, Automation, and Test in Europe Conference and Exhibition (DATE’17). IEEE, Los Alamitos, CA, 1550--1555.Google ScholarGoogle ScholarCross RefCross Ref
  50. Liwei Zhou and Yiorgos Makris. 2018. Hardware-assisted rootkit detection via on-line statistical fingerprinting of process execution. In Proceedings of the IEEE/ACM Design, Automation, and Test in Europe Conference and Exhibition (DATE’18). IEEE, Los Alamitos, CA, 1580--1585.Google ScholarGoogle ScholarCross RefCross Ref
  51. Wei Zhou, Yan Jia, Anni Peng, Yuqing Zhang, and Peng Liu. 2018. The effect of IoT new features on security and privacy: New threats, existing solutions, and challenges yet to be solved. IEEE Internet of Things Journal 6, 2 (2018), 1606--1616.Google ScholarGoogle ScholarCross RefCross Ref

Index Terms

  1. An Experimental Analysis of Security Vulnerabilities in Industrial IoT Devices

          Recommendations

          Comments

          Login options

          Check if you have access through your login credentials or your institution to get full access on this article.

          Sign in

          Full Access

          • Published in

            cover image ACM Transactions on Internet Technology
            ACM Transactions on Internet Technology  Volume 20, Issue 2
            Special Section on Emotions in Conflictual Social Interactions and Regular Papers
            May 2020
            256 pages
            ISSN:1533-5399
            EISSN:1557-6051
            DOI:10.1145/3386441
            • Editor:
            • Ling Liu
            Issue’s Table of Contents

            Copyright © 2020 ACM

            Publisher

            Association for Computing Machinery

            New York, NY, United States

            Publication History

            • Published: 18 May 2020
            • Online AM: 7 May 2020
            • Accepted: 1 January 2020
            • Revised: 1 October 2019
            • Received: 1 March 2019
            Published in toit Volume 20, Issue 2

            Permissions

            Request permissions about this article.

            Request Permissions

            Check for updates

            Qualifiers

            • research-article
            • Research
            • Refereed

          PDF Format

          View or Download as a PDF file.

          PDF

          eReader

          View online with eReader.

          eReader

          HTML Format

          View this article in HTML Format .

          View HTML Format
          About Cookies On This Site

          We use cookies to ensure that we give you the best experience on our website.

          Learn more

          Got it!